ATT&CK in Action #10: T1562 Impair Defenses with Palo Alto Networks

Top 10 Technique - Other Images-6

In the last episode of ATT&CK in Action Webinar series, Alex Hinchliffe from Palo Alto Networks joined Picus and we talked about T1562 Impair Defenses (T1089 Disabling Security Tools in the previous ATT&CK version) as the 10th most commonly used technique by adversaries in 2019!

Watch the episode where we talked about:

  • How do adversaries leverage the 'T1562 Impair Defenses' technique into their targets?
  • What are the significant benefits that Impair Defenses technique provides for adversaries?
  • What are the use cases by threat actors and their malware?
  • How do Red Teams simulate this technique?
  • How do Blue Teams detect this technique?
  • How can you test T1562 Impair Defenses with Picus in your environment?

Picus Labs, the research arm of Picus Security, analyzed around 50.000 malware samples in the last year to determine TTPs used by adversaries in these malicious files.  As a result of the comprehensive analysis of tens of thousands of real-world threat samples collected from numerous sources, Picus unrevealed the “Picus 10 Critical MITRE ATT&CK Techniques” to help you focus on what significantly improves your security.


Dr. Süleyman Özarslan

Co-Founder, VP of Picus Labs, Picus

Alex Hinchliffe

Threat Intelligence Analyst at Unit 42, Palo Alto Networks

Dr. Carlo Tarantini

Product Marketing Manager, Picus

Watch Now!