Tracecat: Beta Launch

Written by Chris (CEO & cofounder)

Today is the day, we are finally announcing our Public Beta for Tracecat: the open source Tines / Splunk SOAR alternative built for security engineers.

Star our GitHub repo, share our launch on LinkedIn / Reddit / Slack, Tweet about us, check out our docs, or just book a demo! Now is the time.

What this means:

Tracecat is now stable enough for most non-Fortune 500 use-cases. We have the benchmarks, unit tests, and playbooks in our public CI/CD pipeline to show it.

But Tracecat is not "just" open source Tines.

We've designed a new way to automate security. One that is a more affordable (up to 5x cost savings), easier-to-adopt, and easier-to-maintain.

Okay, prove it.

1. Easier-to-adopt

• Install and run your first workflow in under 5 minutes. Docs.

• Open source playbooks: version controlled in YAML, compiles to no-code, and ready-to-use. Docs.

• Build integrations in minutes using a single Python decorator. Docs.

2. Easier-to-maintain

• Code or no-code? No problem!

• Tracecat supports both automation-as-code (inspired by GitHub Actions and Ansible) and the classic drag-and-drop UI/UX.

• Code is automatically converted into no-code, and vice versa.

3. More affordable

• We built Tracecat on top of Temporal: a new open source workflow engine used by the world's largest software companies (e.g. Datadog, Stripe, Coinbase).

• What used to require a team of engineers is now available open source for free.

• We pass the cost savings to you.

Interested? The easiest way to get started is to book a free onboarding call: https://cal.com/team/tracecat

So, how is Tracecat different to Temporal? Temporal is a general-purpose dev tool designed for software engineers. Tracecat builds the necessary features for security automation:

• No-code workflow builder. Docs.

• Case management. Docs.

• Functions / expressions (what Tines calls "formulas"). Docs.

• Control flows: for-loops, if-then conditions, JSONPath match, exponential retries.

• Integrations to security tools (EDR, SIEM, CSPMs etc.). Docs.

• Security playbooks! Docs.

🔥 Our ask:

• Share this announcement on Twitter, LinkedIn, Slack, Discord, Reddit.

• Check out our brand new docs.

• And if you like what you see, book a demo!

  
  

The beta has been in the work since B-Sides SF and RSAC. We overhauled the backend, added integrations, and built playbooks in under 8 weeks. Your support and feedback is what keeps us going nights and weekends. ❤️

📅 What to expect next month:

• A lot more playbooks

• A lot more integrations

• AI features built on private open source models

• More memes

Who are we?

Daryl (CTO) and I are two data engineers / 20-something YC founders who fell into security (story for another time). We aren't your typical ex-PAN / ex-Splunk / ex-{insert three letter agency} founders and we have no CISO network.

• But what we do know is workflow orchestration and open source

• What we can prove is the ability to build production-grade enterprise tools remarkably fast

Most importantly, Tracecat relies on a fast growing community of security practitioners and design partners engaging with us online (Discord, GitHub) and offline. DEFCON 32 anyone?

So thank you :)

— Chris

Fun fact: Daryl and I have been best friends / cofounders since elementary school. We made our first $10 together at 8 years old selling hand-drawn comics books and MMORPG game designs (inspired by Maplestory).