Tracecat is the open workflow automation platform for security and IT engineers. It’s an open source Tines / Splunk SOAR alternative with response-as-code. Tracecat is built on a simple YAML-based DSL for integrations, no-code UI for workflows, and Temporal for scale and reliability.

Why Tracecat?

We’re on a mission to make security and IT automation more accessible through response-as-code. What Sigma rules did for detection, YARA for malware research, and Nuclei did for vulnerabilities, Tracecat is doing for response automation.

Get Started

We highly recommend every user complete the quickstart tutorial. This tutorial covers all the core features of Tracecat, which will save you hours of learning time.

Tutorials

You can sync custom YAML integrations and Python scripts directly into Tracecat from a private Git repo. Learn more in the custom integrations tutorial.

This is the recommended way to use Tracecat. All reusable integrations should be stored and version controlled in your own GitHub / GitLab repository.

Integrations

Was this page helpful?