Home > CAPEC List > CAPEC-578: Disable Security Software (Version 2.11)  

CAPEC-578: Disable Security Software

 
Disable Security Software
Definition in a New Window Definition in a New Window
Attack Pattern ID: 578
Abstraction: Standard
Status: Draft
Completeness: Stub
Presentation Filter:
+ Summary

Adversaries may disable security tools so that detection does not occur. This can take the form of killing processes, deleting registry keys so that tools do not start at run time, deleting log files, or other methods.

+ Solutions and Mitigations

Ensure proper registry and file permissions are in place.

+ References
[R.578.1] ATT&CK Project. "Disabling Security Tools". MITRE. <https://attack.mitre.org/wiki/Disabling_security_tools>.
+ Content History
Submissions
SubmitterOrganizationDateSource
CAPEC Content TeamThe MITRE Corporation2015-11-09Internal_CAPEC_Team

More information is available — Please select a different filter.
Page Last Updated or Reviewed: July 31, 2017