diff --git a/atomics/T1562.001/T1562.001.yaml b/atomics/T1562.001/T1562.001.yaml
index 3b9f1afb..f040979d 100644
--- a/atomics/T1562.001/T1562.001.yaml
+++ b/atomics/T1562.001/T1562.001.yaml
@@ -1358,3 +1358,15 @@ atomic_tests:
       Write-Output "File deleted: $edrFreezeExe"
     name: powershell
     elevation_required: true
+- name: Disable ASLR Via sysctl parameters - Linux
+  auto_generated_guid: 
+  description: Detects Execution of the `sysctl` command to set `kernel.randomize_va_space=0` which disables Address Space Layout Randomization (ASLR) in Linux.
+  supported_platforms:
+  - linux
+  executor:
+    command: |
+      sysctl -w kernel.randomize_va_space=0
+    cleanup_command: |
+      sysctl -w kernel.randomize_va_space=2
+    name: bash
+    elevation_required: true