Home
ATT&CK Techniques
T1204.001 Malicious Link

T1204.001 Malicious Link Mappings

An adversary may rely upon a user clicking a malicious link in order to gain execution. Users may be subjected to social engineering to get them to click on a link that will lead to code execution. This user action will typically be observed as follow-on behavior from Spearphishing Link. Clicking on a link may also lead to other execution techniques such as exploitation of a browser or application vulnerability via Exploitation for Client Execution. Links may also lead users to download files that require execution via Malicious File.

View in MITRE ATT&CK®

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name
AC-04	Information Flow Enforcement	Protects	T1204.001	Malicious Link
CA-07	Continuous Monitoring	Protects	T1204.001	Malicious Link
CM-02	Baseline Configuration	Protects	T1204.001	Malicious Link
CM-06	Configuration Settings	Protects	T1204.001	Malicious Link
CM-07	Least Functionality	Protects	T1204.001	Malicious Link
SC-44	Detonation Chambers	Protects	T1204.001	Malicious Link
SC-07	Boundary Protection	Protects	T1204.001	Malicious Link
SI-02	Flaw Remediation	Protects	T1204.001	Malicious Link
SI-03	Malicious Code Protection	Protects	T1204.001	Malicious Link
SI-04	System Monitoring	Protects	T1204.001	Malicious Link
SI-08	Spam Protection	Protects	T1204.001	Malicious Link
M365-DEF-ZAP-E3	Zero Hour Auto Purge	Technique Scores	T1204.001	Malicious Link
DEF-SecScore-E3	Secure Score	Technique Scores	T1204.001	Malicious Link
DO365-SL-E3	Safe Links	Technique Scores	T1204.001	Malicious Link
DEF-Quarantine-E3	Quarantine Policies	Technique Scores	T1204.001	Malicious Link
DO365-PSP-E3	Preset Security Policies	Technique Scores	T1204.001	Malicious Link
DEF-SIM-E5	ATT&CK Simulation Training	Technique Scores	T1204.001	Malicious Link
DEF-SIM-E5	ATT&CK Simulation Training	Technique Scores	T1204.001	Malicious Link
DEF-AIR-E5	Automated Investigation and Response	Technique Scores	T1204.001	Malicious Link