diff --git a/rules/falco_rules.yaml b/rules/falco_rules.yaml
index 9d8fb6a8..0d96c832 100644
--- a/rules/falco_rules.yaml
+++ b/rules/falco_rules.yaml
@@ -816,7 +816,8 @@
               (user.name=_apt and evt.arg.uid=_apt) or
               (user.name=postfix and evt.arg.uid=postfix) or
               (user.name=pki-agent and evt.arg.uid=pki-agent) or
-              (user.name=pki-acme and evt.arg.uid=pki-acme))
+              (user.name=pki-acme and evt.arg.uid=pki-acme) or
+              (user.name=nfsnobody and evt.arg.uid=nfsnobody))
 
 # sshd, mail programs attempt to setuid to root even when running as non-root. Excluding here to avoid meaningless FPs
 - rule: Non sudo setuid