PickYourTechPickYourTech home
Tracecat logo

Tracecat

Modern automation platform for security and IT engineers

Workflow Automation

Tracecat lets security and IT teams build, run, and manage automated workflows with YAML templates, a no‑code UI, built‑in case management, and scalable orchestration via Temporal.

Tracecat banner

Overview

Overview

Tracecat is a self‑hosted automation platform designed for security, IT, and infrastructure teams. It enables users to author workflows using simple YAML templates while providing a no‑code UI for execution and monitoring. Built‑in lookup tables and case management streamline incident handling and routine tasks.

Capabilities & Deployment

Workflows are orchestrated with Temporal, ensuring reliability and horizontal scalability. A curated Registry offers ready‑to‑use integration templates for common operations such as alert listing, user enumeration, and case creation. Deploy locally with Docker Compose, or run a production‑grade stack on AWS Fargate via Terraform. Kubernetes support is planned.

Extensibility

Developers can extend the platform with custom Python plugins or additional YAML templates. An Enterprise edition adds advanced features under a separate license, while the core remains AGPL‑3.0 licensed and community‑driven.

Highlights

YAML‑based templates with a no‑code UI
Built‑in lookup tables and case management
Temporal‑driven orchestration for reliability and scale
Extensible registry of ready‑to‑use integration templates

Pros

  • Easy to author workflows using familiar YAML
  • Scalable execution backed by Temporal
  • Rich library of pre‑built templates
  • Self‑hosted deployment options (Docker, Fargate)

Considerations

  • Enterprise features locked behind a paid license
  • Kubernetes deployment not yet available
  • Active development may introduce breaking changes
  • Advanced customizations require Python/Temporal knowledge

Fit guide

Great for

  • Security operations teams needing automated incident response
  • IT administrators automating routine infrastructure tasks
  • Organizations preferring self‑hosted, open‑source automation
  • Teams that benefit from reusable integration templates

Not ideal when

  • Users requiring a fully managed SaaS solution
  • Projects that cannot tolerate breaking changes during development
  • Environments lacking Docker or AWS Fargate access
  • Teams without capacity to maintain a Python/Temporal stack

How teams use it

Automated alert triage

Ingest alerts, enrich data, and create cases without manual intervention.

User provisioning workflow

Synchronize user accounts across cloud services based on HR data.

Periodic compliance reporting

Generate and distribute compliance reports on schedule using built‑in lookup tables.

Incident response playbook

Orchestrate containment, notification, and remediation steps automatically.

Tech snapshot

Python56%
TypeScript42%
SCSS1%
Shell1%
JavaScript1%
Dockerfile1%

Tags

openapiautomationworkflow-enginelow-codellmtemporalioevent-drivenpydanticnextjsorchestrationmonitoringfastapisecurity

Frequently asked questions

What languages are used to develop Tracecat?

The core platform is written in Python with a TypeScript/Next.js front‑end.

How can I run Tracecat locally?

Use the provided Docker Compose file to spin up all services with a single command.

Is there a cloud‑hosted version?

Tracecat offers an enterprise‑hosted cloud offering; the open‑source version is self‑hosted.

What is the licensing model?

The codebase is released under the AGPL‑3.0 license; enterprise extensions require a separate license.

Can I extend Tracecat with custom integrations?

Yes, you can add new YAML templates or develop Python plugins to integrate additional services.

Project at a glance

Active
Visit siteView repo
Stars
3,443
Watchers
3,443
Forks
327
LicenseAGPL-3.0
Repo age1 year old
Last commit2 days ago
Primary languagePython

Last synced yesterday