| Name | Disable Security Software |
| Summary | An adversary exploits a weakness in access control to disable security tools so that detection does not occur. This can take the form of killing processes, deleting registry keys so that tools do not start at run time, deleting log files, or other methods. |
| Prerequisites | The adversary must have the capability to interact with the configuration of the targeted system. |
| Solutions | Ensure proper permissions are in place to prevent adversaries from altering the execution status of security tools. |
| Related Weaknesses |
| CWE ID | Description |
| CWE-284 | Improper Access Control |
|
