diff --git a/atomics/T1562.001/T1562.001.yaml b/atomics/T1562.001/T1562.001.yaml
index 116aa7af..d04bc2f6 100644
--- a/atomics/T1562.001/T1562.001.yaml
+++ b/atomics/T1562.001/T1562.001.yaml
@@ -574,17 +574,6 @@ atomic_tests:
       cmd /c #{DefenderControlExe} /E | Out-Null
     name: powershell
     elevation_required: true
-- name: Disable Windows Defender Tamper Protection
-  auto_generated_guid: 5fde6578-9419-46ef-9258-269dc8656c3e
-  description: Disabling Windows Defender tamper protection to allow attacks such as [Process Doppleganging](https://medium.com/cyber-unbound/process-doppelg%C3%A4nging-684bdd6b760f). Tamper Protection will be disabled after the next reboot.
-  supported_platforms:
-  - windows
-  executor:
-    command: |-
-      New-Item -Path 'Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Feature'
-      New-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Feature' -name 'TamperData' -value 0
-    cleanup_command: Set-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Feature' -name 'TamperData' -value 1
-    name: powershell
 - name: Disable Defender Using NirSoft AdvancedRun
   auto_generated_guid: 81ce22fd-9612-4154-918e-8a1f285d214d
   description: |