diff --git a/checks/cloud/nifcloud/computing/no_public_ingress_sgr.rego b/checks/cloud/nifcloud/computing/no_public_ingress_sgr.rego
index f0639d2c..82cd9872 100644
--- a/checks/cloud/nifcloud/computing/no_public_ingress_sgr.rego
+++ b/checks/cloud/nifcloud/computing/no_public_ingress_sgr.rego
@@ -38,6 +38,6 @@ deny contains res if {
 	some sg in input.nifcloud.computing.securitygroups
 	some rule in sg.ingressrules
 	cidr.is_public(rule.cidr.value)
-	cidr.count_addresses(rule.cidr.value) > 0
+	cidr.count_addresses(rule.cidr.value) > 1
 	res := result.new("Security group rule allows ingress from public internet.", rule.cidr)
 }