mirror of
https://github.com/mblanke/ThreatHunt.git
synced 2026-03-01 14:00:20 -05:00
Add ThreatHunt roadmap with goals and non-goals
This document outlines the roadmap for ThreatHunt, detailing near, mid, and long-term goals, as well as explicit non-goals.
This commit is contained in:
GitHub
28
ROADMAP.md
Normal file
28
ROADMAP.md
Normal file
@@ -0,0 +1,28 @@
|
|||||||
|
# ThreatHunt — Roadmap (Intent-Level)
|
||||||
|
|
||||||
|
This roadmap reflects analytical evolution only.
|
||||||
|
|
||||||
|
## Near Term
|
||||||
|
- Better CSV ingestion resilience
|
||||||
|
- Stronger artifact normalization
|
||||||
|
- Improved analyst annotations
|
||||||
|
- Expanded VirusTotal usage
|
||||||
|
|
||||||
|
## Mid Term
|
||||||
|
- Additional enrichment sources
|
||||||
|
- Pattern and clustering analysis
|
||||||
|
- Analyst hypothesis tracking
|
||||||
|
- Cross-hunt correlation views
|
||||||
|
|
||||||
|
## Long Term
|
||||||
|
- Assisted analysis suggestions
|
||||||
|
- Historical trend analysis
|
||||||
|
- Exportable intelligence products
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Explicit Non-Goals
|
||||||
|
- Live endpoint interaction
|
||||||
|
- Automated remediation
|
||||||
|
- Workflow orchestration
|
||||||
|
- Acting without analyst review
|
||||||
Reference in New Issue
Block a user