TheHive
TheHive is a scalable Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon.
Creating a TheHive connection
Using API Key
To create the connection you need:
- An API Key
- A Domain
Obtaining the credentials
Login to your TheHive user.
Click on your username at the top right of the screen.
Click on Settings.
Click on the API Key tab.
Click on Reveal and copy your API key.
Creating your connection
- In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
- Select the TheHive icon. A dialog box with name of the connection and connection methods appear.
- (Optional) Edit the name of the connection. At a later stage you cannot edit the name.
- Select API Key as the method to create the connection.
- Fill in the parameters:
- The API Key
- The Domain
- (Optional) Click Test Connection to test it.
- Click Create connection. The new connection appears on the Connections page.