diff --git a/events/syscall/disallowed_ssh_connection_non_standard_port.go b/events/syscall/disallowed_ssh_connection_non_standard_port.go
index a7604916..98eb8cd9 100644
--- a/events/syscall/disallowed_ssh_connection_non_standard_port.go
+++ b/events/syscall/disallowed_ssh_connection_non_standard_port.go
@@ -15,18 +15,25 @@ limitations under the License.
 package syscall
 
 import (
-    "os/exec"
-    "github.com/falcosecurity/event-generator/events"
+	"github.com/falcosecurity/event-generator/events"
+	"os/exec"
 )
 
 var _ = events.Register(DisallowedSSHConnectionNonStandardPort)
 
 func DisallowedSSHConnectionNonStandardPort(h events.Helper) error {
-    // non_standard_port : 443
-    cmd := exec.Command("timeout", "1s", "ssh", "user@example.com", "-p", "443")
-    err := cmd.Run()
-    if err != nil {
-        return err
-    }
-    return nil
+	path, err := exec.LookPath("ssh")
+	if err != nil {
+		// If we don't have an SSH, just bail
+		return &events.ErrSkipped{
+			Reason: "ssh utility not found in path",
+		}
+	}
+	// non_standard_port : 443
+	cmd := exec.Command("timeout", "1s", path, "user@example.com", "-p", "443")
+	err = cmd.Run()
+	if err != nil {
+		return err
+	}
+	return nil
 }