# TheHive Reviews **Vendor:** StrangeBee **Category:** [Incident Response Software](https://www.g2.com/categories/incident-response) **Average Rating:** 4.3/5.0 **Total Reviews:** 18 ## About TheHive TheHive is a collaborative security case management platform that integrates with security tools such as SIEM, EDR, threat intelligence platforms and more, enabling security teams to manage alerts, conduct investigations and respond to incidents from a single interface. Today, TheHive is trusted by 3500+ users worldwide, enabling them to centralize, automate and scale security operations and incident response across multiple teams, environments or clients. ## TheHive Pros & Cons **What users like:** - Users value the **customizable workflows** of TheHive, enhancing efficiency in incident management for teams. (1 reviews) - Users find TheHive's **ease of use** and scalability ideal for efficiently managing incident response in SOCs and CSIRTs. (1 reviews) - Users value the **good integrations and customizable workflows** of TheHive, enhancing collaborative incident management for SOCs and CSIRTs. (1 reviews) - Users appreciate the **excellent integrations** of TheHive, enhancing collaboration and efficiency in incident management. (1 reviews) - Users appreciate the **customizable workflows and integrations** of TheHive, enhancing collective incident management for SOCs and CSIRTs. (1 reviews) - Visibility (1 reviews) **What users dislike:** - Users find the **complex setup** of TheHive daunting, often requiring community support for troubleshooting delays. (1 reviews) - Users feel the **lack of guidance** in TheHive makes it challenging for new users to navigate and troubleshoot effectively. (1 reviews) - New users find the **steep learning curve** of TheHive challenging, often requiring substantial community assistance for setup. (1 reviews) ## TheHive Reviews ### 1. Incident Response Platform: TheHive **Rating:** 5.0/5.0 stars **Reviewed by:** Sam F. | IT Security Officer, Enterprise (> 1000 emp.) **Reviewed Date:** May 29, 2024 **What do you like best about TheHive?** The platform plays a critical role in our incident response. It integrates with and automates many of our processes for our analysts, helping to decrease our response times. The platform is easy to set up, maintain, and use. There is also an active Discord community for sharing information and asking questions. **What do you dislike about TheHive?** None. We've fed back any problems we've had, which've all been taken onboard and resolved. **What problems is TheHive solving and how is that benefiting you?** The platform helps us automate our incident response processes and stores and correlates much of our data. ### 2. Opensource Case Management: TheHive **Rating:** 5.0/5.0 stars **Reviewed by:** Rohan G. | Mid-Market (51-1000 emp.) **Reviewed Date:** June 23, 2023 **What do you like best about TheHive?** TheHive is an open source which helps us to create & merge cases in which you are working. You can integrate TheHive with Cortex & Wazuh, which maintains a better security posture. For integration purposes, you need the API key of hive, which help us to integrate it with another software. Also you can create different dashboards to visualise the cases & alerts coming from SIEM tool. **What do you dislike about TheHive?** TheHive5 is not an opensource it is a paid tool you have to paid to use it. Also there are different opensource tool like IRIS which can be considered as competitor for TheHive. **What problems is TheHive solving and how is that benefiting you?** TheHive helps us to solve the problem of tracking down the incident and also you can assign the tasks to your teammates & track down the case. Also if your investigation is over, you can close this case with proper justification. You can also integrate tool with different SIEM, Threat Intel tool etc. ### 3. Best Open Source Case management **Rating:** 4.5/5.0 stars **Reviewed by:** Satykam A. | Red Team Director, Mid-Market (51-1000 emp.) **Reviewed Date:** June 03, 2022 **What do you like best about TheHive?** Best part of TheHive is its integration with multiple threat intelligence tools like Cortex and MISP **What do you dislike about TheHive?** some of the module not working properly, rest all is fine **What problems is TheHive solving and how is that benefiting you?** Best for SOC team for incident response and case management ### 4. Thehive Overview **Rating:** 5.0/5.0 stars **Reviewed by:** Yash P. | Senior SOC ANALYST, Mid-Market (51-1000 emp.) **Reviewed Date:** December 08, 2021 **What do you like best about TheHive?** Easy to use and Configure. Various Integration with various threat intel tools. **What do you dislike about TheHive?** Sometimes it's the cortex module's analyzers not working properly. **What problems is TheHive solving and how is that benefiting you?