.webp)
Tracecat is currently in public alpha. If you’d like to use Tracecat in production, please reach out to us on Discord or founders@tracecat.com! Want to take Tracecat for a spin? Try out our tutorials with Tracecat Cloud or self-hosted.
Tracecat is an open source automation platform for security teams. We’re building the features of Tines / Splunk SOAR with:
- Enterprise-grade open source tools
- Open source AI infra and GPT models
- Practitioner-obsessed UI/UX
It’s designed to be simple but powerful. Security automation should be accessible to everyone, including especially understaffed small-to-mid sized teams.
Check out our quickstart and build your first AI workflow in 15 minutes. The easiest way to get started is to sign-up for Tracecat Cloud. We also support self-hosted Tracecat.
Features
Build AI-assisted workflows, enrich alerts, and close cases fast.
- Workflows
- Drag-and-drop builder
- Core primitives (webhook, HTTP, if-else, send email, etc.)
- AI Actions (label, summarize, enrich etc.)
- Secrets
- Batch-stream data transforms (expected April 2024)
- Formulas (expected May 2024)
- Versioning (expected June 2024)
- Case management
- SMAC (status, malice, action, context)
- Suppression
- Deduplication (expected 1st week April)
- AI-assisted labelling (e.g. MITRE ATT&CK)
- Metrics
- Analytics dashboard
- Event logs
- Unlimited logs storage
- Logs search
- Visual detection rules
- Piped query language
- Data validation
- Pydantic V2 for fast data model and input / output validation in the backend
- Zod for fast form and input / output validation in the frontend
- Teams
- Collaboration
- Tenants
- AI infrastructure
- Vector database for RAG
- LLM evaluation and security
- Bring-your-own LLM (OpenAI, Mistral, Anthropic etc.)
Tracecat is not a 1-to-1 mapping of Tines / Splunk SOAR. Our aim is to give technical teams a Tines-like experience, but with a focus on open source and AI features. What do we mean by AI-native?.
For more information click here.