What is TheHive?
TheHive is a scalable, open-source, and free security incident response solution. It is a 4-in-1 security incident response platform designed to assist SOCs, CSIRTs, CERTs, and any information security practitioner in swiftly investigating and addressing security incidents. Tightly integrated with MISP (Malware Information Sharing Platform), TheHive aims to streamline the management of security incidents that require prompt investigation and action
Highlights
- Scalable solution for security incident response
- Tight integration with MISP for malware information sharing
- Designed to assist SOCs, CSIRTs, CERTs, and security practitioners
- Facilitates swift investigation and response to security incidents
- Open-source and free to use
Features
Authentication
Case Merging
Dashboards
Case and Observable Filtering
MISP and Cortex