TheHive VS deequ

I had a quick test with the hive looks pretty nice. https://thehive-project.org/

Also look into hive. Lots of people are moving that direction. https://thehive-project.org/

TheHive is a versatile open-source solution for streamlining the investigation and prompt handling of security incidents. Seamlessly integrates with MISP to facilitate the transition from event analysis to investigation initiation, enabling efficient synchronization and export for collaborative threat detection and response. Moreover, coupling TheHive with Cortex empowers security professionals to efficiently analyze up to hundreds of observables. Timely-Lychee-5204 describes it as, "an open-source and scalable Security Incident Response Platform designed for handling incidents efficiently."

TheHive/Cortex - https://thehive-project.org/

i recommend TheHive for creating incident tickets. it is opensource but there is paid one offered by StrangeBee

Also unrelated to TheHive project, a security incident response tool.

https://thehive-project.org/

I haven't done any IR myself, but I was thinking something like TheHive Project (open source) or similar proprietary IR toolsets would be common. But over on r/blueteamsec I just saw this post, where people claimed to be using:

There's no straightforward way to drop and rerun a metric collection. For example, say you detect a problem in your data. You fix it, rerun the pipeline, and replace the bad data with the good. You'd want your metrics history to reflect the true state of your data. But the "bad run" cannot be dropped. Issue

I had similar requirements for QA reporting on large and diverse data sets. I implemented data check pipelines, with rules in AWS Deequ (https://github.com/awslabs/deequ) running on an Apache Spark cluster. The Deequ worked well for me, but there were a few cases where I opted to write the rule checks in the data store to improve throughput (i.e. SQL checks on critical data elements on the database).

Hey all! At the companies where I've worked as a developer, I've found that business stakeholders typically want a concrete way to check and assure the quality of data that pipelines are producing, before other downstream systems and users get impacted. I've tested solutions like Deequ, but I found that it made building compliance and data rules a bit more complicated and put a greater emphasis on developers to get the rules right that business was expecting. I also experienced issues with running checks in parallel and getting row level details about the failures.

GE is arguably the most well known OSS alternative to Soda Core. The third option is deequ, originally developed and released in OSS by AWS. Our community has told us that Soda Core is different because it’s easy to get going and embed into data pipelines. And it also allows some of the check authoring work to be moved to other members of the data team. I'm sure there are also scenarios where Soda Core is not the best option. For example, when you only use Pandas dataframes or develop in Scala.

I wonder how this compares with tools like DeeQu (https://github.com/awslabs/python-deequ - requires Spark) or Pandas Profiling? One plus side I can see is that it doesn't require Apache Spark to run profiling (though a quick look at the code indicates that they are working on Spark support) and can work with real time systems.

There are so many of them in big data, e.g. Kafka, Spark, Flink, Delta, Snowplow, Finagle, Deequ, CMAK, OpenWhisk, Snowflake, TheHive, TVM-VTA, etc.