The adversary is trying to get into your network. Initial Access consists of techniques that use various entry vectors to gain their initial foothold within a network. Techniques used to gain a foothold include targeted spearphishing and exploiting weaknesses on public-facing web servers. Footholds gained through initial access may allow for continued access, like valid accounts and use of external remote services, or may be limited-use due to changing passwords.
View in MITRE ATT&CK®| Technique ID | Technique Name | Number of Mappings | Number of Subtechniques |
|---|---|---|---|
| T1133 | External Remote Services | 56 | 0 |
| T1091 | Replication Through Removable Media | 15 | 0 |
| T1195 | Supply Chain Compromise | 39 | 3 |
| T1190 | Exploit Public-Facing Application | 78 | 0 |
| T1659 | Content Injection | 12 | 0 |
| T1199 | Trusted Relationship | 25 | 0 |
| T1566 | Phishing | 37 | 4 |
| T1078 | Valid Accounts | 72 | 4 |
| T1200 | Hardware Additions | 13 | 0 |
| T1189 | Drive-by Compromise | 35 | 0 |