Based on initial access data from dozens of cybersecurity industry reports over the past four years, here’s a visualization of the top five initial access techniques, and how they’ve trended over the years:

More on some of the source data and the top initial access techniques from 2022 can be here.

The data

Rankings by year, used to generate the visualization above.

2019

2020

2021

2022

T1190: Exploit Public-Facing Application

1

1

1

2

T1566: Phishing

2

2

2

1

T1133: External Remote Services

3

4

5

T1078: Valid Accounts

4

3

3

4

T1199: Trusted Relationship

5

T1195: Supply Chain Compromise

5

4

T1189: Drive-by Compromise

5

3

Categories:

Updated: