diff --git a/rules/windows/network_connection/net_connection_win_dead_drop_resolvers.yml b/rules/windows/network_connection/net_connection_win_dead_drop_resolvers.yml
index 7f13585e3..a43fd9605 100644
--- a/rules/windows/network_connection/net_connection_win_dead_drop_resolvers.yml
+++ b/rules/windows/network_connection/net_connection_win_dead_drop_resolvers.yml
@@ -19,7 +19,7 @@ detection:
       - 'youtube.com'
       - 'technet.microsoft.com'
       - 'facebook.com'
-      - 'cloudflare.com'
+      - '.cloudflare.com'
       - 'docs.google.com'
       - 'steamcommunity.com'
       - 'reddit.com'
@@ -42,8 +42,11 @@ detection:
       - '\firefox.exe'
   filter_others:
       Image|endswith: 
-      - '\MsMpEng.exe'
-      - '\MsSense.exe'
+      - '\MsMpEng.exe' #Microsoft Defender executable
+      - '\MsSense.exe' #Windows Defender Advanced Threat Protection Service Executable
+      - '\PRTG Probe.exe' #Paessler's PRTG Network Monitor
+      - '\Engine.exe' #Process from qlik.com app
+      - '\msedgewebview2.exe' # related to Edge browser
   condition: selection and not 1 of filter*
 falsepositives:
   - One might need to exclude other internet browsers found in it's network or other applications like ones mentioned above from Microsoft Defender.