TheHIVE integration for SIEM Case Management

In the last Elastic SIEM Presentation (11/21/2019), the presentation showed the integration with MISP... Is that the same MISP that is part of TheHive ?

AND

is there is there any consideration of having hooks in the SIEM to integrate with TheHive to handle case management ?

Thanks,
-dt

In the last Elastic SIEM Presentation (11/21/2019), the presentation showed the integration with MISP... Is that the same MISP that is part of TheHive ?

No, but we have a Filebeat MISP module, that you can use to ingest the threat intel data from MISP. Note that this module is available in the 7.5 release of Filebeat, which we expect early next week.

is there is there any consideration of having hooks in the SIEM to integrate with TheHive to handle case management ?

We do plan to have webhooks as actions in the future. In the meantime, you could use Watcher (paid feature) to implement the integration.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.