diff --git a/atomics/T1518/T1518.yaml b/atomics/T1518/T1518.yaml
new file mode 100644
index 00000000..f48643c1
--- /dev/null
+++ b/atomics/T1518/T1518.yaml
@@ -0,0 +1,18 @@
+---
+attack_technique: T1518
+display_name: Software Discovery	
+
+atomic_tests:
+- name: Find and Display Iinternet Explorer Browser Version
+  description: |
+    Adversaries may attempt to get a listing of non-security related software that is installed on the system. Adversaries may use the information from Software Discovery during automated discovery to shape follow-on behaviors
+
+  supported_platforms:
+    - windows
+
+  executor:
+    name: command_prompt
+    elevation_required: false # indicates whether command must be run with admin privileges. If the elevation_required attribute is not defined, the value is assumed to be false
+    command: | # these are the actaul attack commands, at least one command must be provided
+      reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer" /v svcVersion
+