TheHive is a Security Case Management Platform designed for Security Operation Centers (SOCs), Computer Emergency Response Teams (CERTs), and Computer Security Incident Response Teams (CSIRTs). It offers features such as: 1. Alert management: Automatically receives and processes alerts from various security platforms. 2. Case creation and management: Allows creation of cases with customizable templates and associated tasks. 3. Observable handling: Supports adding and analyzing multiple observables, including file attachments and malware samples. 4. Collaboration tools: Enables real-time collaboration among team members with task assignment and progress tracking. 5. Integration capabilities: Connects with threat intelligence platforms like MISP and leverages the Cortex engine for automated analysis and response. 6. Customization options: Provides ability to create custom fields, metrics, and dashboards. 7. Multi-tenancy support: Allows definition of different organizations and teams with customizable roles and permissions. 8. Reporting and export features: Facilitates creation of customized reports and data export. TheHive aims to streamline incident response processes, improve threat visibility, and enhance collaboration among security teams.
FEATURES
SIMILAR TOOLS
StackStorm is an open-source automation platform that connects and automates DevOps workflows and integrates with existing infrastructure.
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.
Shuffle is a platform for automating security workflows with confidence, offering templates, collaboration tools, and a large app library.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.