diff --git a/rules/falco_rules.yaml b/rules/falco_rules.yaml
index 52b5d8ec..08b4a1a3 100644
--- a/rules/falco_rules.yaml
+++ b/rules/falco_rules.yaml
@@ -1428,7 +1428,8 @@
 - macro: sensitive_mount
   condition: (container.mount.dest[/proc*] != "N/A" or
               container.mount.dest[/var/run/docker.sock] != "N/A" or
-              container.mount.dest[/var/lib/kubelet*] != "N/A" or
+              container.mount.dest[/var/lib/kubelet] != "N/A" or
+              container.mount.dest[/var/lib/kubelet/pki] != "N/A" or
               container.mount.dest[/] != "N/A" or
               container.mount.dest[/etc] != "N/A" or
               container.mount.dest[/root*] != "N/A")