The Hive (StrangeBee) Logo

The Hive (StrangeBee)

0
Commercial
Visit Website

TheHive is a Security Case Management Platform designed for Security Operation Centers (SOCs), Computer Emergency Response Teams (CERTs), and Computer Security Incident Response Teams (CSIRTs). It offers features such as: 1. Alert management: Automatically receives and processes alerts from various security platforms. 2. Case creation and management: Allows creation of cases with customizable templates and associated tasks. 3. Observable handling: Supports adding and analyzing multiple observables, including file attachments and malware samples. 4. Collaboration tools: Enables real-time collaboration among team members with task assignment and progress tracking. 5. Integration capabilities: Connects with threat intelligence platforms like MISP and leverages the Cortex engine for automated analysis and response. 6. Customization options: Provides ability to create custom fields, metrics, and dashboards. 7. Multi-tenancy support: Allows definition of different organizations and teams with customizable roles and permissions. 8. Reporting and export features: Facilitates creation of customized reports and data export. TheHive aims to streamline incident response processes, improve threat visibility, and enhance collaboration among security teams.

FEATURES

ALTERNATIVES

A standardized framework for describing and classifying cybersecurity incidents

A comprehensive auditd configuration for Linux systems following best practices.

Shuffle Automation provides an open-source platform for security orchestration, automation, and response.

Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.

Incident Response Documentation tool for tracking findings and tasks.

A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.

A security operations platform that provides automated threat detection, access control, and protection against various online attacks through Cloudflare integration.

StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.