Tracecat: Beta Launch

June 25th 2024


Written by Chris (CEO & cofounder)

Today is the day, we are finally announcing our Public Beta for Tracecat: the open source Tines / Splunk SOAR alternative built for security engineers.

Star our GitHub repo, share our launch on LinkedIn / Reddit / Slack, Tweet about us, check out our docs, or just book a demo! Now is the time.

What this means:

Tracecat is now stable enough for most non-Fortune 500 use-cases. We have the benchmarks, unit tests, and playbooks in our public CI/CD pipeline to show it.

But Tracecat is not "just" open source Tines.

We've designed a new way to automate security. One that is a more affordable (up to 5x cost savings), easier-to-adopt, and easier-to-maintain.

Okay, prove it.

  1. Easier-to-adopt
  • Install and run your first workflow in under 5 minutes. Docs.

  • Open source playbooks: version controlled in YAML, compiles to no-code, and ready-to-use. Docs.

  • Build integrations in minutes using a single Python decorator. Docs.

  1. Easier-to-maintain
  • Code or no-code? No problem!

  • Tracecat supports both automation-as-code (inspired by GitHub Actions and Ansible) and the classic drag-and-drop UI/UX.

  • Code is automatically converted into no-code, and vice versa.

  1. More affordable
  • We built Tracecat on top of Temporal: a new open source workflow engine used by the world's largest software companies (e.g. Datadog, Stripe, Coinbase).

  • What used to require a team of engineers is now available open source for free.

  • We pass the cost savings to you.

Interested? The easiest way to get started is to book a free onboarding call:

So, how is Tracecat different to Temporal? Temporal is a general-purpose dev tool designed for software engineers. Tracecat builds the necessary features for security automation:

  • No-code workflow builder. Docs.

  • Case management. Docs.

  • Functions / expressions (what Tines calls "formulas"). Docs.

  • Control flows: for-loops, if-then conditions, JSONPath match, exponential retries.

  • Integrations to security tools (EDR, SIEM, CSPMs etc.). Docs.

  • Security playbooks! Docs.

🔥 Our ask:

  • Share this announcement on Twitter, LinkedIn, Slack, Discord, Reddit.

  • Check out our brand new docs.

  • And if you like what you see, book a demo!

The beta has been in the work since B-Sides SF and RSAC. We overhauled the backend, added integrations, and built playbooks in under 8 weeks. Your support and feedback is what keeps us going nights and weekends. ❤️

📅 What to expect next month:

  • A lot more playbooks

  • A lot more integrations

  • AI features built on private open source models

  • More memes

Who are we?

Daryl (CTO) and I are two data engineers / 20-something YC founders who fell into security (story for another time). We aren't your typical ex-PAN / ex-Splunk / ex-{insert three letter agency} founders and we have no CISO network.

  • But what we do know is workflow orchestration and open source

  • What we can prove is the ability to build production-grade enterprise tools remarkably fast

Most importantly, Tracecat relies on a fast growing community of security practitioners and design partners engaging with us online (Discord, GitHub) and offline. DEFCON 32 anyone?

So thank you :)

— Chris

Fun fact: Daryl and I have been best friends / cofounders since elementary school. We made our first $10 together at 8 years old selling hand-drawn comics books and MMORPG game designs (inspired by Maplestory).

Tracecat is now open to MDR and channel partners.

Let's build the future of open source security automation together.

© 2024. All Rights Reserved by Tracecat