Skip to content
/ tracecat Public

The open source Tines / Splunk SOAR alternative for security engineers.

tracecat.com

License

AGPL-3.0 license
2.4k stars 170 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TracecatHQ/tracecat

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,851 Commits
.github
.github
 
 
.vscode
.vscode
 
 
alembic
alembic
 
 
deployments/aws/fargate
deployments/aws/fargate
 
 
docs
docs
 
 
frontend
frontend
 
 
img
img
 
 
playbooks
playbooks
 
 
registry
registry
 
 
scripts
scripts
 
 
temporal/config
temporal/config
 
 
tests
tests
 
 
tracecat
tracecat
 
 
.all-contributorsrc
.all-contributorsrc
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
Caddyfile
Caddyfile
 
 
Dockerfile
Dockerfile
 
 
Dockerfile.dev
Dockerfile.dev
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
alembic.ini
alembic.ini
 
 
docker-compose.dev.yml
docker-compose.dev.yml
 
 
docker-compose.yml
docker-compose.yml
 
 
env-migration.sh
env-migration.sh
 
 
env.sh
env.sh
 
 
justfile
justfile
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

The workflow orchestration platform for security engineers.

License Commit Activity Docs

Next.js FastAPI Pydantic v2 Discord

Tracecat is an open-source Tines / Splunk SOAR alternative for security engineers. We're building the features of Tines using enterprise-grade open-source tools.

  • Hosted Temporal workflows
  • No-code workflow builder
  • Automations-as-code
    • GitHub Actions-like YAML syntax
    • Python-to-no-code integrations
    • Version control
  • Actions (HTTP requests, JSON data transforms)
  • Integrations

Tracecat is not a 1-to-1 Tines / Splunk SOAR equivalent. We designed Tracecat to be the simplest way for modern security teams to build, scale, and maintain workflows. Tracecat enables security practitioners to build automations using both:

  • No-code drag-and-drop UI
  • Configuration-as-code (e.g. Ansible / GitHub Actions)

No-code workflows are automatically synced into code, and vice versa. Tracecat extends the classic no-code Security Orchestration, Automation and Response (SOAR) experience with DevOps best-practices.

Why Tracecat?

  • Security Operations (SecOps): Unify workflow development across security engineering and SOC teams
  • Security Engineers (SecEng): Build and maintain complex automations using open source integrations, configuration-as-code, and a powerful templating language
  • Managed Detection & Response (MDR): Rapidly embed scalable workflow applications into any security product

Getting Started

The easiest way to get started is to meet one of our cofounders on an open-source onboarding call. We'll help you install Tracecat self-hosted via docker compose and run your first workflow in 30 minutes.

More of a DIY hacker? Check out the self-serve installation guide here.

Community & Support

  • Discord: seeking support, sharing new feature or integration ideas, and hanging out with the community.
  • GitHub issues: bugs and errors you encounter with Tracecat.
  • Security: reporting security concerns and vulnerabilities.

Documentation

Partner With Us

Tracecat is now open to MDRs and MSSPs. Sign up over at our website or book a call with one of our cofounders.

About

The open source Tines / Splunk SOAR alternative for security engineers.

tracecat.com

Topics

security automation monitoring workflow-engine nextjs openapi orchestration cybersecurity event-driven low-code pydantic fastapi temporalio llm

Resources

Readme

License

AGPL-3.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

2.4k stars

Watchers

21 watching

Forks

170 forks
Report repository

Releases 59

Tracecat 0.13.0 Latest
Nov 4, 2024
+ 58 releases

Packages

 
 
 

Contributors 13

Languages