Skip to content

T1685: Disable or Modify Tools

T1685: Disable or Modify Tools

Adversaries may disable, degrade, or tamper with security tools or applications (e.g., endpoint detection and response (EDR) tools, intrusion detection systems (IDS), antivirus, logging agents, sensors, etc.) to impair or reduce visibility of defensive capabilities. This may include stopping spec...

View on MITRE ATT&CK →