diff --git a/scanners/nmap/parser/parser.js b/scanners/nmap/parser/parser.js
index 91019e0aa2..e53d533b50 100644
--- a/scanners/nmap/parser/parser.js
+++ b/scanners/nmap/parser/parser.js
@@ -36,6 +36,7 @@ function transformToFindings(hosts) {
           serviceProduct: openPort.serviceProduct || null,
           serviceVersion: openPort.serviceVersion || null,
           scripts: openPort.scriptOutputs || null,
+          tunnel: openPort.tunnel || null,
         },
       };
     });
diff --git a/scanners/sslyze/cascading-rules/ftps.yaml b/scanners/sslyze/cascading-rules/ftps.yaml
index 2e8964ed6a..a203bbfc50 100644
--- a/scanners/sslyze/cascading-rules/ftps.yaml
+++ b/scanners/sslyze/cascading-rules/ftps.yaml
@@ -12,6 +12,15 @@ spec:
         attributes:
           port: 990
           state: open
+      - category: "Open Port"
+        attributes:
+          service: "ftps"
+          state: open
+      - category: "Open Port"
+        attributes:
+          service: "ftp"
+          tunnel: "ssl"
+          state: open
   scanSpec:
     scanType: "sslyze"
     parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"]
diff --git a/scanners/sslyze/cascading-rules/https.yaml b/scanners/sslyze/cascading-rules/https.yaml
index ad7755a684..879925e661 100644
--- a/scanners/sslyze/cascading-rules/https.yaml
+++ b/scanners/sslyze/cascading-rules/https.yaml
@@ -26,8 +26,9 @@ spec:
           state: open
       - category: "Open Port"
         attributes:
-          service: "ssl/http"
-          state: open
+          service: "http"
+          tunnel: "ssl"
+          state: "open"
   scanSpec:
     scanType: "sslyze"
     parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"]
diff --git a/scanners/sslyze/cascading-rules/ldaps.yaml b/scanners/sslyze/cascading-rules/ldaps.yaml
index 091f93c107..790adaddbf 100644
--- a/scanners/sslyze/cascading-rules/ldaps.yaml
+++ b/scanners/sslyze/cascading-rules/ldaps.yaml
@@ -12,6 +12,10 @@ spec:
         attributes:
           port: 636
           state: open
+      - category: "Open Port"
+        attributes:
+          service: "ldapssl"
+          state: open
   scanSpec:
     scanType: "sslyze"
     parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"]
diff --git a/scanners/sslyze/cascading-rules/mail.yaml b/scanners/sslyze/cascading-rules/mail.yaml
index 33905d0dde..eb0f1c72e3 100644
--- a/scanners/sslyze/cascading-rules/mail.yaml
+++ b/scanners/sslyze/cascading-rules/mail.yaml
@@ -16,6 +16,11 @@ spec:
         attributes:
           service: "smtps"
           state: open
+      - category: "Open Port"
+        attributes:
+          service: "smtp"
+          tunnel: "ssl"
+          state: open
   scanSpec:
     scanType: "sslyze"
     parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"]
@@ -38,6 +43,11 @@ spec:
         attributes:
           service: "pop3s"
           state: open
+      - category: "Open Port"
+        attributes:
+          service: "pop3"
+          tunnel: "ssl"
+          state: open
   scanSpec:
     scanType: "sslyze"
     parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"]
@@ -60,6 +70,11 @@ spec:
         attributes:
           service: "imaps"
           state: open
+      - category: "Open Port"
+        attributes:
+          service: "imap"
+          tunnel: "ssl"
+          state: open
   scanSpec:
     scanType: "sslyze"
     parameters: ["--regular", "{{$.hostOrIP}}:{{attributes.port}}"]