The best Hacker News stories from Show from the past day

from

All Show

from the past*

day week month

with these search terms:

Create follow Go back

Latest posts:

Show HN: Tracecat – Open-source security alert automation / SOAR alternative

Hi HN, we are building Tracecat (<a href="https://tracecat.com/">https://tracecat.com/</a>), an open source automation platform for security alerts. Tracecat automates the tasks a security analyst has to do when responding to a security alert: e.g. contact victims, investigate security logs, report vulnerability.<p>The average security analyst deals with 100 alerts per day. As soon as an alert comes in, you have to investigate and respond. An average alert takes ~30 minutes to analyze (and 100 x 30 min = 50 hours > one whole day) Lots of things get dropped, and this creates vulnerabilities. Many breaches can be traced back to week old alerts that didn’t get properly investigated.<p>Since the risks and costs are so high, top security teams currently pay Splunk SOAR $100,000/year to help automate alert processing. It’s a click-and-drag workflow builder with webhooks, REST API integrations, and JSON processors. A security engineer would use it to build alert automations that look like this: (1) webhook to receive alert (e.g. unusual powershell cmd) from Microsoft Defender; (2) send yes/no Slackbot to ask employee about the alert; (3) if confirmed as suspicious, send malware sample to VirusTotal for report (4) collect evidence from previous steps and dump it into a ticket.<p>If $100k a year seems wildly expensive for a Zapier-like platform, you’d be half right. Splunk SOAR is actually a Zapier + log search + Jira ticketing system.<p>Log storage—that’s how Splunk turns a $99/month workflow automation tool into a pricey enterprise product. Every piece of evidence collected (e.g. Slackbot response, malware report, GeoIP enrichment) and every past workflow trail has to be searchable by a human incident responder or auditor. Security teams need to know why every alert escalated to a SEV1 or not.<p>My cofounder and I are data engineers who fell into this space. We heard our security friends constantly complain about being priced out of a SOAR (security orchestration, automation, and response platform) like Splunk SOAR.<p>We both wrote a lot of event-driven code at school (Master’s thesis) and work (Meta / PwC). We’re also early adopters of Quickwit / Tantivy, an OSS alternative to Elasticsearch / Apache Lucene that is cheaper and faster. It didn’t seem that difficult to build a cheaper open source SOAR, so we decided to do it.<p>Tracecat is also different as it can run in a single VM / laptop. Splunk SOAR and Tines are built for Fortune 10 needs, which means expensive Kubernetes clusters. Most security teams don’t need that scale, but are forced to pay the K8s “premium” (high complexity, hard to maintain). Tracecat uses OSS embedded databases (SQLite) and an event processing engine we built using Python 3.12 asyncio.<p>So far, we’ve just got a bare-bones alpha but you can already do quite a few things with it. e.g. trigger event-driven workflows from webhooks; use REST API integrations; parse responses using JSONPath; control flow using conditional blocks; store logs cheaply in Tantivy; open cases directly from workflows; prioritize and manage cases in a Jira-like table.<p>Tracecat uses Pydantic V2 for fast input / output validation and Zod for fast form validation. We care a lot about data quality! It’s also Apache-2.0 licensed so anyone can self-host the platform.<p>On our roadmap: integrations with popular security tools (Crowdstrike, Microsoft defender); pre-built workflows (e.g. investigating phishing email); better docs; more AI features like auto-labeling tickets, extracting data from unstructured text etc.<p>We’re still early so would love your feedback and opinions. Feel free to try us out or share it with your security friends. We have a cloud version up and running: <a href="https://platform.tracecat.com">https://platform.tracecat.com</a>.<p>Dear HN readers, we’d love to hear your incident response stories and the software you use (or not) to automate the work. Stories from security, site reliability engineering, or even physical systems like critical infrastructure monitoring are all very welcome!

