TheHive is a security incident response platform that integrates Malware Information Sharing Platform (MISP). The Cortex can help to analyze observables using external threat analysis services such as VirusTotal, DomainTools, and MaxMind. The Hippocampe provides the REST API or Web UI to enable users to carry out analysis reports and perform queries.
The following diagram shows the collaboration between TheHive, Cortex, SIEM, and also MISP: