Tracecat is an open-source Tines / Splunk SOAR alternative for security engineers. We're building the features of Tines using enterprise-grade open-source tools.
- Hosted Temporal workflows
- No-code workflow builder
- Automations-as-code
- GitHub Actions-like YAML syntax
- Python-to-no-code compiler
- Version control
- VSCode extension (coming soon)
- Actions (HTTP requests, if-else, etc.)
- Case Management
- Dashboard UI
- Command-line interface
- Integrations
Tracecat is not a 1-to-1 Tines / Splunk SOAR equivalent. It's the simplest way for security engineers to build scalable workflow applications in code. Every automation in code is synced into the no-code frontend, and vice-versa. Tracecat allows security teams to standardize workflow development and deployment across the organization.
The easiest way to get started is to meet one of our cofounders on an open-source onboarding call. We'll help you install Tracecat self-hosted via docker compose
and run your first workflow in 30 minutes.
More of a DIY hacker? Check out the self-serve installation guide here.
- Discord: seeking support, sharing new feature or integration ideas, and hanging out with the community.
- GitHub issues: bugs and errors you encounter with Tracecat.
- Security: reporting security concerns and vulnerabilities.
- For full documentation, visit https://docs.tracecat.com.
- For developers looking to create custom security apps, check out our API Reference.
- Quickstart: Deploy the classic threat intel workflow with VirusTotal in 15 minutes.
Tracecat is now open to MDRs and MSSPs. Sign up over at our website or book a call with one of our cofounders.