Show HN: Tracecat – Open-source security alert automation / SOAR alternative

Hi HN, we are building Tracecat (<a href="https://tracecat.com/">https://tracecat.com/</a>), an open source automation platform for security alerts. Tracecat automates the tasks a security analyst has to do when responding to a security alert: e.g. contact victims, investigate security logs, report vulnerability.<p>The average security analyst deals with 100 alerts per day. As soon as an alert comes in, you have to investigate and respond. An average alert takes ~30 minutes to analyze (and 100 x 30 min = 50 hours > one whole day) Lots of things get dropped, and this creates vulnerabilities. Many breaches can be traced back to week old alerts that didn’t get properly investigated.<p>Since the risks and costs are so high, top security teams currently pay Splunk SOAR $100,000/year to help automate alert processing. It’s a click-and-drag workflow builder with webhooks, REST API integrations, and JSON processors. A security engineer would use it to build alert automations that look like this: (1) webhook to receive alert (e.g. unusual powershell cmd) from Microsoft Defender; (2) send yes/no Slackbot to ask employee about the alert; (3) if confirmed as suspicious, send malware sample to VirusTotal for report (4) collect evidence from previous steps and dump it into a ticket.<p>If $100k a year seems wildly expensive for a Zapier-like platform, you’d be half right. Splunk SOAR is actually a Zapier + log search + Jira ticketing system.<p>Log storage—that’s how Splunk turns a $99/month workflow automation tool into a pricey enterprise product. Every piece of evidence collected (e.g. Slackbot response, malware report, GeoIP enrichment) and every past workflow trail has to be searchable by a human incident responder or auditor. Security teams need to know why every alert escalated to a SEV1 or not.<p>My cofounder and I are data engineers who fell into this space. We heard our security friends constantly complain about being priced out of a SOAR (security orchestration, automation, and response platform) like Splunk SOAR.<p>We both wrote a lot of event-driven code at school (Master’s thesis) and work (Meta / PwC). We’re also early adopters of Quickwit / Tantivy, an OSS alternative to Elasticsearch / Apache Lucene that is cheaper and faster. It didn’t seem that difficult to build a cheaper open source SOAR, so we decided to do it.<p>Tracecat is also different as it can run in a single VM / laptop. Splunk SOAR and Tines are built for Fortune 10 needs, which means expensive Kubernetes clusters. Most security teams don’t need that scale, but are forced to pay the K8s “premium” (high complexity, hard to maintain). Tracecat uses OSS embedded databases (SQLite) and an event processing engine we built using Python 3.12 asyncio.<p>So far, we’ve just got a bare-bones alpha but you can already do quite a few things with it. e.g. trigger event-driven workflows from webhooks; use REST API integrations; parse responses using JSONPath; control flow using conditional blocks; store logs cheaply in Tantivy; open cases directly from workflows; prioritize and manage cases in a Jira-like table.<p>Tracecat uses Pydantic V2 for fast input / output validation and Zod for fast form validation. We care a lot about data quality! It’s also Apache-2.0 licensed so anyone can self-host the platform.<p>On our roadmap: integrations with popular security tools (Crowdstrike, Microsoft defender); pre-built workflows (e.g. investigating phishing email); better docs; more AI features like auto-labeling tickets, extracting data from unstructured text etc.<p>We’re still early so would love your feedback and opinions. Feel free to try us out or share it with your security friends. We have a cloud version up and running: <a href="https://platform.tracecat.com">https://platform.tracecat.com</a>.<p>Dear HN readers, we’d love to hear your incident response stories and the software you use (or not) to automate the work. Stories from security, site reliability engineering, or even physical systems like critical infrastructure monitoring are all very welcome!

