https://store-images.s-microsoft.com/image/apps.48369.289e47a3-97f4-4693-a997-106539eb72e8.fa7220fa-cff5-441d-87e4-a7d68c490059.96c39e09-ecda-4f96-aa00-2a2b3e7c218e

TheHive Solution

Microsoft Sentinel, Microsoft Corporation

TheHive Solution

Microsoft Sentinel, Microsoft Corporation

TheHive a 4-IN-1 SECURITY INCIDENT RESPONSE PLATFORM

Note: Please refer to the following before installing the solution:

• Review the solution Release Notes

• There may be known issues pertaining to this Solution, please refer to them before installing.

TheHive solution provides the capability to ingest common The Hive events into Microsoft Sentinel through Webhooks. The Hive can notify external system of modification events (case creation, alert update, task assignment) in real time. When a change occurs in The Hive, an HTTPS POST request with event information is sent to a callback data connector URL. Refer to Webhooks documentation for more information.

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

a. Azure Monitor HTTP Data Collector API

b. Azure Functions

Data Connectors: 1, Parsers: 1, Custom Azure Logic Apps Connectors: 1, Playbooks: 3

Learn more about Microsoft Sentinel | Learn more about Solutions