Open Access
AUGMENTING SIEM WITH THREAT INTELLIGENCE FOR PREDICTIVE CYBER DEFENSE: A PROACTIVE THREAT HUNTING APPROACH
4
Cybersecurity Research Center, Khalifa University, Abu Dhabi, United Arab Emirates
4
School of Cyber Science and Technology, Beihang University, Beijing, China
Abstract
Security Information and Event Management (SIEM) systems play a crucial role in detecting and responding to cyber threats through real-time monitoring and log analysis. However, traditional SIEMs often struggle with proactively identifying emerging threats. This paper explores the augmentation of SIEM platforms with external and internal Cyber Threat Intelligence (CTI) to enhance predictive cyber defense capabilities. By integrating threat intelligence feeds, behavioral analytics, and machine learning techniques, the proposed approach transforms SIEMs from reactive tools into proactive threat hunting systems. The study reviews current architectures, implementation challenges, and real-world use cases, demonstrating how enriched SIEM environments improve threat detection, reduce false positives, and support faster incident response. The paper also outlines future directions for building adaptive, intelligence-driven security operations.
Keywords
SIEM,
Cyber Threat Intelligence,
Predictive Cyber Defense,
Threat Hunting
References
Wei, R., Cai, L., Yu, A., & Meng, D. (2021). DeepHunter: A graph neural network based approach for robust cyber threat hunting. arXiv preprint, arXiv:2104.09806.
Bienzobas, Á. C., & Sánchez Macián, A. (2023). Threat Trekker: An approach to cyber threat hunting. arXiv preprint, arXiv:2310.04197.
Mavroeidis, V., & Jøsang, A. (2021). Data driven threat hunting using Sysmon. arXiv preprint, arXiv:2103.15194.
Gao, P., Liu, X., Choi, E., Ma, S., Yang, X., & Song, D. (2022). ThreatKG: An AI powered system for automated open source cyber threat intelligence gathering. arXiv preprint, arXiv:2212.10388.
“Proactive threat hunting to detect persistent behaviour based attacks.” (2024). Computers & Security, article in press.
“Threat Hunting Use Cases: Integration with SIEM and real time enrichment.” (2024). Hunt.io.
Bitsight. (2024). SANS CTI Survey 2024: Threat hunting now top use case. Bitsight via SANS blog.
Brandefense. (2024). The benefits of integrating threat intelligence with SIEM solutions. bluevoyant.com.
CyberProof. (2024). What is proactive threat hunting? cyberproof.com.
StartupDefense. (2024). Threat hunting: A comprehensive guide to proactive cyber defense. startupdefense.io.
SecureITConsult. (2024). How intelligence data drives proactive threat hunting. secureitconsult.com.
SearchInform. (2024). SIEM threat hunting: Comprehensive guide. searchinform.com.
Bitsight. (2025). The role of threat intelligence in threat hunting. bitsight.com.
BlueVoyant. (2024). Threat intelligence: Complete guide to process and technology. bluevoyant.com.
CyberMaxx. (2025). The art of proactive threat hunting: A deeper dive. cybermaxx.com.
ChaosSearch. (2024). Threat hunting frameworks and methodologies: An introductory guide. chaossearch.io.
Softcat. (2024). The role of threat intelligence in proactive cyber defence. softcat.com.
Filigran. (2024). Leverage threat intelligence for proactive threat hunting. filigran.io.
Trellix. (2025). Threat intelligence and threat hunting: Why you need both. trellix.com.
“Threat intelligence platform” (2024). Wikipedia entry.
“Threat hunting” (2025). Wikipedia entry.
“Proactive cyber defence.” (2025). Wikipedia entry.
LevelBlue. (2024). OSSIM: Open Source Security Information Management. Wikipedia entry.
“Network detection and response (NDR).” (2025). Wikipedia entry.
PricewaterhouseCoopers. (2023). Proactive cyber defence and detection. Wikipedia entry.
Similar Articles
- Dr. Laura Stein, ADVANCING PROACTIVE CYBERSECURITY THROUGH CYBER THREAT INTELLIGENCE MINING: A COMPREHENSIVE REVIEW AND FUTURE DIRECTIONS , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 02 (2025): Volume 02 Issue 02
- Dr. Dmitry V. Sokolov, Synergizing Generative AI and Explainable Machine Learning in Security Operations Centers: Mitigating Alert Fatigue and Enhancing Analyst Performance , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 10 (2025): Volume 02 Issue 10
- Elena M. Kovacs, Predictive Intelligence Across Physical and Financial Systems: A Comparative Research Framework for Packed-Bed Thermal Energy Storage and AI-Driven Forecasting , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 03 (2026): Volume 03 Issue 03
- Dr. Thomas Becker, Kevin Brooks, STRENGTHENING CYBER RESILIENCE: A COMPREHENSIVE EVALUATION OF SOCIAL ENGINEERING AWARENESS PROGRAMS , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 1 No. 01 (2024): Volume 01 Issue 01
- Dr. Marcus Fletcher, Dr. Elena Novak, ASSESSING AND ENSURING CYBERSECURITY AND RESILIENCE IN HEALTHCARE: A RISK AND CONFORMITY FRAMEWORK , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 1 No. 01 (2024): Volume 01 Issue 01
- Dr. Tanvi Das, James D. Walker, A FEDERATED MULTI-MODAL SYSTEM FOR INSIDER THREAT DETECTION IN ENERGY INFRASTRUCTURE USING BIOMETRIC AND CYBER DATA , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 01 (2025): Volume 02 Issue 01
- Dr. Nyra Quellin, Strategic Risk-Based Cybersecurity Governance: Integrating Policy Frameworks, Organizational Controls, and Compliance Mechanisms for Contemporary Information Systems , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 01 (2026): Volume 03 Issue 01
- Dr. Ahmed Saeed Al-Mansoori, Detection of Malicious Query Attack Weaknesses within Online Software Systems Using Byte-Level Pattern Matching , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 04 (2026): Volume 03 Issue 04
- Dr. Wei-Lin Cheng, COLLATERAL EFFECTS AND UNINTENDED REPERCUSSIONS IN OFFENSIVE CYBER OPERATIONS: A SYSTEMATIC LITERATURE REVIEW , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 03 (2025): Volume 02 Issue 03
- Prof. Hans-Peter Vogel, Dr. Farah Al-Dabbagh, UNINTENDED CONSEQUENCES AND SPILLOVER EFFECTS IN OFFENSIVE CYBER OPERATIONS: A SYSTEMATIC LITERATURE REVIEW , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 1 No. 01 (2024): Volume 01 Issue 01
You may also start an advanced similarity search for this article.