Show HN: Tracecat – Open-source security alert automation / SOAR alternative

Hi HN, we are building Tracecat (<a href="https://tracecat.com/">https://tracecat.com/</a>), an open source automation platform for security alerts. Tracecat automates the tasks a security analyst has to do when responding to a security alert: e.g. contact victims, investigate security logs, report vulnerability.<p>The average security analyst deals with 100 alerts per day. As soon as an alert comes in, you have to investigate and respond. An average alert takes ~30 minutes to analyze (and 100 x 30 min = 50 hours > one whole day) Lots of things get dropped, and this creates vulnerabilities. Many breaches can be traced back to week old alerts that didn’t get properly investigated.<p>Since the risks and costs are so high, top security teams currently pay Splunk SOAR $100,000/year to help automate alert processing. It’s a click-and-drag workflow builder with webhooks, REST API integrations, and JSON processors. A security engineer would use it to build alert automations that look like this: (1) webhook to receive alert (e.g. unusual powershell cmd) from Microsoft Defender; (2) send yes/no Slackbot to ask employee about the alert; (3) if confirmed as suspicious, send malware sample to VirusTotal for report (4) collect evidence from previous steps and dump it into a ticket.<p>If $100k a year seems wildly expensive for a Zapier-like platform, you’d be half right. Splunk SOAR is actually a Zapier + log search + Jira ticketing system.<p>Log storage—that’s how Splunk turns a $99/month workflow automation tool into a pricey enterprise product. Every piece of evidence collected (e.g. Slackbot response, malware report, GeoIP enrichment) and every past workflow trail has to be searchable by a human incident responder or auditor. Security teams need to know why every alert escalated to a SEV1 or not.<p>My cofounder and I are data engineers who fell into this space. We heard our security friends constantly complain about being priced out of a SOAR (security orchestration, automation, and response platform) like Splunk SOAR.<p>We both wrote a lot of event-driven code at school (Master’s thesis) and work (Meta / PwC). We’re also early adopters of Quickwit / Tantivy, an OSS alternative to Elasticsearch / Apache Lucene that is cheaper and faster. It didn’t seem that difficult to build a cheaper open source SOAR, so we decided to do it.<p>Tracecat is also different as it can run in a single VM / laptop. Splunk SOAR and Tines are built for Fortune 10 needs, which means expensive Kubernetes clusters. Most security teams don’t need that scale, but are forced to pay the K8s “premium” (high complexity, hard to maintain). Tracecat uses OSS embedded databases (SQLite) and an event processing engine we built using Python 3.12 asyncio.<p>So far, we’ve just got a bare-bones alpha but you can already do quite a few things with it. e.g. trigger event-driven workflows from webhooks; use REST API integrations; parse responses using JSONPath; control flow using conditional blocks; store logs cheaply in Tantivy; open cases directly from workflows; prioritize and manage cases in a Jira-like table.<p>Tracecat uses Pydantic V2 for fast input / output validation and Zod for fast form validation. We care a lot about data quality! It’s also Apache-2.0 licensed so anyone can self-host the platform.<p>On our roadmap: integrations with popular security tools (Crowdstrike, Microsoft defender); pre-built workflows (e.g. investigating phishing email); better docs; more AI features like auto-labeling tickets, extracting data from unstructured text etc.<p>We’re still early so would love your feedback and opinions. Feel free to try us out or share it with your security friends. We have a cloud version up and running: <a href="https://platform.tracecat.com">https://platform.tracecat.com</a>.<p>Dear HN readers, we’d love to hear your incident response stories and the software you use (or not) to automate the work. Stories from security, site reliability engineering, or even physical systems like critical infrastructure monitoring are all very welcome!

Show HN: Jampack – Optimizes static websites as a post-processing step

Hi!<p>Jampack is a post-processing tool that takes the output of your Static Site Generator (aka SSG) and optimizes it for best user experience and best Core Web Vitals scores.<p>As of today it can:<p>- Optimize local images, CDN images or external images<p>- Optimize above-the-fold vs below-the-fold<p>- Limit images max width<p>- Inline critical CSS<p>- Prefetch links on scroll<p>- Improve browser compatibility<p>- Auto-fixes HTML issues<p>- Warn for HTML accessibility issues<p>- Compress all assets in the end<p>It processes directly the static output so it's compatible with any SSG or framework. We are intensively using it as a post-processing step to our Astro websites for example.<p>With Jampack, we end-up focusing more on how simple, readable and maintainable our code is, throw images of any size, and let it optimize for maximum performance.<p>We hope this can be helpful to lot of people! Cheers, Georges and the ‹div›RIOTS team!

Show HN: Jampack – Optimizes static websites as a post-processing step

Hi!<p>Jampack is a post-processing tool that takes the output of your Static Site Generator (aka SSG) and optimizes it for best user experience and best Core Web Vitals scores.<p>As of today it can:<p>- Optimize local images, CDN images or external images<p>- Optimize above-the-fold vs below-the-fold<p>- Limit images max width<p>- Inline critical CSS<p>- Prefetch links on scroll<p>- Improve browser compatibility<p>- Auto-fixes HTML issues<p>- Warn for HTML accessibility issues<p>- Compress all assets in the end<p>It processes directly the static output so it's compatible with any SSG or framework. We are intensively using it as a post-processing step to our Astro websites for example.<p>With Jampack, we end-up focusing more on how simple, readable and maintainable our code is, throw images of any size, and let it optimize for maximum performance.<p>We hope this can be helpful to lot of people! Cheers, Georges and the ‹div›RIOTS team!

