It's been two months since this profile received a new review

TheHive Reviews & Product Details

TheHive is a collaborative security case management platform that integrates with security tools such as SIEM, EDR, threat intelligence platforms and more, enabling security teams to manage alerts, conduct investigations and respond to incidents from a single interface. Today, TheHive is trusted by 3500+ users worldwide, enabling them to centralize, automate and scale security operations and incident response across multiple teams, environments or clients.

Seller

StrangeBee

Discussions

TheHive Community

Languages Supported

Arabic, English, French, Italian, Japanese, Portuguese, Spanish

Overview by

Nabil Adouani (CEO at StrangeBee, Building TheHive)

Value at a Glance

Averages based on real user reviews.

Perceived Cost

$$$$$

View More Pricing Information

Top-Rated Alternatives

Wazuh - The Open Source Security Platform

4.5/5

(63)

LevelBlue USM Anywhere

View All Alternatives

TheHive Media

Enrich your cases by adding tasks, files, customizable reports and resultsof observables analysis.

Collect and manage alerts from your whole security stack on a single pane of glass.

Obtain a customizable synopsis of each incident, from its initial detection through to the resolution and recovery phases.

Centralize statistics on cases, tasks, observables, metrics and more to generate useful KPIs using our dashboard engine.

Create customized templates for your cases and tasks.

G2 reviews are authentic and verified.

Here's how.

Sam F.

IT Security Officer

Enterprise (> 1000 emp.)

5/29/2024

"Incident Response Platform: TheHive"

5/5

What do you like best about TheHive?

The platform plays a critical role in our incident response. It integrates with and automates many of our processes for our analysts, helping to decrease our response times.

The platform is easy to set up, maintain, and use. There is also an active Discord community for sharing information and asking questions. Review collected by and hosted on G2.com.

What do you dislike about TheHive?

None. We've fed back any problems we've had, which've all been taken onboard and resolved. Review collected by and hosted on G2.com.

Rohan G.

Mid-Market (51-1000 emp.)

6/23/2023

"Opensource Case Management: TheHive"

5/5

What do you like best about TheHive?

TheHive is an open source which helps us to create & merge cases in which you are working.

You can integrate TheHive with Cortex & Wazuh, which maintains a better security posture.

For integration purposes, you need the API key of hive, which help us to integrate it with another software.

Also you can create different dashboards to visualise the cases & alerts coming from SIEM tool. Review collected by and hosted on G2.com.

What do you dislike about TheHive?

TheHive5 is not an opensource it is a paid tool you have to paid to use it.

Also there are different opensource tool like IRIS which can be considered as competitor for TheHive. Review collected by and hosted on G2.com.

What problems is TheHive solving and how is that benefiting you?

TheHive helps us to solve the problem of tracking down the incident and also you can assign the tasks to your teammates & track down the case.

Also if your investigation is over, you can close this case with proper justification.

You can also integrate tool with different SIEM, Threat Intel tool etc. Review collected by and hosted on G2.com.

Satykam A.

Red Team Director

Mid-Market (51-1000 emp.)

6/3/2022

"Best Open Source Case management"

4.5/5

What do you like best about TheHive?

Best part of TheHive is its integration with multiple threat intelligence tools like Cortex and MISP Review collected by and hosted on G2.com.

What do you dislike about TheHive?

some of the module not working properly, rest all is fine Review collected by and hosted on G2.com.

Yash P.

Senior SOC ANALYST

Mid-Market (51-1000 emp.)

12/8/2021

"Thehive Overview"

5/5

What do you like best about TheHive?

Easy to use and Configure. Various Integration with various threat intel tools. Review collected by and hosted on G2.com.

What do you dislike about TheHive?

Sometimes it's the cortex module's analyzers not working properly. Review collected by and hosted on G2.com.

Verified User in Computer & Network Security

Mid-Market (51-1000 emp.)

12/8/2021

"Case Management"

4/5

What do you like best about TheHive?

integration with cortex (threat intelligence) and misp (threat exchange) Review collected by and hosted on G2.com.

What do you dislike about TheHive?

Looks fine nothing missing into it.

Product looks promising Review collected by and hosted on G2.com.

Verified User in Telecommunications

Enterprise (> 1000 emp.)

10/14/2019

"Excelent tool on Enterprise Level"

5/5

What do you like best about TheHive?

The Alert Management and the Openness of TheHive allows it to easily integrate from small to Enterprise large installations. We are able to use it in a very big Environment with extremly complex use-cases and Operation processes and it works really great.

It is becoming a new de-facto-Standard for SOAR Tools on enterprise Level.

Especially the native Integration of MISP Interface is really helpfull. Addintional the New TheHiveFile-System, Multi-Tenancy, Case-, Alert- and Observable sharing are outstanding features, that makes this product to choince number 1. Review collected by and hosted on G2.com.

What do you dislike about TheHive?

TheHive is grewing constantly and as there are always new Features you have to ensure that you can install the new updates in time to be able to constatnly increasing productivitiy.

Sometimes it takes a little time to get reaction from the support team, especially regarding new feature requests. Review collected by and hosted on G2.com.

Julien M.

Cyber Security Analyst - CERT Gemalto

Enterprise (> 1000 emp.)

9/12/2019

"Thank you for your feedback! If you have any specific text in an unknown language that you need translated, please provide it, and I'll be happy to assist."

5/5

What do you like best about TheHive?

Maintained Dockers, scalability, efficiency in CTI checks, easy to use, design, and connectivity to other tools thanks to the strong contributions from the community. Review collected by and hosted on G2.com.

What do you dislike about TheHive?

Tags or comments are mandatory for observables. Tags for Indicators of Compromise (IOCs) (not event tags) are pushed to MISP during exports, and there should be no rotation of cases (e.g., do not delete closed cases after 2 months). Finally, analyzers and responders must be reviewed to reduce confusion between investigation and response. Review collected by and hosted on G2.com.

Verified User in Civil Engineering

Mid-Market (51-1000 emp.)

10/22/2019

"Soar not a soar"

3.5/5

What do you like best about TheHive?

I was looking for a SOAR system, TheHive is not a SOAR but can help analysts and SOC specialists on incident response activities Review collected by and hosted on G2.com.

What do you dislike about TheHive?

Installation is too complicated for a beginner Review collected by and hosted on G2.com.

Verified User in Information Services

Enterprise (> 1000 emp.)

5/10/2019

"Hive review "

4.5/5

What do you like best about TheHive?

Its easy to use once you get the hang of it.ince can be. Reated quickly and assignment groups are easy to use and configure. Review collected by and hosted on G2.com.

What do you dislike about TheHive?

It take a little time to learn it,it is missing many options that competitors offer Review collected by and hosted on G2.com.