SOARCA Documentation

SOARCA, an open-source SOAR (Security Orchestration, Automation and Response) tool developed by TNO, is designed be vendor-agnostic, allowing it to orchestrate various security actuators and systems. It is the first open-source SOAR that aims to be compliant with the CACAO v2.0 standard.

SOARCA enables cyber defenders to coordinate and automate their cyber operations, by using executable CACAO playbooks, and aims to achieve the following goals:

• Standard Compliance: Adhering to the latest standards, including CACAO v2.0 and OpenC2, allows for interoperability with a wide range of technologies.
• Extensibility with Open Interfaces: Enjoy the flexibility of an extensible tool featuring open and well-defined interfaces, promoting adaptability, customization, and experimentation.
• Open-Source: Embrace an open-source model that not only offers cost-effective solutions but also supports unrestricted use and adaptation for research purposes.

Interested in the vision and concepts of SOARCA? Then check the SOARCA vision and concepts.

SOARCA capabilities

SOARCA currently supports the following transport mechanisms:

Features of SOARCA

Where do I start?