An important aspect of threat hunting is the creation and the prioritisation of hunting hypotheses. You want to avoid spending your valuable time into investigations that yield little result. Prioritisation can be used in two areas: the creation of new hunting hypotheses, and assigning priorities to the hypotheses on your backlog.
TaHiTI - Threat Hunting Methodology
During several months we worked together with a number of Dutch financial institutions to create the threat hunting methodology called TaHiTI. Which stands for Targeted Hunting integrating Threat Intelligence. You can obtain it from here: https://www.betaalvereniging.nl/en/safety/tahiti.