From 73a2efcde31e934166488a85ff2dacf54558d056 Mon Sep 17 00:00:00 2001
From: mblanke <mblanke@gmail.com>
Date: Wed, 24 Dec 2025 13:08:23 -0500
Subject: [PATCH] Add ThreatHunt roadmap with goals and non-goals

This document outlines the roadmap for ThreatHunt, detailing near, mid, and long-term goals, as well as explicit non-goals.
---
 ROADMAP.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 ROADMAP.md

diff --git a/ROADMAP.md b/ROADMAP.md
new file mode 100644
index 0000000..9329d3f
--- /dev/null
+++ b/ROADMAP.md
@@ -0,0 +1,28 @@
+# ThreatHunt — Roadmap (Intent-Level)
+
+This roadmap reflects analytical evolution only.
+
+## Near Term
+- Better CSV ingestion resilience
+- Stronger artifact normalization
+- Improved analyst annotations
+- Expanded VirusTotal usage
+
+## Mid Term
+- Additional enrichment sources
+- Pattern and clustering analysis
+- Analyst hypothesis tracking
+- Cross-hunt correlation views
+
+## Long Term
+- Assisted analysis suggestions
+- Historical trend analysis
+- Exportable intelligence products
+
+---
+
+## Explicit Non-Goals
+- Live endpoint interaction
+- Automated remediation
+- Workflow orchestration
+- Acting without analyst review