** Using TheHive we get all alerts from our SIEM tool to thehive and easily manage. Immense benefits. ### 5. Case Management **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** December 08, 2021 **What do you like best about TheHive?** integration with cortex (threat intelligence) and misp (threat exchange) **What do you dislike about TheHive?** Looks fine nothing missing into it. Product looks promising **What problems is TheHive solving and how is that benefiting you?** Incident Response and Incident Handling is performed and managed very nicely. ### 6. Excelent tool on Enterprise Level **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Telecommunications | Enterprise (> 1000 emp.) **Reviewed Date:** October 14, 2019 **What do you like best about TheHive?** The Alert Management and the Openness of TheHive allows it to easily integrate from small to Enterprise large installations. We are able to use it in a very big Environment with extremly complex use-cases and Operation processes and it works really great. It is becoming a new de-facto-Standard for SOAR Tools on enterprise Level. Especially the native Integration of MISP Interface is really helpfull. Addintional the New TheHiveFile-System, Multi-Tenancy, Case-, Alert- and Observable sharing are outstanding features, that makes this product to choince number 1. **What do you dislike about TheHive?** TheHive is grewing constantly and as there are always new Features you have to ensure that you can install the new updates in time to be able to constatnly increasing productivitiy. Sometimes it takes a little time to get reaction from the support team, especially regarding new feature requests. **What problems is TheHive solving and how is that benefiting you?** Multi-Tier OC Operations ### 7. Thank you for your feedback! If you have any specific text in an unknown language that you need translated, please provide it, and I'll be happy to assist. **Rating:** 5.0/5.0 stars **Reviewed by:** Julien M. | Cyber Security Analyst - CERT Gemalto, Enterprise (> 1000 emp.) **Reviewed Date:** September 12, 2019 **What do you like best about TheHive?** Maintained Dockers, scalability, efficiency in CTI checks, easy to use, design, and connectivity to other tools thanks to the strong contributions from the community. **What do you dislike about TheHive?** Tags or comments are mandatory for observables. Tags for Indicators of Compromise (IOCs) (not event tags) are pushed to MISP during exports, and there should be no rotation of cases (e.g., do not delete closed cases after 2 months). Finally, analyzers and responders must be reviewed to reduce confusion between investigation and response. **What problems is TheHive solving and how is that benefiting you?** Fastup assessments, CTI investigations, sharing. ### 8. Soar not a soar **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Civil Engineering | Mid-Market (51-1000 emp.) **Reviewed Date:** October 22, 2019 **What do you like best about TheHive?** I was looking for a SOAR system, TheHive is not a SOAR but can help analysts and SOC specialists on incident response activities **What do you dislike about TheHive?** Installation is too complicated for a beginner **Recommendations to others considering TheHive:** Use TheHive if you are skilled with Linux OS and server CLI **What problems is TheHive solving and how is that benefiting you?** Deploy a new SOAR system ### 9. Hive review **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Information Services | Enterprise (> 1000 emp.) **Reviewed Date:** May 10, 2019 **What do you like best about TheHive?** Its easy to use once you get the hang of it.ince can be. Reated quickly and assignment groups are easy to use and configure. **What do you dislike about TheHive?** It take a little time to learn it,it is missing many options that competitors offer **Recommendations to others considering TheHive:** Hand held and mac,windows **What problems is TheHive solving and how is that benefiting you?** Incident response and incident logging,tracking and trend analysis ### 10. Works great. **Rating:** 5.0/5.0 stars **Reviewed by:** Eric T. | Special Forces Officer, Military, Mid-Market (51-1000 emp.) **Reviewed Date:** January 02, 2018 **What do you like best about TheHive?** We like the fact the since implementation our downtime is very low. **What do you dislike about TheHive?** We don’t have anything at this time that we have wanted to address with anyone. **What problems is TheHive solving and how is that benefiting you?** What problems are we not solving? It’s helped us shape the IT side our what we do for companies. ### 11. Quick and efficient **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Apparel & Fashion | Small-Business (50 or fewer emp.) **Reviewed Date:** December 22, 2017 **What do you like best about TheHive?** I like that the software is quick and easy to use **What do you dislike about TheHive?