Skip to content

TracecatHQ/tracecat

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1,098 Commits
.github
.github
 
 
.vscode
.vscode
 
 
docs
docs
 
 
frontend
frontend
 
 
img
img
 
 
playbooks
playbooks
 
 
scripts
scripts
 
 
tests
tests
 
 
tracecat
tracecat
 
 
.all-contributorsrc
.all-contributorsrc
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
docker-compose.yml
docker-compose.yml
 
 
env.sh
env.sh
 
 
pyproject.toml
pyproject.toml
 
 
requirements-dev.txt
requirements-dev.txt
 
 
requirements-lint.txt
requirements-lint.txt
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

The workflow orchestration platform for security engineers.

License Commit Activity Docs

Next.js FastAPI Pydantic v2

Tracecat is an open-source Tines / Splunk SOAR alternative for security engineers. We're building the features of Tines using enterprise-grade open-source tools.

  • Hosted Temporal workflows
  • No-code workflow builder
  • Automations-as-code
    • GitHub Actions-like YAML syntax. Docs
    • Python-to-no-code compiler. Docs
    • Version control
    • VSCode extension (coming soon)
  • Actions (HTTP requests, if-else, etc.). Docs
  • Case Management. Docs
  • Dashboard UI
  • Command-line interface
  • Integrations

Tracecat is not a 1-to-1 Tines / Splunk SOAR equivalent. We designed Tracecat to be the simpliest way for modern security teams to build, scale, and maintain workflows. Tracecat enables security practitioners to build automations using both:

  • No-code drag-and-drop UI
  • Configuration-as-code (e.g. Ansible / GitHub Actions)

No-code workflows are automatically synced into code, and vice versa. Tracecat extends the classic no-code Security Orchestration, Automation and Response (SOAR) experience with DevOps best-practices.

Why Tracecat?

  • Security Operations (SecOps): Unify workflow development across security engineering and SOC teams
  • Security Engineers (SecEng): Build and maintain complex automations using open source integrations, configuration-as-code, and a powerful templating language
  • Managed Detection & Response (MDR): Rapidly embed scalable workflow applications into any security product

Highlights

Automate security workflows

Build security workflows

Close security cases fast with AI

Manage security cases with AI

Getting Started

The easiest way to get started is to meet one of our cofounders on an open-source onboarding call. We'll help you install Tracecat self-hosted via docker compose and run your first workflow in 30 minutes.

More of a DIY hacker? Check out the self-serve installation guide here.

Community & Support

  • Discord: seeking support, sharing new feature or integration ideas, and hanging out with the community.
  • GitHub issues: bugs and errors you encounter with Tracecat.
  • Security: reporting security concerns and vulnerabilities.

Documentation

Partner With Us

Tracecat is now open to MDRs and MSSPs. Sign up over at our website or book a call with one of our cofounders.

About

The open source Tines / Splunk SOAR alternative.

tracecat.com

Topics

security automation monitoring workflow-engine nextjs openapi orchestration cybersecurity event-driven pydantic fastapi zod temporalio llm

Resources

Readme

License

AGPL-3.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

2.1k stars

Watchers

23 watching

Forks

136 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages