Listing Thumbnail

    TheHive v4 Official AMI

     Info
    Sold by: StrangeBee 
    Free Trial
    A 4-in-1 Security Incident Response Platform
    Listing Thumbnail

    TheHive v4 Official AMI

     Info
    Sold by: StrangeBee 

    Overview

    TheHive - A scalable, open source and free Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. This AMI is brought to you by StrangeBee, the company founded by three co-creators of TheHive to provide its users with deep expertise and a unique know-how. By doing so, StrangeBee boosts both the development of the product, new features for TheHive & Cortex as well as the ecosystem.

    Highlights

    • Incident Management
    • Alert Triage
    • Observable enrichment

    Details

    Delivery method

    Delivery option
    64-bit (x86) Amazon Machine Image (AMI)

    Latest version

    Operating system
    Ubuntu 20.04

    Typical total price

    This estimate is based on use of the seller's recommended configuration (m5.xlarge) in the US East (N. Virginia) Region. View pricing details

    $1.752/hour

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Free trial

    Try this product at no cost for 5 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

    TheHive v4 Official AMI

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covering your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    Usage costs (5)

     Info
    Instance type
    Product cost/hour
    EC2 cost/hour
    Total/hour
    m5.large
    $1.24
    $0.096
    $1.336
    m5.xlarge
    Recommended
    $1.56
    $0.192
    $1.752
    m5.2xlarge
    $1.98
    $0.384
    $2.364
    m5.4xlarge
    $2.68
    $0.768
    $3.448
    m5.8xlarge
    $3.62
    $1.536
    $5.156

    Additional AWS infrastructure costs

    Type
    Cost
    EBS General Purpose SSD (gp2) volumes
    $0.10/per GB/month of provisioned storage

    Vendor refund policy

    We do not offer refunds for hourly usage fees after free trial has expired but you can cancel at any time.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    64-bit (x86) Amazon Machine Image (AMI)

    Amazon Machine Image (AMI)

    An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

    Version release notes

    This is the July 2022 TheHive v4 AMI update. It includes TheHive v4.1.23 along with Ubuntu 20.04.4 OS updates (change log available here: https://github.com/TheHive-Project/TheHive/releases ). IMPORTANT - TheHive v4 will be supported until the end of 2022, consider upgrading to TheHive v5 (AMI already available: https://aws.amazon.com/marketplace/pp/prodview-gcjij3iscupae ). Contact us at aws@strangebee.com  if you need any help with that. We are also pleased to inform you that with the release of TheHive v5, the companion Cortex AMI is now a free product, get it here: https://aws.amazon.com/marketplace/pp/prodview-6mcx44ljm4qla 

    Additional details

    Usage instructions

    We are pleased to introduce our new TheHive v4 AMI !

    • You can easily initialise a new instance or restore a previous TheHive v4 instance using scripts included in the image.
    • Data is stored on three dedicated volumes: database, storage attachments and indexes.
    • The AMI is based on the official Ubuntu 20.04 LTS AMI from Canonical.
    • The default OS hardening has been improved compared to our previous Ubuntu 18.04 based AMIs.

    You can set up a new TheHive install or launch an instance with existing users and data. The AMI is updated with each TheHive release.

    • TheHive runs as unprivileged user "thehive" and listens on port http 9000. We encourage you never to open that port outside your VPC. Information on using the AWS Application Load Balancer or reverse proxies to handle TLS sessions is available on our website.
    • ssh listens on port 22 and the default user is "ubuntu".

    New install:

    Launch an instance from the AMI

    • ssh with the "ubuntu" user
    • Initialise and format the EBS volumes: /dev/sdh, /dev/sdi and /dev/sdj
    • Launch the initialisation script with the EBS volume block device names as argument: /opt/thehive/ops/scripts/ops-thehive4-init.sh /dev/sdh /dev/sdi /dev/sdj

    That's it! TheHive is now available on port 9000. The default admin account is "admin@thehive.local " with password "secret" (change it!).

    For detailed instructions, including how to launch an instance with existing data, check our AMI usage instructions on our website: https://www.strangebee.com/iaas/documentation/aws-thehive4/ 

    Support

    Vendor support

    For AMI usage related questions, contact us at aws@strangebee.com . Free product support is provided by the community. You can refer to the official documentation at https://docs.thehive-project.org . Use the community chat at https://chat.thehive-project.org  to ask questions. StrangeBee also offers professional support. Visit our website for more information: https://strangebee.com/services  aws@strangebee.com 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    No customer reviews yet
    Be the first to write a review for this product.