{"description": "ICS techniques mitigated by Restrict Web-Based Content, ATT&CK mitigation M0921 (v1.0)", "name": "Restrict Web-Based Content (M0921)", "domain": "ics-attack", "versions": {"layer": "4.5", "attack": "17", "navigator": "5.1.0"}, "techniques": [{"techniqueID": "T0817", "comment": "Restrict browsers to limit the capabilities of malicious ads and Javascript.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0865", "comment": "Consider restricting access to email within critical process environments. Additionally, downloads and attachments may be disabled if email is still necessary.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0863", "comment": "If a link is being visited by a user, block unknown or unused files in transit by default that should not be downloaded or by policy from suspicious sites as a best practice to prevent some vectors, such as .scr, .exe, .pif, .cpl, etc. Some download scanning devices can open and analyze compressed and encrypted formats, such as zip and rar that may be used to conceal malicious files.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "mitigated by Restrict Web-Based Content", "color": "#66b1ff"}]}