diff --git a/pkg/rules/sequence.go b/pkg/rules/sequence.go
index 28f181882..38a8144c5 100644
--- a/pkg/rules/sequence.go
+++ b/pkg/rules/sequence.go
@@ -538,12 +538,19 @@ func (s *sequenceState) expire(e *kevent.Kevent) bool {
 		// process spawned by CreateProcess, and it pertains
 		// to the final sequence slot, it is safe to expire
 		// the whole sequence
+		pid := rhs.Kparams.MustGetPid()
 		if lhs.Type == ktypes.CreateProcess && isFinalSlot {
-			p1, _ := lhs.Kparams.GetPid()
-			p2, _ := rhs.Kparams.GetPid()
-			return p1 == p2
+			return lhs.Kparams.MustGetPid() == pid
+		}
+		if lhs.Type == ktypes.CreateThread {
+			// if the pids differ, the thread
+			// is created in a remote process.
+			// Sequence can be expired only if
+			// the remote process terminates
+			if lhs.PID != lhs.Kparams.MustGetPid() {
+				return lhs.Kparams.MustGetPid() == pid
+			}
 		}
-		pid, _ := rhs.Kparams.GetPid()
 		return lhs.PID == pid
 	}
 	s.mu.Lock()