TheHive is a scalable Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly.
Thanks to Cortex, observables such as IP and email addresses, URLs, domain names, files or hashes can be analyzed using a Web interface. Analysts can also automate these operations and submit large sets of observables from TheHive or through the Cortex REST API from alternative SIRP platforms, custom scripts or MISP. When used in conjunction with TheHive, Cortex largely facilitates the containment phase thanks to its Active Response features.
A team of hard-working enthusiastic people who helped this project come to life.
Past contributors >>>
StrangeBee is a company co-founded by TheHive Project's Jérôme, Nabil and Thomas.
Since 2019, TheHive, Cortex and their ecosystem are under the leadership of StrangeBee. The company is committed to develop, maintain, support and distribute TheHive, Cortex, Cortex-Analyzers and all API Client and helper libraries.
In 2022, after witnessing its license evolving into a commercial license, TheHive, which has grown in maturity, aims to respond to challenges faced by companies.
Looking for more information ?
Please send your request to StrangeBee.
If you'd like to report a vulnerability, please, read our Responsible Vulnerability Disclosure Policy first.