Two minutes on… Initial Access

As the saying goes, “a small leak will sink a great ship.” This applies to many aspects of cybersecurity, but none better than the third phase of the MITRE ATT&CK Matrix; Initial Access. The first stage of exploitation is gaining initial access, and this can be reached via numerous techniques that include drive-by compromise, phishing, supply chain compromise and more. Once in, attackers can move laterally within networks, live off the land, and wreak havoc until the organizations finally realizes the damage has been done.

As work-from-home policies have become the norm, threat surfaces have drastically expanded and created a bevy of opportunities for threat actors to achieve initial access. Couple that with organizations’ focus on detecting threats rather than preventing them altogether, and the result is a threat landscape that attackers are thriving in more than ever before.

In less than two minutes, Menlo EMEA Sales Engineer, Tom McVey, takes a threat actor’s point of view and breaks down the inner workings of initial access and why digital miscreants place a heavy emphasis on it by leveraging evasive web threats.