Preventions
- ID: PV033
- Created: 24th July 2024
- Updated: 24th July 2024
- Platforms: Windows, Linux, MacOS
- Contributor: Ismael Briones-Vilar
Native Anti-Tampering Protections
Commercial security software may include native anti-tampering protections that prevent attempts to interfere with its operations, such as deleting or renaming required files.
Sections
| ID | Name | Description |
|---|---|---|
| PR018 | Circumventing Security Controls | A subject abuses their access or conducts unapproved changes to circumvent host-based security controls. |
| PR018.006 | Impairing an Anti-Virus Solution | A subject abuses their access or conducts unapproved changes to impair the effectiveness of an anti-virus solution, such as causing it to crash or killing any associated system processes. |
| PR018.005 | Uninstalling an Anti-Virus Solution | A subject abuses their access or conducts unapproved changes by uninstalling the anti-virus solution installed on a system. |
| PR018.002 | Impairing a Security Agent | A subject abuses their access or conducts unapproved changes to impair the effectiveness of a security agent, such as causing it to crash or killing any associated system processes. |
| PR018.001 | Uninstalling a Security Agent | A subject abuses their access or conducts unapproved changes to uninstall a security agent that is present on a system. |