Use Case: Cyber Threat Detection - STIXProject/use-cases GitHub Wiki
Cyber Threat Detection
Abstraction Level (High, Medium or Low): High
Related Use Cases:
- Sub-use-case of Managing Cyber Threat Response Activities
Description: Cyber operations personnel apply mechanisms (both automated and manual) to monitor and assess cyber operations in order to detect the occurrence of specific cyber threats whether in the past through historical evidence, currently ongoing through dynamic situational awareness, or apriori through predictive interpretation of leading indicators. This detection is typically via cyber threat indicator patterns. For example, in the case of a confirmed phishing attack with defined indicators, cyber operations personnel may harvest any specified observable patterns from defined indicators of the attack and apply them appropriately within the operational environment to detect any evidence of the phishing attack occurring.
Stakeholders/Goals:
- Stakeholder: Stakeholder description (replace with your content)
- Goal: Goal description (replace with your content)
Preconditions:
- Precondition description (replace with your content)
Dependencies:
- Dependency description (replace with your content)
Main Success Scenario:
- Scenario description (replace with your content)