<P> In 1999, Microsoft cybersecurity professionals Loren Kohnfelder and Praerit Gard applied Schneier's attack tree analysis to develop a methodical means to consider potential attacks relevant to the Microsoft Windows development environment . The resultant STRIDE threat model (STRIDE is an acronym for Spoofing identity, Tampering with data, Repudiation, Information disclosure, Denial of service, Elevation of privilege) required security professionals to systematically determine how a potential attacker could utilize any threat categorized by the STRIDE acronym at each node of a Schneier - type attack tree . </P> <P> In 2003, OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation) method, a risk - based assessment threat modeling methodology, was first introduced with a primary focus on organizational risk management . </P> <P> In 2004, Frank Swiderski and Window Snyder wrote "Threat Modeling," by Microsoft press . In it they developed the concept of using threat models to create secure applications . </P> <P> In 2014 Ryan Stillions expressed the idea that cyber threats should be expressed with different semantic levels, and proposed the DML (Detection Maturity Level) model . An attack is an instantiation of a threat scenario which is caused by a specific attacker with a specific goal in mind and a strategy for reaching that goal . The goal and strategy represent the highest semantic levels of the DML model . This is followed by the TTP (Tactics, Techniques and Procedures) which represent intermediate semantic levels . The lowest semantic levels of the DML model are the tools used by the attacker, host and observed network artefacts such as packets and payloads, and finally atomic indicators such as IP addresses at the lowest semantic level . Current SIEM tools typically only provide indicators at the lowest semantic levels . There is therefore a need to develop SIEM tools that can provide threat indicators at higher semantic levels . </P>

Who described the five levels of hunting maturity model