** It does take a long time to upload each file **Recommendations to others considering TheHive:** Be patient it gets great **What problems is TheHive solving and how is that benefiting you?** I'm solving typical i t problems and I realize that they have helped. ### 12. Feedback on hive **Rating:** 3.5/5.0 stars **Reviewed by:** Debanjan G. | Senior Technical Architect (Cloud), Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** December 26, 2017 **What do you like best about TheHive?** It is very scalable solution ,high performance ,good solution for generic incident response issues **What do you dislike about TheHive?** Better end user documentation and white papers **What problems is TheHive solving and how is that benefiting you?** Easy to use and analyze incident response system ### 13. The hive is easy to use with ROI **Rating:** 3.0/5.0 stars **Reviewed by:** Verified User in Computer Hardware | Small-Business (50 or fewer emp.) **Reviewed Date:** December 26, 2017 **What do you like best about TheHive?** It is designed for different environments and provides user friendly application gui **What do you dislike about TheHive?** The product has been great I have not found anything I dislouke **Recommendations to others considering TheHive:** This is a great product, with good support and easy to implement. Very little training was needed to navigate for use. **What problems is TheHive solving and how is that benefiting you?** The collaboration method and being able to use the hive in various capacities. ### 14. The Hive **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.) **Reviewed Date:** December 08, 2017 **What do you like best about TheHive?** The response time and analysis features are the two best **What do you dislike about TheHive?** Haven't found anything yet that's bad with the hive **Recommendations to others considering TheHive:** Consider options and pricing before choosing to go with this option. **What problems is TheHive solving and how is that benefiting you?** The hive offers a real time solution for threat management. It is able to this better than some others. ### 15. Good tool **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** December 21, 2017 **What do you like best about TheHive?** Thehive is good tool and it provides good information. **What do you dislike about TheHive?** It is not an exclusive tool and we need to use others. **What problems is TheHive solving and how is that benefiting you?** We were solved the incident reporting system but we needed other tools to support it. ### 16. Useful in some situations **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.) **Reviewed Date:** November 28, 2017 **What do you like best about TheHive?** Ui worked great. Was very easy to use and worked just how it looked. **What do you dislike about TheHive?** Just couldn't find use for it. Could not use it to make our problems **What problems is TheHive solving and how is that benefiting you?** Never really got much traction with it ### 17. Product is good **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.) **Reviewed Date:** December 14, 2017 **What do you like best about TheHive?** The hive i like and it worked good.performance wise it is slow. **What do you dislike about TheHive?** Impala performance is very bad..too slow **What problems is TheHive solving and how is that benefiting you?** Trying to solve big data problem ### 18. Data analysis **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Telecommunications | Enterprise (> 1000 emp.) **Reviewed Date:** December 12, 2017 **What do you like best about TheHive?** Sufficient, organized, open source, free security incident response platform **What do you dislike about TheHive?** Nothing at the moment. Will submit if there is any. **Recommendations to others considering TheHive:** Yes **What problems is TheHive solving and how is that benefiting you?** Big data ## TheHive Discussions - [What is TheHive used for?](https://www.g2.com/discussions/what-is-thehive-used-for) - [View TheHive pricing details and edition comparison](https://www.g2.com/products/thehive/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-15+17%3A24%3A51+-0500&secure%5Bsession_id%5D=2c5bbaaa-a9af-47b5-9867-76f35b36623b&secure%5Btoken%5D=324bd03e434d1499247606b817ef2159b8978d9457456e19cd503b91ee538eca&format=llm_user) ## TheHive Features **Response** - Resolution Automation - Resolution Guidance - System Isolation - Threat Intelligence - Incident Investigation **Records** - Incident Logs - Incident Reports **Management** - Incident Alerts - Incident Case Management - Workflow Management **Generative AI** - AI Text Generation - AI Text Summarization ## Top TheHive Alternatives - [IBM QRadar SOAR](https://www.g2.com/products/ibm-qradar-soar/reviews) - 4.0/5.0 (25 reviews) - [Wazuh](https://www.g2.com/products/wazuh/reviews) - 4.5/5.0 (65 reviews) - [LevelBlue USM Anywhere](https://www.g2.com/products/levelblue-usm-anywhere/reviews) - 4.4/5.0 (102 reviews)