Cybersecurity leaders are engaged in a difficult arms race against the threat actors who seek to attack their organizations. The purpose of this paper is to introduce an effective framework and methodology to threat hunting that enables SecOps teams to plan and conduct hunts that maximize the opportunity to successfully find and disrupt attacks in progress.