Modeling Features Threats to the Security of Information in the Process Threat Hunting

The article provides an analysis of techniques and approaches for modeling information security threats using the example of proactive search for threats that are not detected by traditional means of ensuring information security. The main stages and processes of the threat hunting method based on the basic maturity model “Hunting Maturity Model” are considered. In addition, the MITRE ATT&CK framework is briefly reviewed using the example of “technological domains” with a group classification of related actions, including when implementing targeted attacks on critical information infrastructure objects. The article concludes with a brief comparative review of information security threat modeling using the methodology of the Federal Service for Technical and Export Control of Russia (FSTEC of Russia) and MITRE ATT&CK matrices. In the discussion context, emphasis is placed on considering the possibility of integrating these two techniques for a more practice-oriented approach to modeling information security threats at the stage of creating information security systems and at the stage of its operation.