Awesome
<div align="center"> <img src="img/banner.svg" alt="The workflow orchestration platform for security engineers."> </div> </br> <div align="center"> </div> <div align="center"> </div>Tracecat is an open-source Tines / Splunk SOAR alternative for security engineers. We're building the features of Tines using enterprise-grade open-source tools.
- Hosted Temporal workflows
- No-code workflow builder
- Automations-as-code
- GitHub Actions-like YAML syntax
- Python-to-no-code integrations
- Version control
- Actions (HTTP requests, JSON data transforms)
- Integrations
Tracecat is not a 1-to-1 Tines / Splunk SOAR equivalent. We designed Tracecat to be the simplest way for modern security teams to build, scale, and maintain workflows. Tracecat enables security practitioners to build automations using both:
- No-code drag-and-drop UI
- Configuration-as-code (e.g. Ansible / GitHub Actions)
No-code workflows are automatically synced into code, and vice versa. Tracecat extends the classic no-code Security Orchestration, Automation and Response (SOAR) experience with DevOps best-practices.
Why Tracecat?
- Security Operations (SecOps): Unify workflow development across security engineering and SOC teams
- Security Engineers (SecEng): Build and maintain complex automations using open source integrations, configuration-as-code, and a powerful templating language
- Managed Detection & Response (MDR): Rapidly embed scalable workflow applications into any security product
Getting Started
The easiest way to get started is to meet one of our cofounders on an open-source onboarding call. We'll help you install Tracecat self-hosted via docker compose
and run your first workflow in 30 minutes.
More of a DIY hacker? Check out the self-serve installation guide here.
Community & Support
- Discord: seeking support, sharing new feature or integration ideas, and hanging out with the community.
- GitHub issues: bugs and errors you encounter with Tracecat.
- Security: reporting security concerns and vulnerabilities.
Documentation
- For full documentation, visit https://docs.tracecat.com.
- For developers looking to create custom security apps, check out our API Reference.
- Quickstart: Build the classic VirusTotal enrichment playbook in 15 minutes.
Partner With Us
Tracecat is now open to MDRs and MSSPs. Sign up over at our website or book a call with one of our cofounders.