/tracecat

The open source Tines / Splunk SOAR alternative for security engineers.

Primary LanguageTypeScriptGNU Affero General Public License v3.0AGPL-3.0

The workflow orchestration platform for security engineers.

License Commit Activity Docs

Next.js FastAPI Pydantic v2 Discord

Tracecat is an open-source Tines / Splunk SOAR alternative for security engineers. We're building the features of Tines using enterprise-grade open-source tools.

  • Hosted Temporal workflows
  • No-code workflow builder
  • Automations-as-code
    • GitHub Actions-like YAML syntax
    • Python-to-no-code integrations
    • Version control
  • Actions (HTTP requests, JSON data transforms)
  • Integrations

Tracecat is not a 1-to-1 Tines / Splunk SOAR equivalent. We designed Tracecat to be the simplest way for modern security teams to build, scale, and maintain workflows. Tracecat enables security practitioners to build automations using both:

  • No-code drag-and-drop UI
  • Configuration-as-code (e.g. Ansible / GitHub Actions)

No-code workflows are automatically synced into code, and vice versa. Tracecat extends the classic no-code Security Orchestration, Automation and Response (SOAR) experience with DevOps best-practices.

Why Tracecat?

  • Security Operations (SecOps): Unify workflow development across security engineering and SOC teams
  • Security Engineers (SecEng): Build and maintain complex automations using open source integrations, configuration-as-code, and a powerful templating language
  • Managed Detection & Response (MDR): Rapidly embed scalable workflow applications into any security product

Getting Started

The easiest way to get started is to meet one of our cofounders on an open-source onboarding call. We'll help you install Tracecat self-hosted via docker compose and run your first workflow in 30 minutes.

More of a DIY hacker? Check out the self-serve installation guide here.

Community & Support

  • Discord: seeking support, sharing new feature or integration ideas, and hanging out with the community.
  • GitHub issues: bugs and errors you encounter with Tracecat.
  • Security: reporting security concerns and vulnerabilities.

Documentation

Partner With Us

Tracecat is now open to MDRs and MSSPs. Sign up over at our website or book a call with one of our cofounders.