From c4b71b76ab7181abeba7576b1c2d03ea08bb26d2 Mon Sep 17 00:00:00 2001
From: BlueTeamOps <1480956+blueteam0ps@users.noreply.github.com>
Date: Fri, 29 Jan 2021 17:43:42 +1100
Subject: [PATCH] Updated the defense evasion page

List all the disabled security products using Windows Security Center
---
 docs/tactics/defense_evasion.md | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/docs/tactics/defense_evasion.md b/docs/tactics/defense_evasion.md
index 8c2250e..80cc699 100644
--- a/docs/tactics/defense_evasion.md
+++ b/docs/tactics/defense_evasion.md
@@ -1,2 +1,11 @@
 Defense Evasion
-=========================================
\ No newline at end of file
+=========================================
+## Disabled security products 
+**Description:** List all the disabled security products.
+
+**Author:** [Janantha Marasinghe](https://medium.com/@blueteamops)
+
+**Query:** 
+
+```SELECT * FROM windows_security_products WHERE state = 'Off';
+```