Tracecat is an open-source Tines / Splunk SOAR alternative for security engineers. We're building the features of Tines using enterprise-grade open-source tools.
- Hosted Temporal workflows
- No-code workflow builder
- Automations-as-code
- Actions (HTTP requests, if-else, etc.). Docs
- Case Management. Docs
- Dashboard UI
- Command-line 9403 interface
- Integrations
Tracecat is not a 1-to-1 Tines / Splunk SOAR equivalent. We designed Tracecat to be the simplest way for modern security teams to build, scale, and maintain workflows. Tracecat enables security practitioners to build automations using both:
- No-code drag-and-drop UI
- Configuration-as-code (e.g. Ansible / GitHub Actions)
No-code workflows are automatically synced into code, and vice versa. Tracecat extends the classic no-code Security Orchestration, Automation and Response (SOAR) experience with DevOps best-practices.
- Security Operations (SecOps): Unify workflow development across security engineering and SOC teams
- Security Engineers (SecEng): Build and maintain complex automations using open source integrations, configuration-as-code, and a powerful templating language
- Managed Detection & Response (MDR): Rapidly embed scalable workflow applications into any security product
The easiest way to get started is to meet one of our cofounders on an open-source onboarding call. We'll help you install Tracecat self-hosted via docker compose and run your first workflow in 30 minutes.
More of a DIY hacker? Check out the self-serve installation guide here.
- Discord: seeking support, sharing new feature or integration ideas, and hanging out with the community.
- GitHub issues: bugs and errors you encounter with Tracecat.
- Security: reporting security concerns and vulnerabilities.
- For full documentation, visit https://docs.tracecat.com.
- For developers looking to create custom security apps, check out our API Reference.
- Quickstart: Deploy the classic threat intel workflow with VirusTotal in 15 minutes.
Tracecat is now open to MDRs and MSSPs. Sign up over at our website or book a call with one of our cofounders.