ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Disable or interfere with security controls
VERIS
action.malware.variety.Disable controls
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1006
Direct Volume Access
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1027
Obfuscated Files or Information
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1563
Remote Service Session Hijacking
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1111
Multi-Factor Authentication Interception
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1095
Non-Application Layer Protocol
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1499
Endpoint Denial of Service
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1059.011
Lua
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1036
Masquerading
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1505.004
IIS Components
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.007
Disable or Modify Cloud Firewall
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1195.002
Compromise Software Supply Chain
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1568
Dynamic Resolution
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1074.001
Local Data Staging
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1622
Debugger Evasion
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1212
Exploitation for Credential Access
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1222
File and Directory Permissions Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1222.001
Windows File and Directory Permissions Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1222.002
Linux and Mac File and Directory Permissions Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1490
Inhibit System Recovery
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497
Virtualization/Sandbox Evasion
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497.001
System Checks
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497.002
User Activity Based Checks
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497.003
Time Based Evasion
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553
Subvert Trust Controls
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.001
Gatekeeper Bypass
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.002
Code Signing
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.003
SIP and Trust Provider Hijacking
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.004
Install Root Certificate
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.005
Mark-of-the-Web Bypass
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.006
Code Signing Policy Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562
Impair Defenses
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.001
Disable or Modify Tools
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.002
Disable Windows Event Logging
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.003
Impair Command History Logging
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.004
Disable or Modify System Firewall
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.006
Indicator Blocking
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.007
Disable or Modify Cloud Firewall
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.008
Disable or Modify Cloud Logs
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.011
Spoof Security Alerting
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.012
Disable or Modify Linux Audit System
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1574.012
COR_PROFILER
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1600
Weaken Encryption
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1600.001
Reduce Key Space
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1600.002
Disable Crypto Hardware
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1601
Modify System Image
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1601.001
Patch System Image
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1601.002
Downgrade System Image
