Threat hunting is a proactive approach to detecting and counteracting potential threats in enterprise environments, and implementing a formalized framework or methodology can significantly improve detection rates. Threat hunters structure their hunts around indicators of compromise (IoCs) and use the scientific method to analyze data and uncover hidden clues. The most mature threat hunting teams follow a hypothesis-based methodology that incorporates logical reasoning and empirical evidence, and they rely on frameworks like the MITRE ATT&CK framework to guide their activities. To be effective, threat hunters need fast access to relevant data, including long-term historical security data, which is why building a security data lake is a critical step in improving threat hunting capabilities.