Keith W. McCammonMar 25, 2023

Fun with vendor threat reports, @mitreattack, and pie charts: The top initial access vectors in 2022, mapped to ATT&CK.

https://kwm.me/articles/top-initial-access-vectors-2022/

NOTE: Still have more data to add. Would love pointers to additional reports with data specific to initial access technique prevalence.

The top initial access vectors in 2022, mapped to ATT&CK

In reviewing security firms’ 2022 threat data, a subset of these include insight into the initial access vectors leveraged most frequently in successful intrusions. This is a summarization of findings based on their reporting.

KWM
Show threadRichard BejtlichMar 25, 2023
@kwm @mitreattack friends don’t let friends create pie charts. Text tables FTW. 😆
Show threadKeith W. McCammon
@taosecurity @mitreattack Ahh but I was expecting you, Richard! It’s in there 😎
Mar 25, 2023 at 11:40pmWeb
Show threadRichard BejtlichMar 26, 2023
@kwm @mitreattack I need mah counts and percentages, brother! 😆
Show threadKeith W. McCammonMar 26, 2023

@taosecurity @mitreattack Fair, fair. I'm not sure why I didn't include the percentages in the first place.

I also excluded Other because it isn't a named technique, but makes sense to be complete, so all of the (completely non-scientific) data is represented.

Good feedback, thank you!