Tracecat’s cover photo
Tracecat

Tracecat

Software Development

San Francisco, California 1,909 followers

Open-source security automation platform for teams and AI agents.

About us

Tracecat provides everything busy security teams need to automate work: agents, workflows, cases, and an AI copilot that builds for you.

Website
https://tracecat.com
Industry
Software Development
Company size
2-10 employees
Headquarters
San Francisco, California
Type
Privately Held
Founded
2024
Specialties
Case Management, SOAR, Agents, and Workflow automation

Locations

Employees at Tracecat

Updates

  • Tracecat reposted this

    Shai-Hulud hit npm and PyPI again this week. One of our customers had a Tracecat agentic automation running in 30 minutes. - Built through Claude Code + Tracecat MCP - Custom agents - Real evidence - Human review His agentic workflow: - Searches code with Sourcegraph MCP - Checks endpoints with Falcon MCP - Collects evidence - Creates a case in Tracecat - Posts the verdict to Slack This user started as an Analyst. He learned agents and Python through Tracecat, got promoted to Senior Security Engineer, and now open sources his work. Legacy SOAR made analysts click and drag. Tracecat makes them engineers. End-to-end tutorial in the comments.

    • No alternative text description for this image
    • No alternative text description for this image
  • Tracecat reposted this

    Found Tracecat’s YC demo day notes from 2 years ago... It’s crazy how little the mission has changed since we first started. We never strayed from our core beliefs that: - AI will increase the demand for build not buy - That SOAR is **not** dead and there's still plenty of innovation to be made in this space - That AI will increase the demand for SOAR as the cost of building goes to zero - That AI SOC is not going to kill SOAR - Most teams that have or want a SOAR do a lot more than just alert triage with their automation platform Not going to lie. It was really hard at times. Getting rejected by "security focused" VCs that insist that AI will replace every human in security. Hearing that "SOAR is dead" from Gartner over and over. There were many moments where we thought "maybe we should just....do AI SOC". But as an open source platform, my cofounder and I spend EVERY single day talking to practitioners in security teams of all sizes across the world. And their lived experiences as users and later customers kept pointing to the idea that: Security teams want to build. They have the need to build. That alert triage (aka AI SOC) and even detection engineering is <30% of what they do. And AI is going to enable them to automate more than ever. And now in 2026, LLMs are finally good enough to build Tracecat workflows and agents autonomously. Growth is spiking purely through word of month. Our bet on building a code-first SOAR is giving us a crazy edge (LLMs are just better at code) over the legacy visual no-code builders. I can see the light...but man those 2 years were. hard. af.

    • No alternative text description for this image
  • Tracecat reposted this

    12 months ago, one of our users was a security analyst who knew little-to-no Python. 6 months ago he ditched his no-code SOAR for Tracecat. Today he opened his first pull request in Tracecat's open source repo: Google OAuth integrations. TLDR: if you pick Tracecat as your automation platform, you'll become a better programmer. We're already seeing this happen. Some stats from a recent Tracecat survey (n=50): ✅ 9 out of 10 say that adopting Tracecat has "substantially" improved their ability to read and write production Python code ✅ Over 60% of our customers have contributed to our codebase. ✅ Over 80% of our users adopted our custom Python registry feature* That's why we made Tracecat a low-code (not just a no-code) platform: 1. The DevEx for modern >3.10 Python (decorators, type hints) is so much easier for new programmers to pick up. 2. The argument that no-code click-and-drag is better than a Python script is an outdated pre-AI (Claude code, Codex, Cursor) idea. 3. Security tools come and go, Python isn't going anywhere. Even if Tracecat goes anyway, your custom code / logic remains under your control and can ported into any Python executor (e.g. AWS Lambda). Maybe we're wrong and vendor-specific no-code click-and-drag automation will win...but we've got Claude code / Cursor / Codex on our side. *Sync custom functions from a git repository into Tracecat.

    • No alternative text description for this image
  • Tracecat reposted this

    A modern security / IT automation platform needs case management. It cannot be an add-on. It must give the analyst exactly what they need to close the case, nothing more, nothing less. We don't need another case management system that looks like a video game* It must: ✅ Be easy to configure text, custom fields, tables (not another Jira customfield_938717) ✅ Have seamless integration with automations (agentic and workflow-driven) ✅ Have high signal, zero noise. I think Tracecat new case management system hits these points. Try it out today. Link to GitHub repo in comments.

    • No alternative text description for this image
    • No alternative text description for this image
    • No alternative text description for this image
  • Tracecat reposted this

    We just open sourced Tracecat's AI security copilot. Incumbents (e.g. Microsoft) charge excessive "add-on" fees for a basic copilot, which locks you into their platform. Chat UIs with tool-calling are not add-ons. They are table-stake features for any AI-native platform. ✅ Out today as part of v0.46.0 (link in comments): 1/ Works with over 200+ integrations in your security and IT stack (SIEM, EDR, Boto3, Slack) 2/ Directly integrates with Tracecat's case management system 3/ BYO LLM API key 4/ Works with ANY model provider (OpenAI, Anthropic, Bedrock, Gemini)

    • No alternative text description for this image
  • Tracecat reposted this

    One year ago, we were told by VCs that a seed-strapped team had *no chance* against Tines ($270 million funding) and Torq ($190 million funding). We were told that Tracecat would be *at best* a lesser open source alternative... Today I'm excited to share that we've successfully migrated AT LEAST one customer / OSS user off Tines, Torq, Splunk SOAR, and PAN SOAR onto Tracecat. And these aren't just customers with 2-3 workflows, we're talking about: 1/ ~30 workflows migrated over per customer 2/ Less than 4 weeks per migration 3/ From 30k to 1.5 million runs per month per customer 4/ Deployed in household name brands, defense primes, and federal agencies Our customers build better, faster on Tracecat with a pricing plan that ENCOURAGES creativity and engineering best practice. But what I'm MOST proud of are the following statistics. Our customers, on average: ✅ ADD 10 new workflows in Tracecat within the first month ✅ REDUCE the size of their existing 100 step workflows by ~50% 🤑 >40% savings (ranging from $35k to $300k) vs incumbents Better, faster, more cost effective. That's the Tracecat guarantee to every one of our customers. Case studies coming out soon.

    • No alternative text description for this image

Similar pages

Browse jobs