ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Disable or interfere with security controls
VERIS
action.malware.variety.Disable controls
Mappings
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1006
Direct Volume Access
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1027
Obfuscated Files or Information
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1563
Remote Service Session Hijacking
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1111
Multi-Factor Authentication Interception
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1095
Non-Application Layer Protocol
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1499
Endpoint Denial of Service
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1059.011
Lua
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1036
Masquerading
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1505.004
IIS Components
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.007
Disable or Modify Cloud Firewall
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1195.002
Compromise Software Supply Chain
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1568
Dynamic Resolution
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1074.001
Local Data Staging
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1622
Debugger Evasion
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1212
Exploitation for Credential Access
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1222
File and Directory Permissions Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1222.001
Windows File and Directory Permissions Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1222.002
Linux and Mac File and Directory Permissions Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1490
Inhibit System Recovery
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497
Virtualization/Sandbox Evasion
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497.001
System Checks
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497.002
User Activity Based Checks
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497.003
Time Based Evasion
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553
Subvert Trust Controls
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.001
Gatekeeper Bypass
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.002
Code Signing
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.003
SIP and Trust Provider Hijacking
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.004
Install Root Certificate
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.005
Mark-of-the-Web Bypass
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.006
Code Signing Policy Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562
Impair Defenses
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.001
Disable or Modify Tools
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.002
Disable Windows Event Logging
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.003
Impair Command History Logging
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.004
Disable or Modify System Firewall
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.006
Indicator Blocking
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.007
Disable or Modify Cloud Firewall
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.008
Disable or Modify Cloud Logs
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.011
Spoof Security Alerting
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1562.012
Disable or Modify Linux Audit System
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1574.012
COR_PROFILER
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1600
Weaken Encryption
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1600.001
Reduce Key Space
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1600.002
Disable Crypto Hardware
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1601
Modify System Image
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1601.001
Patch System Image
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1601.002
Downgrade System Image