diff --git a/apparmor.d/profiles-s-z/yara b/apparmor.d/profiles-s-z/yara
new file mode 100644
index 000000000..b011019b0
--- /dev/null
+++ b/apparmor.d/profiles-s-z/yara
@@ -0,0 +1,30 @@
+# apparmor.d - Full set of apparmor profiles
+# Copyright (C) 2025 Zane Zakraisek <zz@eng.utah.edu>
+# SPDX-License-Identifier: GPL-2.0-only
+
+abi <abi/4.0>,
+
+include <tunables/global>
+include <tunables/booleans>
+
+@{exec_path} = {/usr,}/bin/yara
+profile yara @{exec_path} {
+  include <abstractions/base>
+
+  @{exec_path} mr,
+
+  capability dac_override dac_read_search,
+
+  if $ANTIVIRUS_CAN_PTRACE {
+    ptrace (read, trace),
+    capability sys_ptrace,
+  }
+
+  /{,**} r,
+
+  deny capability sys_admin,
+
+  include if exists <local/yara>
+}
+
+# vim:syntax=apparmor
diff --git a/apparmor.d/tunables/booleans b/apparmor.d/tunables/booleans
new file mode 100644
index 000000000..d9086bc46
--- /dev/null
+++ b/apparmor.d/tunables/booleans
@@ -0,0 +1,9 @@
+##################################################
+# Allows AV programs to scan memory using ptrace
+# functionality.
+#
+# This grants read and trace permissions.
+#
+# Default: false
+##################################################
+$ANTIVIRUS_CAN_PTRACE = false