ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 19.1 Enterprise and VERIS 1.4.1.
Change versions here.
Home
Mapping Frameworks
VERIS Home
Disable or interfere with security controls
VERIS
action.malware.variety.Disable controls
Mappings
ATT&CK Version
19.1
ATT&CK Domain
Enterprise
VERIS
1.4.1
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1006
Direct Volume Access
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1027
Obfuscated Files or Information
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1563
Remote Service Session Hijacking
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1111
Multi-Factor Authentication Interception
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1095
Non-Application Layer Protocol
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1499
Endpoint Denial of Service
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1059.011
Lua
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1036
Masquerading
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1505.004
IIS Components
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1195.002
Compromise Software Supply Chain
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1568
Dynamic Resolution
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1074.001
Local Data Staging
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1622
Debugger Evasion
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1212
Exploitation for Credential Access
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1222
File and Directory Permissions Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1222.001
Windows Permissions
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1222.002
Linux and Mac Permissions
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1490
Inhibit System Recovery
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497
Virtualization/Sandbox Evasion
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497.001
System Checks
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497.002
User Activity Based Checks
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1497.003
Time Based Checks
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553
Subvert Trust Controls
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.001
Gatekeeper Bypass
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.002
Code Signing
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.003
SIP and Trust Provider Hijacking
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.004
Install Root Certificate
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.005
Mark-of-the-Web Bypass
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1553.006
Code Signing Policy Modification
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1685.001
Disable or Modify Windows Event Log
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1690
Prevent Command History Logging
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1686
Disable or Modify System Firewall
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1685
Disable or Modify Tools
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1686.001
Cloud Firewall
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1685.002
Disable or Modify Cloud Log
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1685.004
Disable or Modify Linux Audit System Log
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1574.012
COR_PROFILER
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1600
Weaken Encryption
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1600.001
Reduce Key Space
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1600.002
Disable Crypto Hardware
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1601
Modify System Image
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1601.001
Patch System Image
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1601.002
Downgrade System Image
action.malware.variety.Disable controls
Disable or interfere with security controls
related-to
T1685.003
Modify or Spoof Tool UI
