Leveraging TheHive & Cortex for automated IR

  • Webcast Aired Friday, 20 Mar 2020 1:00PM EDT (20 Mar 2020 17:00 UTC)
  • Speaker: Erik Van Buggenhout

TheHive is a scalable, open source and free Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. One of the key strengths of TheHive is the link with Cortex and its Analyzers and Responders. Analysts can automate the response to existing cases by initiating one or more Responders. This webcast will show the basic features of TheHive and how custom Responders can be developed in Cortex to facilitate automated responses.