The Hive (StrangeBee)
TheHive is a Security Case Management Platform designed for Security Operation Centers (SOCs), Computer Emergency Response Teams (CERTs), and Computer Security Incident Response Teams (CSIRTs). It offers features such as: 1. Alert management: Automatically receives and processes alerts from various security platforms. 2. Case creation and management: Allows creation of cases with customizable templates and associated tasks. 3. Observable handling: Supports adding and analyzing multiple observables, including file attachments and malware samples. 4. Collaboration tools: Enables real-time collaboration among team members with task assignment and progress tracking. 5. Integration capabilities: Connects with threat intelligence platforms like MISP and leverages the Cortex engine for automated analysis and response. 6. Customization options: Provides ability to create custom fields, metrics, and dashboards. 7. Multi-tenancy support: Allows definition of different organizations and teams with customizable roles and permissions. 8. Reporting and export features: Facilitates creation of customized reports and data export. TheHive aims to streamline incident response processes, improve threat visibility, and enhance collaboration among security teams.
FEATURES
SIMILAR TOOLS
IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
Incident response and case management solution for efficient incident response and management.
A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
PINNED
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.