Show HN: Jampack – Optimizes static websites as a post-processing step

Hi!<p>Jampack is a post-processing tool that takes the output of your Static Site Generator (aka SSG) and optimizes it for best user experience and best Core Web Vitals scores.<p>As of today it can:<p>- Optimize local images, CDN images or external images<p>- Optimize above-the-fold vs below-the-fold<p>- Limit images max width<p>- Inline critical CSS<p>- Prefetch links on scroll<p>- Improve browser compatibility<p>- Auto-fixes HTML issues<p>- Warn for HTML accessibility issues<p>- Compress all assets in the end<p>It processes directly the static output so it's compatible with any SSG or framework. We are intensively using it as a post-processing step to our Astro websites for example.<p>With Jampack, we end-up focusing more on how simple, readable and maintainable our code is, throw images of any size, and let it optimize for maximum performance.<p>We hope this can be helpful to lot of people! Cheers, Georges and the ‹div›RIOTS team!

Show HN: Love Ruby but meh Daily Stand-ups (DSU)? You might like my gem:)

I love ruby and rails, but agile Daily-Stand-ups (DSU) are a pain in the butt. I have a hard time remembering what to share; what I did yesterday, one-offs I did the day before because I completely forgot. Anyhow, I created this really lovely little, but powerful ruby gem, called dsu. Currently, we're a small, but dedicated band of users who love the tool. You may love it also. If anyone wants to give it a try. Enjoy:<p>Visit the dsu ruby gem wiki: <a href="https://github.com/gangelo/dsu/wiki">https://github.com/gangelo/dsu/wiki</a> Straight to rubygems.org: <a href="https://rubygems.org/gems/dsu" rel="nofollow">https://rubygems.org/gems/dsu</a>

Show HN: PgJQ: Use Jq in Postgres

Show HN: Jumprun – AI-powered research as interactive canvases

Hey HN! We're super excited to share our labor of love, Jumprun, which we've just opened up to everyone to try for free.<p>Jumprun is an AI-powered research tool that whips up stunning, interactive canvases. It can dive into websites, YouTube, X, and more. You can keep your canvases fresh with scheduled daily updates, and share them with the world.<p>Check out some cool canvases we've whipped up:<p>- Gleam language news: <a href="https://jumprun.ai/share/canvas/01HSM7G0TBYTJWDYRFET16DFJQ" rel="nofollow">https://jumprun.ai/share/canvas/01HSM7G0TBYTJWDYRFET16DFJQ</a> - Cybertruck reviews: <a href="https://jumprun.ai/share/canvas/01HSKTGQEGB58Y1BABY0KRRAQ0" rel="nofollow">https://jumprun.ai/share/canvas/01HSKTGQEGB58Y1BABY0KRRAQ0</a> - Apple Vision Pro reviews: <a href="https://jumprun.ai/share/canvas/01HNXB2K3GM7KPRP45Y2CVVJSC" rel="nofollow">https://jumprun.ai/share/canvas/01HNXB2K3GM7KPRP45Y2CVVJSC</a> - Things to do in San Francisco: <a href="https://jumprun.ai/share/canvas/01HSPRS3YXXJ9TV90P18MBZRPS" rel="nofollow">https://jumprun.ai/share/canvas/01HSPRS3YXXJ9TV90P18MBZRPS</a><p>Jumprun was in closed beta for a bit because GPT4-Turbo was burning a hole in our pockets. But when Anthropic dropped Claude3 Haiku and Sonnet, we saw an opportunity to use them to slash costs and get Jumprun out to all of you. We're now rocking Haiku for research and Sonnet for the final "analysis," and the results are pretty great. We even think they might be better than GPT4-Turbo!<p>If you've got any technical questions, fire away! We're currently trying to nail down product-market fit and figure out where to focus re: features and use cases. We'd love to hear your thoughts!<p>Thanks a ton! - Ben and Rico

