At StrangeBee we take the security our software and services seriously, including following applications and projects:
- TheHive (TheHive 5, and previous open source version)
- Cortex
- Cortex-Analyzers
If you believe you have found a security vulnerability in our applications and services (TheHive, Cortex, Cortex-Analyzers ...), report it to us.
Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.
Instead, please send security vulnerabilities by emailing the StrangeBee Security team:
security[@]strangebee[.]com
In this email, please include as much information as possible that can help us better understand and resolve the issue:
- Application and version
- Special configuration and usage required to reproduce the issue
- Step-by-step instructions to reproduce the issue
- Exploit code is any
- Impact of the issue
This will be very useful and help us triage your report more quickly.
Please review our Responsible Vulnerability Disclosure policy for more information.