Skip to main content
Cyber Defense TacticsCyber Defense Tactics
HomeLearnResourcesBlogCommunity
Cyber Defense TacticsCyber Defense Tactics

Learn defensive security, leverage AI for cyber defense, and join a community of security professionals.

Learning

  • Blog
  • Resources
  • Newsletter

Community

  • Discord
  • YouTube
  • About

Legal

  • Privacy Policy
  • Terms of Service

© 2026 Cyber Defense Tactics. All rights reserved.

A Carbene.AI Project

Back to ATT&CK Hub
T1190

Exploit Public-Facing Application

Initial Access
Featured

Adversaries may attempt to take advantage of a weakness in an Internet-facing computer or program using software, data, or commands.

View on MITRE ATT&CK

Real-World Example

The Log4Shell vulnerability (CVE-2021-44228) was widely exploited to gain initial access to servers running vulnerable versions of Log4j.

Defense Strategies

  • Patch management and vulnerability scanning
  • Web Application Firewall (WAF)
  • Input validation and sanitization
  • Network segmentation
  • Least privilege access controls

Detection Methods

  • Monitor for unusual web requests
  • IDS/IPS signatures for known exploits
  • Log analysis for error patterns
  • Web application honeypots

Related Techniques in Initial Access

T1566

Phishing

T1133

External Remote Services

Ready to explore more techniques and join the community?