Show HN: Codel – Autonomous Open Source AI Developer Agent

Show HN: Wirequery – Full-stack session replay and more

Show HN: FXYT – Tiny, esoteric, stack-based, postfix, canvas colouring language

Show HN: FXYT – Tiny, esoteric, stack-based, postfix, canvas colouring language

Show HN: Glossarie – a new, immersive way to learn a language

Hi HN, For over two years I've been working on an App to learn languages (currently French, Italian and Spanish), together with my partner, a language teacher. I think it is finally ready to share with this community!<p>The idea is to introduce vocabulary and grammar whilst you read eBooks in your own language. I've found that it is easier to remember vocabulary 'in context' and with regular repetition. Plus you don't have to carve out dedicated time for language learning. Other apps require you to build a habit around various exercises or ‘games’, whereas lots of people already read books.<p>From testing with early users so far it's proving effective for building a basic understanding of a language and quickly getting to the point where you can read and broadly understand text in the target language. It’s even better in combination with other apps that help with listening/speaking like Pimsleur.<p>There were lots of technical challenges making this. It turned out to be (reassuringly) hard to get accuracy to an acceptable level, requiring a rabbit-hole into machine translation. There was a lot of testing required to optimise the engine that chooses the translations to show and to reduce the friction when reading books. And the backend to support uploading books is a beast in itself. I’d love to share details if there is interest.<p>Roadmap<p>- Accuracy - 100% accuracy is the target, but at present there can be errors. Feedback from users will be important here so that accuracy issues can be generalised and solved at scale. Errors can be reported within the app - please do so if you spot anything!<p>- Dynamic difficulty - rather than have a progression of difficulty levels I’d prefer to introduce vocabulary and grammar automatically in response to user progress, balancing against the friction of seeing unfamiliar words. There’s a lot ‘under the hood’ to manage this today, but plenty of room to improve.<p>- More practice features - to reinforce vocabulary/grammar and support writing, listening and speaking.<p>- Better eBook support - improving the formatting of eBooks within the app and providing more methods for finding good books to read.<p>Use of AI<p>- LLMs provided a step change in accuracy and have enabled a feature that explains translations and grammar to the user<p>- vastly improving the utility versus a year ago.<p>- I believe apps like this, which use AI to enhance or scale functionality rather than simply acting as a wrapper over APIs, will be the major beneficiaries as LLMs improve.<p>Take a look, and let me know your thoughts or questions!

Show HN: Glossarie – a new, immersive way to learn a language

Hi HN, For over two years I've been working on an App to learn languages (currently French, Italian and Spanish), together with my partner, a language teacher. I think it is finally ready to share with this community!<p>The idea is to introduce vocabulary and grammar whilst you read eBooks in your own language. I've found that it is easier to remember vocabulary 'in context' and with regular repetition. Plus you don't have to carve out dedicated time for language learning. Other apps require you to build a habit around various exercises or ‘games’, whereas lots of people already read books.<p>From testing with early users so far it's proving effective for building a basic understanding of a language and quickly getting to the point where you can read and broadly understand text in the target language. It’s even better in combination with other apps that help with listening/speaking like Pimsleur.<p>There were lots of technical challenges making this. It turned out to be (reassuringly) hard to get accuracy to an acceptable level, requiring a rabbit-hole into machine translation. There was a lot of testing required to optimise the engine that chooses the translations to show and to reduce the friction when reading books. And the backend to support uploading books is a beast in itself. I’d love to share details if there is interest.<p>Roadmap<p>- Accuracy - 100% accuracy is the target, but at present there can be errors. Feedback from users will be important here so that accuracy issues can be generalised and solved at scale. Errors can be reported within the app - please do so if you spot anything!<p>- Dynamic difficulty - rather than have a progression of difficulty levels I’d prefer to introduce vocabulary and grammar automatically in response to user progress, balancing against the friction of seeing unfamiliar words. There’s a lot ‘under the hood’ to manage this today, but plenty of room to improve.<p>- More practice features - to reinforce vocabulary/grammar and support writing, listening and speaking.<p>- Better eBook support - improving the formatting of eBooks within the app and providing more methods for finding good books to read.<p>Use of AI<p>- LLMs provided a step change in accuracy and have enabled a feature that explains translations and grammar to the user<p>- vastly improving the utility versus a year ago.<p>- I believe apps like this, which use AI to enhance or scale functionality rather than simply acting as a wrapper over APIs, will be the major beneficiaries as LLMs improve.<p>Take a look, and let me know your thoughts or questions!

Show HN: Rotary Phone Project

Show HN: Rotary Phone Project

Show HN: Rotary Phone Project

Show HN: Lapdev, a new open-source remote dev environment management software

Show HN: Lapdev, a new open-source remote dev environment management software