What is Tracecat?
Introduction to the Tracecat security automation platform.
Tracecat is the open-source Tines / Splunk SOAR alternative built for security engineers.
Why Tracecat?
- Security Operations (SecOps): Unify playbook development across security analysts and security engineers
- Security Engineers (SecEng): Build and maintain complex playbooks using open source integrations and configuration-as-code (YAML)
- Managed Detection & Response (MDR): Rapidly self-host, embed, and scale multi-tenant playbooks into any security service or product
New to Tracecat?
Install
Self-host Tracecat on your own infrastructure (Docker Compose, AWS, Kubernetes).
15-Minute Quickstart
Learn the basics of Tracecat by building a VirusTotal enrichment playbook.
Integrations
Pre-built integrations and their required secrets.
Tutorials
Self-guided tutorials to go from zero-to-hero in Tracecat.
Control Flow
Learn how to use if-conditions in your workflows.
Actions Registry
Learn how to use pre-built integrations in your workflows.
Child Workflows
Learn how to combine smaller workflows into a single workflow.
Triggers
Learn how to trigger workflows via webhooks or schedules.
Custom Integrations
Learn how to add custom integrations to the Actions Registry.
Updating
Learn how to update Tracecat to the latest version.
Core Features
Check out the following docs for more details on Tracecat’s core features.