SCRIP News

SmarTech-IT Launches TheHive SOAR Proof of Concept (PoC) to Power the SCRIP Project

SmarTech-IT is proud to announce that on 27 October 2025, it will launch the Proof of Concept (POC) for TheHive, the leading open-source Security Orchestration, Automation and Response (SOAR) platform developed by StrangeBee (France). TheHive will serve as a cornerstone of the EU-funded SCRIP Project – Small Business Cybersecurity Resilience Initiative (Project 101145849, DIGITAL-ECCC-2022-CYBER-B-03), led by SmarTech-IT as coordinator.

Over the next 36 months, SCRIP will enhance the cybersecurity maturity of twenty SMEs across Poland and the EU, establishing a unified incident-response and threat-intelligence framework. TheHive brings automation, intelligence correlation, and collaborative case management directly into the SCRIP Security Operations Centre (SOC). It integrates seamlessly with Wazuh (SIEM) and Drata (compliance automation)—two other core elements of the SCRIP technical stack—to create a unified detection-to-response pipeline.

Through this POC, SmarTech-IT analysts and participating SMEs will validate:

Automated incident triage using AI-assisted playbooks;
Real-time alert correlation across multiple SME networks;
Cross-border threat-intelligence sharing compliant with EU data-protection and NIS2 requirements;
Structured reporting aligned with ISO 27001 and ISO 22301 standards.

This initiative reflects the European Union’s vision of strengthening cybersecurity capacities within its digital supply chains. By operationalizing an open-source European platform such as TheHive, the SCRIP Project promotes digital sovereignty, transparency, and cost-effective resilience for SMEs—often the most vulnerable links in Europe’s critical-infrastructure ecosystem.

Ray Sylvain, SmarTech-IT’s Technical Director of Cyber Defense, explained:
“ TheHive allows us to move from reactive to predictive security. Our analysts will orchestrate faster responses, automate repetitive tasks, and deliver a standardized incident-response model for every SME enrolled in SCRIP.”

Following the October POC, the integration of TheHive into SCRIP’s production environment will begin in early 2026, forming part of Deliverable D3.1 — Real-Time Monitoring and Analysis of Data. Lessons learned during the POC will inform playbooks, response metrics, and automation templates to be replicated across all SCRIP participants.

The SCRIP Project (Grant Agreement No. 101145849) is funded under the Digital Europe Programme and coordinated by SmarTech-IT Sp. z o.o. Its mission is to deliver a scalable model for SME cybersecurity resilience through standards implementation, SIEM/SOAR integration, predictive analytics, and training.

TheHive is a collaborative SOAR platform that enables security teams to investigate, collaborate, and respond efficiently to incidents. Developed by StrangeBee (Saint-Quentin-en-Yvelines, France), TheHive powers hundreds of CERTs and SOCs worldwide, providing open-source transparency and enterprise-grade reliability.

Funded by the European Union. Views and opinions expressed are those of the author only and do not necessarily reflect those of the European Union or the granting authority. Neither the European Union nor the granting authority can be held responsible for them.