What is the term for an entity that carries out a threat?

The correct term for an entity that carries out a threat is "Threat Actor." A threat actor refers to an individual or group that initiates a threat or attacks a system with malicious intent. This can encompass a range of entities, including hackers, insider threats, organized crime groups, and nation-states. Identifying and categorizing these actors is crucial for understanding security risks and developing appropriate defense strategies.

While "Threat Agent" might seem similar, it typically refers to the means or method through which a threat is executed rather than the entity itself. The term "Threat Vector" involves the path or method used to deliver a threat, such as a specific exploit or attack method, and "Vulnerability Source" usually refers to the original point at which weakness exists in a system. Thus, while these other terms have related meanings, they do not accurately represent the concept of an entity accomplishing a threat as effectively as "Threat Actor."