Organizations across the world have been continuously targeted by sophisticated, disruptive, damaging, and costly cyber-attacks. To address the aforementioned issue, security efforts have focused on how to prevent, detect, and recover from an attack.However, these efforts are defensive, reactive, and inefficient at stopping the damage as they only deal with the attacks after they occur. In recent years, the cybersecurity community has started adopting a proactive approach that aims to predict the likelihood of cyber threats, anticipate the cyber-attacks in advance, and avoid their damages