In this post, I talk about hardening TheHive and Cortex for an Internet-accessible deployment. This includes the application of TLS v1.2+ and the configuration of multi-factor authentication. Cortex can be…
TheHive 4.1.0 Deployment and Integration with MISP
Every few months, StrangeBee puts out an update to TheHive (Security Incident Response Platform). This month they have added Elasticsearch as an index engine to alleviate issues with using Cassandra,…
Building the Assemblyline Analyzer for TheHive’s Cortex.
Static analysis for me has become more fun with the inclusion of Assemblyline into my arsenal. But the lack of integration between other elements of my FOSS SOC stack was…
Building TheHive4 (4.0.5) and configuring MISP, Cortex and Webhooks.
Since the last write up I published on TheHive, there have been some significant changes and updates to TheHive. So for this post I will be walking through the installation…
Deploying (and using) TheHive4 [Part 1]
In this post I will walk through the deployment, configuration and migration of TheHive to TheHive4, and what improvements have been implemented into this release.