The adversary is trying to get into your network. Initial Access consists of techniques that use various entry vectors to gain their initial foothold within a network. Techniques used to gain a foothold include targeted spearphishing and exploiting weaknesses on public-facing web servers. Footholds gained through initial access may allow for continued access, like valid accounts and use of external remote services, or may be limited-use due to changing passwords.
View in MITRE ATT&CK®| Technique ID | Technique Name | Number of Mappings | Number of Subtechniques |
|---|---|---|---|
| T1189 | Drive-by Compromise | 18 | 0 |
| T1190 | Exploit Public-Facing Application | 29 | 0 |
| T1133 | External Remote Services | 18 | 0 |
| T1200 | Hardware Additions | 5 | 0 |
| T1566 | Phishing | 12 | 3 |
| T1091 | Replication Through Removable Media | 10 | 0 |
| T1195 | Supply Chain Compromise | 8 | 3 |
| T1199 | Trusted Relationship | 8 | 0 |
| T1078 | Valid Accounts | 23 | 4 |