# Known threat vs. unknown threat Cybersecurity techniques depend on the identification of "static" known threats, such as viruses, rootkits, Trojans, and botnets. It is straightforward to identify and scan for this type of threat with automated software by matching the malicious code to a signature in a database of known malware. An example of a known unknown is that malware authors can use various obfuscation techniques to circumvent signature matching. The exact form that such malware will take is unknown, but its likely to use and operation within an attack is predictable. Recycled threats - combining and modifying parts of existing exploit code to create new threats that are not as easily identified by automated scanning. Unknown unknowns - completely new attack vectors and exploits. One of the purposes of security research is to try to discover these, using techniques such as analysis of data collected in honeypots and monitoring of discussion boards used by threat actors. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://abrahamreyes9.gitbook.io/cysa+/1.0-threat-and-vulnerability-management/1.1-explain-the-importance-of-threat-data-and-intelligence/threat-classification/known-threat-vs.-unknown-threat.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.