TheHive VS circe

I had a quick test with the hive looks pretty nice. https://thehive-project.org/

Also look into hive. Lots of people are moving that direction. https://thehive-project.org/

TheHive is a versatile open-source solution for streamlining the investigation and prompt handling of security incidents. Seamlessly integrates with MISP to facilitate the transition from event analysis to investigation initiation, enabling efficient synchronization and export for collaborative threat detection and response. Moreover, coupling TheHive with Cortex empowers security professionals to efficiently analyze up to hundreds of observables. Timely-Lychee-5204 describes it as, "an open-source and scalable Security Incident Response Platform designed for handling incidents efficiently."

TheHive/Cortex - https://thehive-project.org/

i recommend TheHive for creating incident tickets. it is opensource but there is paid one offered by StrangeBee

Also unrelated to TheHive project, a security incident response tool.

https://thehive-project.org/

I haven't done any IR myself, but I was thinking something like TheHive Project (open source) or similar proprietary IR toolsets would be common. But over on r/blueteamsec I just saw this post, where people claimed to be using:

Using Circe so I define some classes that contain my custom Encoder[BusinessObject] in a file and I use that whenever I want to save/store a record, or handle a web request or respose. I also represent my mongo queries as JSON objects that I can freely build then pass to the driver.

Circe adopters should be using Scala https://github.com/circe/circe

If you look at Circe's github repo you will see a very large list of very recognizable companies, that should give you some idea. Circe isn't the ONLY Json parsing library, but it is probably the most popular, so - should give you a rough idea of the types and variety of companies using Scala.

Has the worst error messages I've ever seen for a parser. "Attempt to decode value on failed cursor" is not helpful when all you have is missing fields. Has been an issue for 5 years.

Circe tries to drop Scala 2.12 support in retaliation for not enough users paying them.

Circe: https://circe.github.io/circe/

PR for the same functionality in Scala3: https://github.com/circe/circe/pull/1800

Otherwise I tend to just use ZIO-JSON or Circe both of which have been updated for Scala 3.

I've updated results of benchmarks of 12 JSON parsers for Scala: - AVSystem's scala-commons - Borer - Circe - DSL-JSON - Jackson - jsoniter-scala - Play-JSON, - play-json-jsoniter - Spray-JSON - uPickle - weePickle - zio-json