US Trends

what is one way new and relevant threats can be identified and documented?

One effective way to identify and document new and relevant threats is to perform continuous threat intelligence monitoring and record the results in a structured register or log.

How this works in practice

  1. You regularly review multiple intelligence sources
    • Security advisories from trusted vendors and agencies (for example, CERTs, major security companies).
 * Reports on new tactics, techniques, and procedures (TTPs) used in recent attacks.
 * Industry-specific alerts and professional forums where emerging issues are discussed.
  1. You turn “raw” intel into documented threats
    • For each new item, create an entry in a threat register (or risk log) with at least: name/short title of the threat, description, likely impact, likelihood, affected assets or systems, and source of information.
 * Map the threat to known categories or models (for example, STRIDE or attack technique references) so it is easier to track and compare over time.
  1. You keep the documentation living and up to date
    • Regularly review the register, add new intelligence (e.g., indicators of compromise, observed behaviors, or incidents in your own environment).
 * Update status fields such as “under investigation,” “mitigation in place,” or “no longer relevant” based on monitoring, threat hunting, or IDS/monitoring results.

In short, using ongoing threat intelligence monitoring and logging each new threat into a structured threat register is a clear, widely recommended way to both identify and document new and relevant threats.