This site has been deprecated in favor of and will remain in place until 11/1/22.

Restrict Web-Based Content

From attackics
Jump to navigation Jump to search
Restrict Web-Based Content
ID M0921
NIST SP 800-53 Rev. 4 SC-18
IEC 62443-3-3:2013 SR 2.4
IEC 62443-4-2:2019 HDR 2.4


Restrict use of certain websites, block downloads/attachments, block Javascript, restrict browser extensions, etc.

Techniques Addressed by Mitigation

Drive-by CompromiseRestrict browsers to limit the capabilities of malicious ads and Javascript.
Spearphishing AttachmentConsider restricting access to email within critical process environments. Additionally, downloads and attachments may be disabled if email is still necessary.
User ExecutionIf a link is being visited by a user, block unknown or unused files in transit by default that should not be downloaded or by policy from suspicious sites as a best practice to prevent some vectors, such as .scr, .exe, .pif, .cpl, etc. Some download scanning devices can open and analyze compressed and encrypted formats, such as zip and rar that may be used to conceal malicious files.