All of us encounter the use (and misuse) of terms like threat hunting, threat modeling, threat intelligence, and threat picture.
- Threat hunting is about leveraging knowledge of adversaries and the target system to proactively identify (and hopefully eradicate) threats before damage is incurred.
- Threat Modeling is a structured approach used to identify, assess, and mitigate potential threats and vulnerabilities in a system, application, or environment – outlining the hypothetical ways that a threat might attack us.
- Threat Intelligence (often called Cyber Threat Intelligence or CTI) characterizes the potential adversaries or troublesome events that might exploit those weaknesses, the organization’s most likely adversaries, attack vectors, and dependencies must be evaluated against that context.
- The likely adversaries portion of threat modeling is often called the Threat Picture – an externally-focused view of the most likely attacks your organization will face.