First of all, thanks to the team for this very nice project.
I’m co-creator of TheHive Project, an open source and free Security Incident Response Platform. It’s a project that has a very big footprint in the case management field.
TheHive Project products are open and flexible:
All the features have REST APIs
All the actions on the tool can trigger a webhook
The software is ready for what the security operation communities request most: automation and orchestration.
The community usually refer to Apache Nifi, or NodeRed to define workflows that interact with TheHive, but I’ve discovered n8n and I’m a big fan of it.
I would like to know how we can work together to provide nodes that allow defining TheHive related workflows, example:
Receive and email, extract technical element from it, call TheHive APIs to create alerts
Listen to TheHive events related to alert creation, call external services to enrich the alert in TheHive, notify a slack or a mattermost channel
The examples amount is endless.
I’m open to any discussion, here or privately if needed.
Hey @nadouani! So, to begin with, welcome to the community! Happy you are here!
Next, I’m a huge fan of TheHive and I get giddy when I think of the things that I could do if I can get these two tools working together! I’ll probably be of little help writing the nodes or making code but if you need a beta tester, I’m your guy!
Really excited about the possibilities. Looking forward to work together. I know our head of content @tanay and the CEO @jan are gonna be happy about this opportunity. I will check Hive API over the weekend.
btw I saw you already created a node which is amazing. I wonder which features/endpoints you already covered? Which one in your opinion are the most important ones?
Feel free to reach me out either here or in private about any questions.
@nadouani We are a small team so sadly do not have the resources to bind 3 people for a meeting like that. We have to try to be efficient with our time. So it would be one depending on what the discussion is supposed to be about. If it is for example a purely technical one then @RicardoE105 is the one you want to talk to. A discussion about related to content like tutorials, blog-posts or similar @tanay would be right and for a possible partnership probably myself.
Hey @nadouani I’m about to review the nodes. I wonder if you can give me access to a sandbox instance for TheHive and Cortex? That would speed up the review process. Thanks.