TrustRadius: an HG Insights company

TheHive

Score9.7 out of 10

2 Reviews and Ratings

Get a Demo

What is TheHive?

TheHive was purpose built for SOC, CERT and CSIRT teams to minimize the time between actions taken by a bad actor and a team’s security response unit. Whether the goal is to share observables with a team, open a case, correlate incidents, or automate forensic analysis, TheHive, enables the user to do it.

Categories & Use Cases

Videos

Screenshots

Screenshot of Alert Management: Go through your dedicated and detailed Alert page, make comments, identify similar Alerts, define custom statuses and fields. Then decide whether or not they should be escalated to investigations or to incident response.
Screenshot of Case Management: Create cases and associated tasks and observables. Identify similar cases and alerts, define the PAP (Permissible Actions Protocol) level on each Observable, or improve your Incident Response process using a simple yet powerful template engine.
Screenshot of Muti Tenant Environments: Define the different organizations and teams and get them to work in a dedicated or collaborative mode: tenants' cases can be isolated or investigated by users from different organizations based on customizable roles and permissions.
Screenshot of User Management: Define and customize user profiles, assign them to users within their organizations and synchronise them via LDAP or AD.
Screenshot of Metrics and Dashboards: Compile and correlate statistics on cases, tasks, observables, metrics and more to generate useful KPIs and MBOs with our dynamic dashboard engine.
Screenshot of MISP Integration: Get shared Indicators of compromise quickly imported and ready to use or share yours easily with your communities by connecting TheHive with MISP.
Screenshot of MITRE ATT&CK Framework Integration: Import all of the MITRE ATT&CK Framework TTPs to TheHive Alert management. Import Tactics and Techniques of a particular Case or Alert or simply export them to a MISP event.
Screenshot of Powerful Notification Framework: In addition to invoking Webhooks, send emails, Slack and Mattermost messages or call custom HTTP requests (JIRA, ServiceNow, QRadar...)

1 / 8

Screenshot of Alert Management: Go through your dedicated and detailed Alert page, make comments, identify similar Alerts, define custom statuses and fields. Then decide whether or not they should be escalated to investigations or to incident response.

Technical Details

Technical Details
Deployment TypesOn-Premise, SaaS
Operating SystemsWindows, Linux
Mobile ApplicationNo
Supported LanguagesEnglish, French, Italian, German, Dutch, Spanish, Portuguese, Polish, Swedish, Chinese, Japanese, Arabic

FAQs

What is TheHive?
TheHive is an open source and free cybersecurity incident response platform.
How much does TheHive cost?
TheHive starts at $17000.
What are TheHive's top competitors?
Swimlane, Splunk SOAR, and ServiceNow Security Operations are common alternatives for TheHive.
Who uses TheHive?
The most common users of TheHive are from B2C.