Overview

TheHive - A scalable, open source and free Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. This AMI is brought to you by StrangeBee, the company founded by three co-creators of TheHive to provide its users with deep expertise and a unique know-how. By doing so, StrangeBee boosts both the development of the product, new features for TheHive & Cortex as well as the ecosystem.

Highlights

Incident Management
Alert Triage
Observable enrichment

Details

Sold by

StrangeBee

Typical total price

This estimate is based on use of the seller's recommended configuration (m5.xlarge) in the US East (N. Virginia) Region. View pricing details

$1.752/hour

Pricing

Free trial

Try for free

Try this product at no cost for 5 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

TheHive v4 Official AMI

Info

View purchase options

Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covering your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.

Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.

Region

Usage costs (5)

Info

Instance type	Product cost/hour	EC2 cost/hour	Total/hour
m5.large	$1.24	$0.096	$1.336
m5.xlarge Recommended	$1.56	$0.192	$1.752
m5.2xlarge	$1.98	$0.384	$2.364
m5.4xlarge	$2.68	$0.768	$3.448
m5.8xlarge	$3.62	$1.536	$5.156

Additional AWS infrastructure costs

Type	Cost
EBS General Purpose SSD (gp2) volumes	$0.10/per GB/month of provisioned storage

Vendor refund policy

We do not offer refunds for hourly usage fees after free trial has expired but you can cancel at any time.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Version

Delivery details

64-bit (x86) Amazon Machine Image (AMI)

Amazon Machine Image (AMI)

An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

Version release notes

This is the July 2022 TheHive v4 AMI update. It includes TheHive v4.1.23 along with Ubuntu 20.04.4 OS updates (change log available here: https://github.com/TheHive-Project/TheHive/releases ). IMPORTANT - TheHive v4 will be supported until the end of 2022, consider upgrading to TheHive v5 (AMI already available: https://aws.amazon.com/marketplace/pp/prodview-gcjij3iscupae ). Contact us at aws@strangebee.com if you need any help with that. We are also pleased to inform you that with the release of TheHive v5, the companion Cortex AMI is now a free product, get it here: https://aws.amazon.com/marketplace/pp/prodview-6mcx44ljm4qla

Additional details

Usage instructions

We are pleased to introduce our new TheHive v4 AMI !

You can easily initialise a new instance or restore a previous TheHive v4 instance using scripts included in the image.
Data is stored on three dedicated volumes: database, storage attachments and indexes.
The AMI is based on the official Ubuntu 20.04 LTS AMI from Canonical.
The default OS hardening has been improved compared to our previous Ubuntu 18.04 based AMIs.

You can set up a new TheHive install or launch an instance with existing users and data. The AMI is updated with each TheHive release.

TheHive runs as unprivileged user "thehive" and listens on port http 9000. We encourage you never to open that port outside your VPC. Information on using the AWS Application Load Balancer or reverse proxies to handle TLS sessions is available on our website.
ssh listens on port 22 and the default user is "ubuntu".

New install:

Launch an instance from the AMI

ssh with the "ubuntu" user
Initialise and format the EBS volumes: /dev/sdh, /dev/sdi and /dev/sdj
Launch the initialisation script with the EBS volume block device names as argument: /opt/thehive/ops/scripts/ops-thehive4-init.sh /dev/sdh /dev/sdi /dev/sdj

That's it! TheHive is now available on port 9000. The default admin account is "admin@thehive.local " with password "secret" (change it!).

For detailed instructions, including how to launch an instance with existing data, check our AMI usage instructions on our website: https://www.strangebee.com/iaas/documentation/aws-thehive4/

Resources

Vendor resources

Website

AMI documentation

Product description

Support

Vendor support

For AMI usage related questions, contact us at aws@strangebee.com . Free product support is provided by the community. You can refer to the official documentation at https://docs.thehive-project.org . Use the community chat at https://chat.thehive-project.org to ask questions. StrangeBee also offers professional support. Visit our website for more information: https://strangebee.com/services aws@strangebee.com

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

Ansible on Amazon Linux 2 Kernel 5.10 with support by AskforCloud LLC

By Askforcloud LLC

Ansible is an open-source software provisioning, configuration management tool. This product has charges associated with it for support.

View product

Nemu Hardened Computing RHEL 8 STIG

By Nemu Corporation

STIG-hardened RHEL8 image

View product

Oracle Linux 9.1 with support by ProComputers

By ProComputers

Includes support and maintenance fees. Ready to use minimal Oracle Linux 9.1 AMI. Login using 'ec2-user' and ssh public key authentication. Root partition and filesystem extends automatically during boot if instance volume is bigger than the default 8 GiB one. Cloud-init included. ENA enabled. OracleLinux 9 security updates available at the release date are included as well.

View product

Shadow-Soft Red Hat Enterprise Linux (RHEL) 8.6 with High Security

By Shadow-Soft

This product has charges associated with the hardening functionality and seller support. Amazon EC2 running Red Hat Enterprise Linux hardened to comply with the U.S. Defense Information Security Agency (DISA) Security Technical Information Guides (STIG). DISA supports the U.S military and government with IT and communication services around the world. Now, this level of security is available to non-government organizations with the cost effectiveness, scalability and flexibility of Amazon EC2 including Amazon Elastic Block Store (EBS), Amazon CloudWatch, Elastic-Load Balancing, and Elastic IPs.

View product

Customer reviews

Write a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 AWS reviews

No customer reviews yet

Be the first to write a review for this product.