diff --git a/atomics/T1003.001/T1003.001.yaml b/atomics/T1003.001/T1003.001.yaml
index 76538175..b4f36699 100644
--- a/atomics/T1003.001/T1003.001.yaml
+++ b/atomics/T1003.001/T1003.001.yaml
@@ -353,6 +353,7 @@ atomic_tests:
     name: powershell
     elevation_required: true
 - name: Dump LSASS.exe using lolbin rdrleakdiag.exe
+  auto_generated_guid: 47a539d1-61b9-4364-bf49-a68bc2a95ef0
   description: |
     The memory of lsass.exe is often dumped for offline credential theft attacks. 
     This can be achieved with lolbin rdrleakdiag.exe. 
diff --git a/atomics/T1518.001/T1518.001.yaml b/atomics/T1518.001/T1518.001.yaml
index 6f3b0a1b..c7c5d1b6 100644
--- a/atomics/T1518.001/T1518.001.yaml
+++ b/atomics/T1518.001/T1518.001.yaml
@@ -99,6 +99,7 @@ atomic_tests:
     name: command_prompt
     elevation_required: true
 - name: Security Software Discovery - AV Discovery via Get-CimInstance and Get-WmiObject cmdlets
+  auto_generated_guid: 015cd268-996e-4c32-8347-94c80c6286ee
   description: |
     Discovery of installed antivirus products via Get-CimInstance and Get-WmiObject cmdlets of powershell.
 
@@ -112,6 +113,7 @@ atomic_tests:
     name: command_prompt 
     elevation_required: true
 - name: Security Software Discovery - Windows Defender Enumeration
+  auto_generated_guid: d3415a0e-66ef-429b-acf4-a768876954f6
   description: |
     Windows Defender Enumeration via different built-in windows native tools.
     when sucessfully executed, information about windows defender is displayed.
@@ -125,6 +127,7 @@ atomic_tests:
     name: powershell 
     elevation_required: true
 - name: Security Software Discovery - Windows Firewall Enumeration
+  auto_generated_guid: 9dca5a1d-f78c-4a8d-accb-d6de67cfed6b
   description: |
     Enumerates windows firewall to retrieves firewall rules from the target computer.
 
diff --git a/atomics/used_guids.txt b/atomics/used_guids.txt
index aad17111..87e34ca1 100644
--- a/atomics/used_guids.txt
+++ b/atomics/used_guids.txt
@@ -1399,3 +1399,7 @@ f2f91612-d904-49d7-87c2-6c165d23bead
 00682c9f-7df4-4df8-950b-6dcaaa3ad9af
 85f3a526-4cfa-4fe7-98c1-dea99be025c7
 93ca40d2-336c-446d-bcef-87f14d438018
+47a539d1-61b9-4364-bf49-a68bc2a95ef0
+015cd268-996e-4c32-8347-94c80c6286ee
+d3415a0e-66ef-429b-acf4-a768876954f6
+9dca5a1d-f78c-4a8d-accb-d6de67cfed6b