AUGMENTING SIEM WITH THREAT INTELLIGENCE FOR PREDICTIVE CYBER DEFENSE: A PROACTIVE THREAT HUNTING APPROACH

Dr. Mariam Al-Falasi; Dr. Tao Zhang

doi:10.55640/ijctisn-v02i03-01

Authors

Dr. Mariam Al-Falasi Cybersecurity Research Center, Khalifa University, Abu Dhabi, United Arab Emirates
Dr. Tao Zhang School of Cyber Science and Technology, Beihang University, Beijing, China

DOI:

https://doi.org/10.55640/ijctisn-v02i03-01

Keywords:

SIEM, Cyber Threat Intelligence, Predictive Cyber Defense, Threat Hunting

Abstract

Security Information and Event Management (SIEM) systems play a crucial role in detecting and responding to cyber threats through real-time monitoring and log analysis. However, traditional SIEMs often struggle with proactively identifying emerging threats. This paper explores the augmentation of SIEM platforms with external and internal Cyber Threat Intelligence (CTI) to enhance predictive cyber defense capabilities. By integrating threat intelligence feeds, behavioral analytics, and machine learning techniques, the proposed approach transforms SIEMs from reactive tools into proactive threat hunting systems. The study reviews current architectures, implementation challenges, and real-world use cases, demonstrating how enriched SIEM environments improve threat detection, reduce false positives, and support faster incident response. The paper also outlines future directions for building adaptive, intelligence-driven security operations.

References

Wei, R., Cai, L., Yu, A., & Meng, D. (2021). DeepHunter: A graph neural network based approach for robust cyber threat hunting. arXiv preprint, arXiv:2104.09806.

Bienzobas, Á. C., & Sánchez Macián, A. (2023). Threat Trekker: An approach to cyber threat hunting. arXiv preprint, arXiv:2310.04197.

Mavroeidis, V., & Jøsang, A. (2021). Data driven threat hunting using Sysmon. arXiv preprint, arXiv:2103.15194.

Gao, P., Liu, X., Choi, E., Ma, S., Yang, X., & Song, D. (2022). ThreatKG: An AI powered system for automated open source cyber threat intelligence gathering. arXiv preprint, arXiv:2212.10388.

“Proactive threat hunting to detect persistent behaviour based attacks.” (2024). Computers & Security, article in press.

“Threat Hunting Use Cases: Integration with SIEM and real time enrichment.” (2024). Hunt.io.

Bitsight. (2024). SANS CTI Survey 2024: Threat hunting now top use case. Bitsight via SANS blog.

Brandefense. (2024). The benefits of integrating threat intelligence with SIEM solutions. bluevoyant.com.

CyberProof. (2024). What is proactive threat hunting? cyberproof.com.

StartupDefense. (2024). Threat hunting: A comprehensive guide to proactive cyber defense. startupdefense.io.

SecureITConsult. (2024). How intelligence data drives proactive threat hunting. secureitconsult.com.

SearchInform. (2024). SIEM threat hunting: Comprehensive guide. searchinform.com.

Bitsight. (2025). The role of threat intelligence in threat hunting. bitsight.com.

BlueVoyant. (2024). Threat intelligence: Complete guide to process and technology. bluevoyant.com.

CyberMaxx. (2025). The art of proactive threat hunting: A deeper dive. cybermaxx.com.

ChaosSearch. (2024). Threat hunting frameworks and methodologies: An introductory guide. chaossearch.io.

Softcat. (2024). The role of threat intelligence in proactive cyber defence. softcat.com.

Filigran. (2024). Leverage threat intelligence for proactive threat hunting. filigran.io.

Trellix. (2025). Threat intelligence and threat hunting: Why you need both. trellix.com.

“Threat intelligence platform” (2024). Wikipedia entry.

“Threat hunting” (2025). Wikipedia entry.

“Proactive cyber defence.” (2025). Wikipedia entry.

LevelBlue. (2024). OSSIM: Open Source Security Information Management. Wikipedia entry.

“Network detection and response (NDR).” (2025). Wikipedia entry.

PricewaterhouseCoopers. (2023). Proactive cyber defence and detection. Wikipedia entry.

International Journal of Cyber Threat Intelligence and Secure Networking

Article Details Page