Open source AI platform for security and IT teams

Meet Tracecat, the all-in-one automation platform for tickets, workflows, and AI agents.

Book a demo

Self-host today

Backed by

Combinator

Workflows, cases, and lookup tables — no add-ons required.

Automate your playbooks for free. Pay for mission-critical alerting, unlimited workflows, and 99.99% uptime when ready.

Book a demo

Unlimited workflows for all

Trigger workflows via webhook or run them as scheduled cron jobs.

Enrich SIEM alerts

Last run: 30 sec ago

Active

Check inactive sessions

Last run: 20 min ago

Runs every 30 minutes

Update firewall rules

Last run: 14 days ago

Paused

Build workflows in no-code and code

Automate in minutes using Tracecat's click-and-drag builder. Add custom Python and YAML integrations via Git.

Store data and track cases

Tracecat comes out-of-the-box with lookup tables and case management.

Track device

1:10 PM

Insert into devices table

Add to secops/it case custom field

Add IP address

1:14 PM

Upsert into entities table

Did user confirm suspicious login?

2:00 PM

Add link to incident

Send notification to Slack

Open source integrations

Over 100+ integrations. Both Tracecat managed and community-driven.

Testimonials

Why engineering-minded security teams, MDRs, and MSSPs build their security automations on Tracecat.

"It took minutes to self-host and run our first workflow. And less than a day to build out our custom integrations. Tracecat is by far the best open source SOAR in the market."

CTO at fast-growing MDR

40+ workflows live 24/7

"Moving off AWS Lambda into Tracecat gave us the same level of resilience but significantly better visibility."

VP security at 1000-person company

"Unlimited workflows enables my team to build reusable automations that best align with our security processes. As opposed to force-fitting our processes to the SOAR."

CISO at Public Financial Institution

120k alerts processed per minute

* On Tracecat's single-tenant AWS Fargate deployment

Testimonials

Why engineering-minded security teams, MDRs, and MSSPs build their security automations on Tracecat.

"It took minutes to self-host and run our first workflow. And less than a day to build out our custom integrations. Tracecat is by far the best open source SOAR in the market."

CTO at fast-growing MDR

40+ workflows live 24/7

"Moving off AWS Lambda into Tracecat gave us the same level of resilience but significantly better visibility."

VP security at 1000-person company

"Unlimited workflows enables my team to build reusable automations that best align with our security processes. As opposed to force-fitting our processes to the SOAR."

CISO at Public Financial Institution

120k alerts processed per minute

* On Tracecat's single-tenant AWS Fargate deployment

Testimonials

Why engineering-minded security teams, MDRs, and MSSPs build their security automations on Tracecat.

40+ workflows live 24/7
"Moving off AWS Lambda into Tracecat gave us the same level of resilience but significantly better visibility."
VP security at 1000-person company
"It took minutes to self-host and run our first workflow. And less than a day to build out our custom integrations. Tracecat is by far the best open source SOAR in the market."
CISO at Public Financial Institution
120k alerts per min
On Tracecat's single-tenant AWS Fargate deployment

The only open source SOAR built to scale.

Tracecat scales on Temporal: the open source durable execution platform used by Datadog, Netflix, and Stripe.

Self-host today

Parallelized workflows

Isolated tenants

Completed Workflow Runs (last 7 days)

1200

+10 from last week

The only open source SOAR built to scale.

Tracecat scales on Temporal: the open source durable execution platform used by Datadog, Netflix, and Stripe.

Self-host today

Parallelized workflows

Isolated tenants

Completed Workflow Runs (last 7 days)

1200

+10 from last week

The only open source SOAR built to scale.

Tracecat scales on Temporal: the open source durable execution platform used by Datadog, Netflix, and Stripe.

Self-host today

Parallelized workflows

Isolated tenants

Completed Workflow Runs (last 7 days)

1200

+10 from last week

The security and IT automation platform built for builders.

Book a demo

Self-host today

Unlimited Workflows

Powerful Data Tables

Durable Execution

Automations-as-code

Low-code UI

AGPL 3.0

Connect to any API

Multi-tenant

Self-hostable

Open source AI

Monitor IR Playbooks

Reduce MTTR

Intelligent Task Prioritization

Contextual Understanding

Personalized Insights

Simple Navigation

Smart Suggestions

Easy Collaboration

The security and IT automation platform built for builders.

Book a demo

Self-host today

Unlimited Workflows

Powerful Data Tables

Durable Execution

Automations-as-code

Low-code UI

AGPL 3.0

Connect to any API

Multi-tenant

Self-hostable

Open source AI

Monitor IR Playbooks

Reduce MTTR

Intelligent Task Prioritization

Contextual Understanding

Personalized Insights

Simple Navigation

Smart Suggestions

Easy Collaboration

The security and IT automation platform built for builders.

Book a demo

Self-host today

Unlimited Workflows

Powerful Data Tables

Durable Execution

Automations-as-code

Low-code UI

AGPL 3.0

Connect to any API

Multi-tenant

Self-hostable

Open source AI

Monitor IR Playbooks

Reduce MTTR

Intelligent Task Prioritization

Contextual Understanding

Personalized Insights

Simple Navigation

Smart Suggestions

Easy Collaboration