TheHive
TheHive is a scalable 3-in-1 Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly.
License model
- Free Personal • Open Source
Platforms
- Linux
- Self-Hosted
- Software as a Service (SaaS)
Features
- Incident Management
- Orchestration
TheHive News & Activities
Recent activities
TheHive information
What is TheHive?
TheHive is a scalable 3-in-1 Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. It is the perfect companion to MISP. You can synchronize it with one or multiple MISP instances to start investigations out of MISP events. You can also export an investigation's results as a MISP event to help your peers detect and react to attacks you've dealt with. Additionally, when TheHive is used in conjunction with Cortex, security analysts and researchers can easily analyze tens if not hundred of observables.
TheHive was opensource until version 4: the project is still available on GitHub. Starting from version 5, TheHive is no longer open source.