diff --git a/charts/kubescape-operator/templates/node-agent/default-rule-binding-namespaced.yaml b/charts/kubescape-operator/templates/node-agent/default-rule-binding-namespaced.yaml
index 976e0029..e4fa4298 100644
--- a/charts/kubescape-operator/templates/node-agent/default-rule-binding-namespaced.yaml
+++ b/charts/kubescape-operator/templates/node-agent/default-rule-binding-namespaced.yaml
@@ -21,7 +21,7 @@ spec:
     - ruleName: "Exec from malicious source"
     - ruleName: "Kernel Module Load"
     - ruleName: "Exec Binary Not In Base Image"
-    - ruleName: "Malicious SSH Connection"
+    # - ruleName: "Malicious SSH Connection"
     - ruleName: "Fileless Execution"
     - ruleName: "XMR Crypto Mining Detection"
     - ruleName: "Exec from mount"
@@ -34,6 +34,6 @@ spec:
     - ruleName: "Hardlink Created Over Sensitive File"
     - ruleName: "Exec to pod"
     - ruleName: "Port forward"
-    - ruleName: "Unexpected Egress Network Traffic"
+    # - ruleName: "Unexpected Egress Network Traffic"
     - ruleName: "Malicious Ptrace Usage"
 {{- end }}
diff --git a/charts/kubescape-operator/templates/node-agent/default-rule-binding.yaml b/charts/kubescape-operator/templates/node-agent/default-rule-binding.yaml
index 8def0af0..e4708e29 100644
--- a/charts/kubescape-operator/templates/node-agent/default-rule-binding.yaml
+++ b/charts/kubescape-operator/templates/node-agent/default-rule-binding.yaml
@@ -39,7 +39,7 @@ spec:
     - ruleName: "Exec from malicious source"
     - ruleName: "Kernel Module Load"
     - ruleName: "Exec Binary Not In Base Image"
-    - ruleName: "Malicious SSH Connection"
+    # - ruleName: "Malicious SSH Connection"
     - ruleName: "Fileless Execution"
     - ruleName: "XMR Crypto Mining Detection"
     - ruleName: "Exec from mount"
@@ -52,6 +52,6 @@ spec:
     - ruleName: "Hardlink Created Over Sensitive File"
     - ruleName: "Exec to pod"
     - ruleName: "Port forward"
-    - ruleName: "Unexpected Egress Network Traffic"
+    # - ruleName: "Unexpected Egress Network Traffic"
     - ruleName: "Malicious Ptrace Usage"
 {{- end }}
diff --git a/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap b/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap
index e1ff2f26..74a35f0f 100644
--- a/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap
+++ b/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap
@@ -2802,7 +2802,6 @@ all capabilities:
         - ruleName: Exec from malicious source
         - ruleName: Kernel Module Load
         - ruleName: Exec Binary Not In Base Image
-        - ruleName: Malicious SSH Connection
         - ruleName: Fileless Execution
         - ruleName: XMR Crypto Mining Detection
         - ruleName: Exec from mount
@@ -2815,7 +2814,6 @@ all capabilities:
         - ruleName: Hardlink Created Over Sensitive File
         - ruleName: Exec to pod
         - ruleName: Port forward
-        - ruleName: Unexpected Egress Network Traffic
         - ruleName: Malicious Ptrace Usage
   51: |
     apiVersion: networking.k8s.io/v1
@@ -8252,7 +8250,6 @@ default capabilities:
         - ruleName: Exec from malicious source
         - ruleName: Kernel Module Load
         - ruleName: Exec Binary Not In Base Image
-        - ruleName: Malicious SSH Connection
         - ruleName: Fileless Execution
         - ruleName: XMR Crypto Mining Detection
         - ruleName: Exec from mount
@@ -8265,7 +8262,6 @@ default capabilities:
         - ruleName: Hardlink Created Over Sensitive File
         - ruleName: Exec to pod
         - ruleName: Port forward
-        - ruleName: Unexpected Egress Network Traffic
         - ruleName: Malicious Ptrace Usage
   41: |
     apiVersion: networking.k8s.io/v1