TheHive - Build Your Own Security Operations Center (SOC)

Подписаться 19 тыс.

Просмотров 63 тыс.

50% 1

Join me as we configure your own Security Operations Center. Organize your alerts so your team can work swiftly and efficiently. Let's deploy a Host Intrusion Detection System and SIEM with free open source tools. Join me as we explore and learn together.
Documentation: docs.thehive-p...
Check us out: www.opensecure...
Interact with our demo: www.opensecure...
Hire us: www.opensecure...

Опубликовано:

3 окт 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 45

@luandemattos1939 2 года назад

Very well explained, thanks for sharing this content.

@crakkajakka15 3 года назад

You should do a video series on OpenCTI and Patrowl!!!

@taylorwalton_socfortress 3 года назад

I’ll make sure to check that out. Thanks for watching!

@marlonestrella4503 3 года назад

Thank you! For sharing

@syedrahman7352 3 месяца назад

Really well explaine. awesome brother.

@shah1o1 3 года назад

damn this is good thnx looking for more keep up the great work

@vanitymeetstechnology8792 2 года назад

I have Subscribed... Thanks a lot for the cool content.. have a nice day

@CyberMayler Год назад

Thank you for all the video. Can you make a full operational soc lab using docking and show integration between The Hive 5 , Cortex, Misp and shuffle? I watched a lot of videos, buts every time while i try to up my docker one of the container keep restarting the kibana ou elastick search used by the hive. A lot of problem with version compatibility appears on logs. Thank you for what you are building here on youtube.

@muxcan956 Год назад

bro please inform me, how to open this port 9042. I did everything you did and os does not listening on port 9042 in centos

@roxasdracun8661 9 дней назад

Bit confusre Im using virtualbox with ubuntu not able to load the hive, do I use the publicIP address or the private IP??

@JoaoVictor-rw9qb 2 года назад

So basicly, the TheHive is like a Jira, to open cases, etc. ?

@taylorwalton_socfortress 2 года назад

Correct, but unlike Jira, TheHIVE is suited towards Security Operation Teams and allows for easy investigations when integrated with Cortex

@adibnayafabdala Год назад

i can put an IP so that all people connected to the company's network can enter the hive site?

@mohamedaallam892 10 месяцев назад

amazing

@jlee1579 2 года назад

I appreciate this video! Is there a way to create incident templates within the hive, and if so, can you do a demo of that?

@alayotv1912 3 года назад

Thank you for sharing this, do you do one on one training please?? I would like for you to mentor me please. Thank you

@taylorwalton_socfortress 3 года назад

Hey Alayo, as of now we do not do one on one training. However, if you have questions or need assistance, us and the community can help you out over on our discord server: discord.gg/MzkFP9yE9V I hope to see you there and thanks for watching!

@alayotv1912 3 года назад

@@taylorwalton_socfortress thank you so much for the feedback. I hope to see you on discord soon.

@JoaoVictor-rw9qb 2 года назад

Could you explain for me what is TLP and PAP?

@ian230187 2 года назад

Hey there....Trying to understand what would be difference between this IR platform and a normal ticketing tool....The one difference I see is the integration with MISP (threat intelligence) and Cortex...May be I am wrong...but keen to understand this since I have never worked on an IR platform

@taylorwalton_socfortress 2 года назад

Right, the main benefit with TheHIVE and enabling the integrations is it allows your analysts to enrich the data around your alerts to quickly spot malicious events. Thanks for watching!

@fikadumilkesa5327 Год назад

what is the operating system you are using

@aaronhartley1951 3 года назад

For your Centos VM what is the version of Centos is it 7 or 8?

@taylorwalton_socfortress 3 года назад

Hey Aaron, I was using Centos 7. Thanks for watching!

@ayushbhardwaj7552 2 года назад

Cassandra is in active exited mode.. Can you help me with this issue?

@broph3n 2 года назад

What do you think of them going closed source soon? Any promising forks?

@taylorwalton_socfortress 2 года назад

Ya it was unfortunate to see that happen but all of the features (and more) that I have covered in these videos will still be available with the open-source version. I have yet to see what "new features" will be added to thehive5 but it will be worth checking out when it releases...I am not totally discouraged with this move because thehive open source version will still support a TON of functionality. Thanks for watching :)

@muxcan956 Год назад

Hey @Taylor Walton, please explain this when i open config file cassandra is empty? can someone help me please

@muxcan956 Год назад

on 6:19 . my os does not listening 9042 in centos

@BrownCoatFan 2 года назад

Do you have any suggestions now that The Hive v5 is no longer open source and is only free for 2 people?

@taylorwalton_socfortress 2 года назад

Not at the moment, I am hoping to get my hands on thehive5 soon, but I dont think it is released yet. Thanks for watching!

@mohomedarfath4780 2 года назад

can you make video on how to make this https

@taylorwalton_socfortress 2 года назад

You could use nginx like in this post here: blog.agood.cloud/posts/2019/04/24/setup-reverse-proxy-for-thehive/

@vietpham2545 2 года назад

when i open config file cassandra is empty? can someone help me please

@muxcan956 Год назад

please someone explain this

@TheMeshal20 2 года назад

Can you integrate with wazuh SIEM ?

@TheMeshal20 2 года назад

Base on wazuh rules it should be a create an incident

@taylorwalton_socfortress 2 года назад

Yes, check out either of these two videos: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-7zBGQxqf2G4.html or ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-FBISHA7V15c.html