The Hive (StrangeBee)
TheHive is a Security Case Management Platform designed for Security Operation Centers (SOCs), Computer Emergency Response Teams (CERTs), and Computer Security Incident Response Teams (CSIRTs). It offers features such as: 1. Alert management: Automatically receives and processes alerts from various security platforms. 2. Case creation and management: Allows creation of cases with customizable templates and associated tasks. 3. Observable handling: Supports adding and analyzing multiple observables, including file attachments and malware samples. 4. Collaboration tools: Enables real-time collaboration among team members with task assignment and progress tracking. 5. Integration capabilities: Connects with threat intelligence platforms like MISP and leverages the Cortex engine for automated analysis and response. 6. Customization options: Provides ability to create custom fields, metrics, and dashboards. 7. Multi-tenancy support: Allows definition of different organizations and teams with customizable roles and permissions. 8. Reporting and export features: Facilitates creation of customized reports and data export. TheHive aims to streamline incident response processes, improve threat visibility, and enhance collaboration among security teams.
FEATURES
ALTERNATIVES
Modular SOAR implementation in Python for security orchestration, automation, and response.
A standardized framework for describing and classifying cybersecurity incidents
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
A mature SIEM environment is critical for successful SOAR implementation.
Detect signed malware and track stolen code-signing certificates using osquery.
A comprehensive auditd configuration for Linux systems following best practices.
Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.