The new version of TheHive is available! Learn more on the dedicated documentation site: https://docs.strangebee.com
TheHive by ©StrangeBee#
The version 5 of TheHive is available! Technical documentation is hosted by StrangeBee. Learn how to download, install and configure it at https://docs.strangebee.com.
More information available at https://www.strangebee.com.
TheHive 4 
#
Source Code: https://github.com/thehive-project/TheHive/
Website: https://www.thehive-project.org
TheHive is a scalable, open source and free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly.
TheHive supports different methods to store data, files, and indexes according to your needs. However, even for a standalone, production server, we strongly recommend using Apache Cassandra as a scalable and fault-tolerant database. Files and indexes storage can vary, depending on your target setup ; for standalone server, the local filesystem is suitable, while sereval options are possible in the case of a cluster configuration.
Installation and configuration guides#
This documentation contains step-by-step installation instructions for TheHive for different operating systems as well as corresponding binary archives.
All aspects of the configuration are aslo detailled in a dedicated section.
User guides#
TheHive supports differents roles for users. Depending on if you are an administrator of the plateform, an administrator of an organisation or an analyst you can have access and run differents actions in the plateform.
The user guides aims at describing all major howtos for users according to their roles and permissions.
Operations#
Discover how to migration from TheHive 3.x to TheHive 4.x with our migration guide.
Several other operational guides are provided to the community.
- Setup HTTPS with nginx or haproxy
- Backup and restore: example on how to backup and restore data stored in Apache Cassandra
- Adding security in Apache Cassandra
- Using Fail2Ban and block unwanted connections to the plateform
License#
TheHive 4 is an open source and free software released under the AGPL (Affero General Public License).
Updates and community discussions#
Information, news and updates are regularly posted on several communication channels:
TheHive Project Twitter account
Users forum on Google Groups. Request an access:
Contributing#
We welcome your contributions. Please feel free to fork the code, play with it, make some patches and send us pull requests using issues.
We do have a Code of conduct. Make sure to check it out before contributing.
Community support#
Please open an issue on GitHub if you'd like to report a bug or request a feature. We are also available on Discord to help you out.
If you need to contact the Project's team, send an email to support@thehive-project.org.
Note
- If you have problems with TheHive4py, please open an issue on its dedicated repository.
- If you encounter an issue with Cortex or would like to request a Cortex-related feature, please open an issue on its dedicated GitHub repository.
- If you have troubles with a Cortex analyzer or would like to request a new one or an improvement to an existing analyzer, please open an issue on the analyzers' dedicated GitHub repository.
Professional support#
TheHive is fully developped and maintained by StrangeBee. Should you need specific assistance, be aware that StrangeBee also provides professional services and support.