---
type: "term"
title: "Sub-Threat"
description: "Specific, detailed attack techniques or methods that fall within a broader Top Level Cyber Threat Cluster."
resource: "tlctc:term:sub-threat"
tags:
  - "glossary"
---
# Sub-Threat

Specific, detailed attack techniques or methods that fall within a broader Top Level Cyber Threat Cluster. Sub-threats represent the operational-level detail beneath the strategic-level clusters. Example: Under #2 Exploiting Server, sub-threats include SQL Injection, Buffer Overflows, RCE via Deserialization, SSRF, and XXE Injection.

**Related reading:** [Dual-layer notation — TLCTC-XX.YY enumeration](https://www.tlctc.net/tlctc-enumeration.html)