CAPEC 571 Block Logging to Central Repository

Description

🇬🇧 English Original 🇮🇹 Italiano AI Translated

{'xhtml:p': 'An adversary prevents host-generated logs being delivered to a central location in an attempt to hide indicators of compromise.'}

AI Generated Translation

<xhtml:p>Un avversario impedisce che i log generati dall'host vengano consegnati a una posizione centrale nel tentativo di nascondere indicatori di compromissione.</xhtml:p>

Consequences

Consequence Information

{'impacts': [], 'impacts_translate': [], 'scopes': [], 'scopes_translate': []}

Relationships

Parent CAPECs

CAPEC-161

Related ATT&CK Techniques

3

T1562.002

Disable Windows Event Logging

Adversaries may disable Windows event logging to limit data that can be leveraged for detections and audits. Windows event logs …

T1562.006

Indicator Blocking

An adversary may attempt to block indicators or events typically captured by sensors from being gathered and analyzed. This could …

T1562.008

Disable or Modify Cloud Logs

An adversary may disable or modify cloud logging capabilities and integrations to limit what data is collected on their activities …