TheHive Project is an open-source, free, and scalable cyber threat intelligence and security incident response solution. The latest version 4.1.0 includes significant improvements like database indexation for better performance, support for MISP taxonomies, and various new features and enhancements.
FEATURES
ALTERNATIVES
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
TheHive is a case management platform for security operations teams that facilitates incident response, threat analysis, and team collaboration.
Detailed analysis of the event-stream incident and actions taken by npm Security.
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.
Exabeam Security Operations Platform is a cloud-native security platform that applies AI and automation to security operations workflows for threat detection, investigation, and response.
Open-source abuse management toolkit for automating and improving the abuse handling process.
PINNED

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.