SOARCA is an open-source Security Orchestration, Automation and Response (SOAR) platform that automates threat and incident response workflows through standardized security playbooks. The tool ingests, validates, and executes CACAOv2 (Collaborative Automated Course of Action Operations) security playbooks via a JSON API interface. It supports multiple communication protocols including HTTP(S), SSH, and OpenC2 for native integrations. SOARCA provides an MQTT interface that enables custom integrations and extensibility for organizations with specific automation requirements. The platform is built around standardized formats and technologies, promoting interoperability across security tools and systems. The tool is designed for research and innovation purposes, allowing Security Operations Center (SOC), Computer Emergency Response Team (CERT), and Cyber Threat Intelligence (CTI) professionals to experiment with playbook-driven security automation approaches.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
RedEye is a visual analytic tool that provides enhanced situational awareness and operational insights for both Red and Blue Team cybersecurity operations.
A repository of sample security playbooks with ARM templates for Microsoft Sentinel that enable automated security orchestration and response capabilities.
A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.
Incident response and case management solution for efficient incident response and management.