TheHive is a Security Case Management Platform designed for Security Operation Centers (SOCs), Computer Emergency Response Teams (CERTs), and Computer Security Incident Response Teams (CSIRTs). It offers features such as: 1. Alert management: Automatically receives and processes alerts from various security platforms. 2. Case creation and management: Allows creation of cases with customizable templates and associated tasks. 3. Observable handling: Supports adding and analyzing multiple observables, including file attachments and malware samples. 4. Collaboration tools: Enables real-time collaboration among team members with task assignment and progress tracking. 5. Integration capabilities: Connects with threat intelligence platforms like MISP and leverages the Cortex engine for automated analysis and response. 6. Customization options: Provides ability to create custom fields, metrics, and dashboards. 7. Multi-tenancy support: Allows definition of different organizations and teams with customizable roles and permissions. 8. Reporting and export features: Facilitates creation of customized reports and data export. TheHive aims to streamline incident response processes, improve threat visibility, and enhance collaboration among security teams.
FEATURES
SIMILAR TOOLS
StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.
Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
Incident response and case management solution for efficient incident response and management.
Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
Automatically configure your app to follow OWASP security patterns and principles with Nuxt Security module.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.