Threat hunting has been primarily a playground for security experts in surfacing unknown threats. It is a proactive security approach where the hunt starts with a hypothesis about a hidden threat that may be already in the enterprise network. According to 2017 survey on threat hunting by the SANS Institute, nearly 45% of organizations hunt on an ad hoc basis. The ad hoc approach is ineffective and does not yield sufficient results to cover the cost of threat hunting. Considering the scarcity of security analysts, the ad hoc threat hunting becomes a costly and expensive process. Also, threat hunting is typically performed by doing outlier detection of the data. For example, analysts usually do outlier detection to find suspicious processes out of Windows process logs. The outlier detection can be done using simple box plots, control charts, or using more sophisticated unsupervised machine learning techniques. However, the output of all the outlier detection techniques is outliers/anomalies that still need to be audited/investigated by the security analysts. This adds more workload to the already overwhelmed security analyst. The fusion of data science and deceive security provides an opportunity to validate many alerts automatically and therefore provides an automated approach from threat hunting. Deceptive defense system offers a way to confirm an adversary presence with nearly 0% false alarms when the adversary bumps onto one of the deceptions. The modern set of deceptions is the reincarnation of honeypots, honeytokens, honeynets, and honey files that blends well within the network and can dynamically change their configurations. When an adversary access a deception, it raises a positive affirmation of a threat. In this approach, one needs to use alerts and contextual security events along with deceptive security to rank the existing alerts. It takes away a lot of manual verification of various security alerts.