SOARCA Documentation

SOARCA, an open-source SOAR (Security Orchestration, Automation and Response) tool developed by TNO, is designed be vendor-agnostic, allowing it to orchestrate various security actuators and systems. It is the first open-source SOAR that aims to be compliant with the CACAO v2.0 standard.

SOARCA enables cyber defenders to coordinate and automate their cyber operations, by using executable CACAO playbooks, and aims to achieve the following goals:

  • Standard Compliance: Adhering to the latest standards, including CACAO v2.0 and OpenC2, allows for interoperability with a wide range of technologies.
  • Extensibility with Open Interfaces: Enjoy the flexibility of an extensible tool featuring open and well-defined interfaces, promoting adaptability, customization, and experimentation.
  • Open-Source: Embrace an open-source model that not only offers cost-effective solutions but also supports unrestricted use and adaptation for research purposes.

Interested in the vision and concepts of SOARCA? Then check the SOARCA vision and concepts.

SOARCA capabilities

SOARCA currently supports the following transport mechanisms:

OpenC2 - Native

OpenC2

HTTP - Native

Http

SSH - Native

Ssh

PowerShell WinRM - Native

PowerShell

Features of SOARCA

Where do I start?

Getting Started

Getting SOARCA quickly setup

Vision & Concepts

The what and why of SOARCA

Advanced Installation and Configuration

Everything you need to install and configure SOARCA

REST API

The SOARCA REST Api

Extensions & Capabilities

Extending SOARCA is done by developing a SOARCA-Fin.

Design

The design of SOARCA

SOARCA-GUI

Contribution Guidelines

How to contribute to SOARCA

Release Notes

About

Frequently asked questions


Last modified December 19, 2024: Feature/docs/281 add documentation on advanced installation and configuration (#286) (fe560ac)