Learn how hybrid work is fueling ransomware attacks and what to do about it.

Back to blog

Two minutes on… Initial Access

Marcos Colon | Nov 15, 2022

illustration of bug with text two minutes on initial access

Share this article

As the saying goes, “a small leak will sink a great ship.” This applies to many aspects of cybersecurity, but none better than the third phase of the MITRE ATT&CK Matrix; Initial Access. The first stage of exploitation is gaining initial access, and this can be reached via numerous techniques that include drive-by compromise, phishing, supply chain compromise and more. Once in, attackers can move laterally within networks, live off the land, and wreak havoc until the organizations finally realizes the damage has been done.

As work-from-home policies have become the norm, threat surfaces have drastically expanded and created a bevy of opportunities for threat actors to achieve initial access. Couple that with organizations’ focus on detecting threats rather than preventing them altogether, and the result is a threat landscape that attackers are thriving in more than ever before.

In less than two minutes, Menlo EMEA Sales Engineer, Tom McVey, takes a threat actor’s point of view and breaks down the inner workings of initial access and why digital miscreants place a heavy emphasis on it by leveraging evasive web threats.

Share this article

Make the secure way to work the only way to work.

To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.