Tracecat is an open-source security automation platform built for the AI era, a modern, AI-native take on SOAR (security orchestration, automation, and response). It gives busy security teams everything they need to automate work: agents, workflows, cases, and an AI copilot that can build automations on their behalf, lowering the bar for teams that historically needed specialized engineers to wire up brittle playbooks.
The platform addresses a persistent pain in security operations: analysts are buried in alerts and repetitive response tasks, and traditional automation tools are expensive, closed, and hard to maintain. Tracecat's open-source foundation makes it transparent and extensible, while its AI copilot lets teams describe what they want and have the system assemble the workflow, blending agentic assistance with deterministic, auditable automation for incident response and IT operations.
Tracecat has seen rapid adoption, with more than 200 organizations, ranging from startups to Fortune 500 companies and federal agencies, deploying it to automate security alerts, incident response, and IT workflows. That mix of open-source community and serious enterprise and government usage reflects demand for security automation that is both modern and trustworthy.
Founded in 2024 by Chris Lo and Daryl Lim, Tracecat emerged from Y Combinator's Winter 2024 batch. Lo previously built security and fraud-detection ML tooling at PwC, while Lim brings observability, data, and AI infrastructure experience from AMD, Meta, and a London quant trading firm. The company raised seed funding from Y Combinator, Pioneer Fund, and SurgePoint Capital.
For security and IT teams looking to automate response without locking themselves into costly proprietary SOAR, Tracecat offers an open, AI-native alternative where agents and copilots accelerate the work while keeping automations auditable and under the team's control.