Network Foothold Attack Chain Diagrams
- 1 Minute to read
- Print
Network Foothold Attack Chain Diagrams
- 1 Minute to read
- Print
Article summary
Did you find this summary helpful?
Thank you for your feedback
Network Foothold: MFA and Segmentation
.png "image(213).png")
.png "image(214).png")
Threat Event Frequency | Threat event frequency represents the number of times per year the threat actor gains a credentialed network foothold. Common ways that threat actors can gain a foothold include phishing, remote code execution (RCE), 3rd party compromise, and malware. |
Vulnerability | Vulnerability (or susceptibility) represents the probability that the threat actor can successfully overcome all relevant controls (detection/prevention of lateral movement and unauthorized access) and successfully access the asset. |
Primary Loss Magnitude | The loss event occurs once the actor accesses the asset. This typically triggers incident response, management, and containment efforts, at a minimum. |
Secondary Loss Event Frequency | Secondary loss event frequency is modeled as the probability of responsive controls (such as encryption) being circumvented and conditional (secondary) losses occurring |
Network Foothold: MFA Only (No Segmentation)
.png "image(215).png")
.png "image(216).png")
Threat Event Frequency | Threat event frequency represents the number of times per year the threat actor gains a credentialed network foothold. Common ways that threat actors can gain a foothold include phishing, remote code execution (RCE), 3rd party compromise, and malware. |
Vulnerability | Vulnerability (or susceptibility) represents the probability that the threat actor can successfully overcome all relevant controls (detection/prevention of lateral movement and unauthorized access) and successfully access the asset. |
Primary Loss Magnitude | The loss event occurs once the actor accesses the asset. This typically triggers incident response, management, and containment efforts, at a minimum. |
Secondary Loss Event Frequency | Secondary loss event frequency is modeled as the probability of responsive controls (such as encryption) being overcome and conditional (secondary) losses occurring. |
Network Foothold: No MFA or Segmentation
.png "image(217).png")
.png "image(218).png")
Threat Event Frequency | Threat event frequency represents the number of times per year the threat actor gains a credentialed network foothold. Common ways that threat actors can gain a foothold include phishing, remote code execution (RCE), 3rd party compromise, and malware |
Vulnerability | Vulnerability (or susceptibility) represents the probability that the threat actor can successfully overcome all relevant controls (detection/prevention of lateral movement and unauthorized access) and successfully access the asset. |
Primary Loss Magnitude | The loss event occurs once the actor accesses the asset. This typically triggers incident response, management, and containment efforts, at a minimum. |
Secondary Loss Event Frequency | Secondary loss event frequency is modeled as the probability of responsive controls (such as encryption) being overcome and conditional (secondary) losses occurring. |
Was this article helpful?