Skip to main content

Integration Catalog

Auto-generated catalog of TheHive and Cortex integrations.

About This Catalog

This catalog contains integrations built by StrangeBee and the community to help you integrate TheHive with your existing tools. Use them directly or as inspiration for your own.

Don't see what you need? You can build your own:

  • Analyzers – enrich observables with external data
  • Responders – automate actions on external systems
  • Functions – custom workflow logic
  • Custom tools – whatever your setup requires

Built something useful? Contributions are welcome!

📊 Summary Statistics

  • Total Vendors: 194
  • Total Analyzers: 259
  • Total Responders: 132
  • Total Functions: 7
  • Total External Integrations: 10
  • Total Integrations: 408

📂 Vendors by Category

Attack Surface Intelligence

ONYPHE (5 integrations) ONYPHE is a cyber defense search engine that collects and analyzes internet-wide scan data, provi...

Shodan (6 integrations) Shodan is the search engine for internet-connected devices, providing reconnaissance data on expo...

Breach Intelligence

Have I Been Pwned (1 integrations) Have I Been Pwned tracks billions of compromised credentials from data breaches, allowing analyst...

Collaboration

Slack (2 integrations) Slack is a is a team collaboration platform that provides channels, direct messaging, file sharin...

Telegram (1 integrations) Telegram is a cloud-based messaging platform that enables real-time security alerts, incident not...

DFIR

Velociraptor (1 integrations) Velociraptor is an advanced digital forensics and incident response (DFIR) platform that enables ...

EDR

CrowdStrike Falcon (22 integrations) CrowdStrike Falcon is a cloud-native endpoint protection platform that provides real-time threat ...

Microsoft Defender for Endpoint (8 integrations) Microsoft Defender for Endpoint is an enterprise EDR platform that provides threat detection, inv...

Email Security

Microsoft Defender for Office 365 (3 integrations) Microsoft Defender for Office 365 provides advanced threat protection for email and collaboration...

Proofpoint (3 integrations) Proofpoint is an enterprise email security and threat protection platform that provides advanced ...

Identity & Access Management

Microsoft Entra ID (9 integrations) Microsoft Entra ID (formerly Azure Active Directory) is an enterprise identity and access managem...

Malware Analysis

CAPA (1 integrations) CAPA (FLARE Capability Analysis) is a malware analysis tool that automatically identifies malware...

Hybrid Analysis (1 integrations) Hybrid Analysis (Falcon Sandbox) is a free malware analysis service powered by CrowdStrike that e...

VirusTotal (4 integrations) VirusTotal is a comprehensive malware analysis platform aggregating results from 70+ antivirus en...

YARA (1 integrations) YARA is a pattern matching engine for malware identification and classification that enables anal...

OSINT & Enrichment

Hunter.io (1 integrations) Hunter.io discovers and verifies email addresses associated with domains, enabling investigators ...

IPinfo (2 integrations) IPinfo provides comprehensive IP address intelligence including geolocation, ASN ownership, compa...

MaxMind (1 integrations) MaxMind provides geolocation and network intelligence data that maps IP addresses to geographic l...

Mnemonic Passive DNS (2 integrations) Mnemonic Passive DNS provides historical DNS resolution data that helps analysts track domain inf...

SIEM & Analytics

Elasticsearch (2 integrations) Elasticsearch is a distributed search and analytics engine that powers SIEM solutions and log ana...

Splunk (14 integrations) Splunk is a leading SIEM platform that aggregates, indexes, and analyzes machine data from across...

SOAR & Automation

Cortex XSOAR (1 integrations) Cortex XSOAR is Palo Alto Networks' SOAR platform that enables security teams to automate inciden...

n8n (2 integrations) n8n is a low-code/no-code workflow automation platform that enables technical teams to build, dep...

Rapid7 InsightConnect (1 integrations) Rapid7 InsightConnect is a security orchestration and automation platform that enables security t...

Shuffle (2 integrations) Shuffle is an open-source security orchestration, automation and response (SOAR) platform that au...

Tines (1 integrations)

Threat Intelligence

AbuseIPDB (2 integrations) AbuseIPDB is a crowdsourced IP reputation database that helps identify and track malicious IPs in...

AlienVault OTX (1 integrations) AlienVault Open Threat Exchange (OTX) is a collaborative threat intelligence platform where secur...

CrowdSec (1 integrations) CrowdSec is a collaborative security platform that aggregates attack data from community-deployed...

EmailRep (1 integrations) EmailRep analyzes email addresses to detect disposable emails, spam sources, and malicious sender...

Google Threat Intelligence (5 integrations) Google Threat Intelligence (formerly VirusTotal) provides comprehensive malware analysis, threat ...

Maltiverse (1 integrations) Maltiverse is a threat intelligence platform that aggregates and enriches IOCs from multiple sour...

MalwareBazaar (1 integrations) MalwareBazaar by Abuse.ch is a community-driven malware sample repository that enables analysts t...

MISP (1 integrations) MISP is an open-source threat intelligence platform for sharing, storing and correlating Indicato...

Recorded Future (1 integrations) Recorded Future is a real-time threat intelligence platform that analyzes data from the open web,...

ThreatConnect (1 integrations) ThreatConnect is a threat intelligence platform that enables security teams to aggregate, analyze...

URLhaus (1 integrations) URLhaus is a community-driven platform by Abuse.ch for tracking and sharing malware distribution ...

URL Analysis

URLScan.io (2 integrations) URLScan.io is an automated web scanner that analyzes URLs and websites in real-time, capturing sc...

Web Application Firewall

Cloudflare (1 integrations)

🔤 All Vendors (A-Z)

This catalog is auto-generated. Do not edit manually.

Last updated on