Understand your attack surface
Most times attackers exploit a vulnerability at the human layer by tricking their victims into opening a file or visiting a website. Another technique is identifying a well-known vulnerability in a system or uploading an infected file into a system or application that a victim will later open that allows for remote code execution . This technique is called the Initial Access and is key to the success of the implant phase. Understanding attacker tactics techniques and procedures (TTPs) is key to understanding your attack surface.