216.73.217.22

T1418.001: Security Software Discovery

View on MITRE ATT&CK The MITRE Corporation · Published 17/12/2025 22:47 · Modified 27/03/2026 01:41

Essential information

MITRE technique ID
T1418.001
Confidence
100/100
Revoked
No
Published
17/12/2025 22:47
Modified
27/03/2026 01:41
Author / Source
The MITRE Corporation

Platforms

android iOS

Description

Adversaries may attempt to get a listing of security applications and configurations that are installed on a device. This may include things such as mobile security products. Adversaries may use the information from [Security Software Discovery](https://attack.mitre.org/techniques/T1418/001) during automated discovery to shape follow-on behaviors, including whether or not to fully infect the target and/or attempt specific actions.

Kill chain phases

Kill chainPhase
mitre-mobile-attack discovery

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references

Related entities

Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.