Open Access
AUGMENTING SIEM WITH THREAT INTELLIGENCE FOR PREDICTIVE CYBER DEFENSE: A PROACTIVE THREAT HUNTING APPROACH
4
Cybersecurity Research Center, Khalifa University, Abu Dhabi, United Arab Emirates
4
School of Cyber Science and Technology, Beihang University, Beijing, China
Abstract
Security Information and Event Management (SIEM) systems play a crucial role in detecting and responding to cyber threats through real-time monitoring and log analysis. However, traditional SIEMs often struggle with proactively identifying emerging threats. This paper explores the augmentation of SIEM platforms with external and internal Cyber Threat Intelligence (CTI) to enhance predictive cyber defense capabilities. By integrating threat intelligence feeds, behavioral analytics, and machine learning techniques, the proposed approach transforms SIEMs from reactive tools into proactive threat hunting systems. The study reviews current architectures, implementation challenges, and real-world use cases, demonstrating how enriched SIEM environments improve threat detection, reduce false positives, and support faster incident response. The paper also outlines future directions for building adaptive, intelligence-driven security operations.
Keywords
SIEM,
Cyber Threat Intelligence,
Predictive Cyber Defense,
Threat Hunting
References
Wei, R., Cai, L., Yu, A., & Meng, D. (2021). DeepHunter: A graph neural network based approach for robust cyber threat hunting. arXiv preprint, arXiv:2104.09806.
Bienzobas, Á. C., & Sánchez Macián, A. (2023). Threat Trekker: An approach to cyber threat hunting. arXiv preprint, arXiv:2310.04197.
Mavroeidis, V., & Jøsang, A. (2021). Data driven threat hunting using Sysmon. arXiv preprint, arXiv:2103.15194.
Gao, P., Liu, X., Choi, E., Ma, S., Yang, X., & Song, D. (2022). ThreatKG: An AI powered system for automated open source cyber threat intelligence gathering. arXiv preprint, arXiv:2212.10388.
“Proactive threat hunting to detect persistent behaviour based attacks.” (2024). Computers & Security, article in press.
“Threat Hunting Use Cases: Integration with SIEM and real time enrichment.” (2024). Hunt.io.
Bitsight. (2024). SANS CTI Survey 2024: Threat hunting now top use case. Bitsight via SANS blog.
Brandefense. (2024). The benefits of integrating threat intelligence with SIEM solutions. bluevoyant.com.
CyberProof. (2024). What is proactive threat hunting? cyberproof.com.
StartupDefense. (2024). Threat hunting: A comprehensive guide to proactive cyber defense. startupdefense.io.
SecureITConsult. (2024). How intelligence data drives proactive threat hunting. secureitconsult.com.
SearchInform. (2024). SIEM threat hunting: Comprehensive guide. searchinform.com.
Bitsight. (2025). The role of threat intelligence in threat hunting. bitsight.com.
BlueVoyant. (2024). Threat intelligence: Complete guide to process and technology. bluevoyant.com.
CyberMaxx. (2025). The art of proactive threat hunting: A deeper dive. cybermaxx.com.
ChaosSearch. (2024). Threat hunting frameworks and methodologies: An introductory guide. chaossearch.io.
Softcat. (2024). The role of threat intelligence in proactive cyber defence. softcat.com.
Filigran. (2024). Leverage threat intelligence for proactive threat hunting. filigran.io.
Trellix. (2025). Threat intelligence and threat hunting: Why you need both. trellix.com.
“Threat intelligence platform” (2024). Wikipedia entry.
“Threat hunting” (2025). Wikipedia entry.
“Proactive cyber defence.” (2025). Wikipedia entry.
LevelBlue. (2024). OSSIM: Open Source Security Information Management. Wikipedia entry.
“Network detection and response (NDR).” (2025). Wikipedia entry.
PricewaterhouseCoopers. (2023). Proactive cyber defence and detection. Wikipedia entry.
Similar Articles
- Dr. Alistair Finch, Navigating the Digital Battlefield: A Systematic Review of Collateral Effects in Offensive Cyber Operations , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 08 (2025): Volume 02 Issue 08
- Dr. Marcus A. Rodriguez, A Longitudinal Analysis of Cybersecurity Technology and Innovation: A Technology Mining Approach Using Bibliometric and Patent Analysis , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 05 (2026): Volume 03 Issue 05
- Dr. Amara Ndlovu, Dr. Faisal Khan, CYBERSECURITY IN VIRTUAL GATHERINGS: RISKS AND REMEDIAL STRATEGIES FOR VIDEO CONFERENCING SOFTWARE , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 04 (2025): Volume 02 Issue 04
- Dr. Elena Petrova, Dr. Hassan Al-Mansoori, EVALUATING AND ENHANCING CYBERSECURITY AND RESILIENCE IN HEALTHCARE: A UNIFIED RISK AND COMPLIANCE FRAMEWORK , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 05 (2025): Volume 02 Issue 05
- Dr. Jakob R. Neumann, Prof. Leila F. Mahmoud, Securing the Virtual Meeting Space: An Analysis of Cybersecurity Risks and Mitigation Strategies for Video Conferencing Platforms , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 09 (2025): Volume 02 Issue 09
- Dr. Evelyn R. Chen, Dr. Adrian M. Vella, A Comprehensive Taxonomy and Critical Survey of Scientific Workflow Scheduling Paradigms in IaaS Cloud Computing: Evaluating Fitness for High-Stakes Environmental Modeling , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 11 (2025): Volume 02 Issue 11
- Dr. Elena Marovic, Dr. Sofia Markovic, Cybersecurity Governance and Resilience in Small and Medium-Sized Enterprises: A Socio-Technical, Resource-Based, and Regulatory Framework for Sustainable Digital Competitiveness , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 04 (2026): Volume 03 Issue 04
- Muhammad Hasnain, Algorithmic Abuse: How Social Platforms Amplify Revenge Porn, digital grooming and Sexual Coercion , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 3 No. 04 (2026): Volume 03 Issue 04
- Farah Al-Mansouri, THE IMPLICIT LANGUAGE OF CYBERSECURITY: EDUCATIONAL CHALLENGES AND IMPLICATIONS , International Journal of Cyber Threat Intelligence and Secure Networking: Vol. 2 No. 07 (2025): Volume 02 Issue 07
Previous
21-29 of 29
You may also start an advanced similarity search for this article.