Gain real-time & crowdsourced protection against aggressive IPs.

    Our mission is simple Make the Internet a safer place for everyone

    CrowdSec

    CrowdSec generates a real-time crowdsourced CTI (cyber threat intelligence database): when a malicious IP is identified and blocked locally, it is then shared with the community.

    Real-time data

    Zero-false positives

    Actionable Threat Intelligence

    Behavior analysis

    Contextualized data

    How the CrowdSec agent works

    Where you can use CrowdSec

    OS

    Services

    Languages & frameworks

    Plaftorms

    CrowdSec Threat Intelligence

    Community-fueled IP reputation database

    The most advanced real-world CTI

    Only highly accurate and detailed information

    Highly curated data sets

    Seamless integration with your cybersecurity solution

    CrowdSec Security Engine

    Local detection, global remediation

    CrowdSec Security Engine defends against intrusions by analyzing logs to identify and block offending IPs. Flagged IPs are then sent to the community blocklist to protect the Crowd.

    Real-time detection of suspicious traffic & behavior

    CrowdSec Security Engine, the open-source intrusion prevention system written in Go, protects against attacks on any server by parsing real-time service logs (servers, SSH, WordPress etc. logs) by detecting malicious behaviors.

    • A variety of scenarios to detect attacks: bruteforce, HTTP attacks, scans, L7 DDOS, website scalping/scrapping etc.
    • Compatible with most OS (Linux/BSD/Windows),  all popular servers (Nginx, Apache, Traefik, Caddy etc.), container-type setups
    • Can be used at the application level with WordPress, Magento, or any PHP or Python-based website

    Our bouncer blocks cyberattacks

    CrowdSec Security Engine comes with a remediation component, called “bouncer”, to act on identified threats. The bouncer interfaces with firewalls to ban or block nefarious IPs. It will also consume the community blocklist to preventively block IPs that have been shared by CrowdSec users.

    • Compatible with most firewalls (Iptables, Nftables), application firewalls (Cloudflare, AWS WAF) or dedicated OS (OPNSense)
    • Decoupled from the detection mechanism for flexible setups where detection is done on one machine, while remediation is achieved on other machines
    • Customizable. Custom bouncers can be created to execute any script, depending on your use case

    Community-fueled blocklist

    rowdSec uses the power of the crowd to maintain and distribute IP blocklists to preventively block intrusions. Based on the gathered behavior patterns, the service can assess the reputation of an IP address in real time.

    • Our curation mechanism ensures the reliability of the blocklists sent back to users. Combining a trust rank mechanism, behavior, our own honeypot network and a whitelist, the consensus engine ensures blocklists contain only “shoot-on-sight” IP addresses.
    • IP threat level is evaluated in stream processing, based on sightings from the CrowdSec network
    • This highly dynamic system ensures that blocklists contain no false positives or poisoning attempts, allowing your IPS to focus on really dangerous IPs.

    Open source since day 1

    Open-sourcing the CrowdSec Security Engine is critical to guarantee full transparency, quality and reliability to our users, while offering the community the opportunity to contribute at the code base.

    • Open-sourced under the MIT license, the most permissive in the world
    • We welcome contributions from the community whether it is to enhance the code base of the CrowdSec Security Engine or to create new attack detection scenarios, bouncers or ports on new platforms.
    • The CrowdSec Hub centralizes all detection scenarios, bouncers or collections developed by the CrowdSec team and the community. Check it out for the latest updates!

    How the CrowdSec Security Engine works

    The feed can be consumed by your firewall or any existing remediation mechanism.

    CrowdSec Security Engine key features

    Real-time decision management

    Complete real-time decision management within the console with the Polling API.

    Auditd
    Support

    It allows you to detect “Post Exploitation Behaviors”

    AWS Cloudtrail Scenarios

    Detect and better understand what is happening on your cloud.

    CAPI
    Allow list

    Create allow lists that also apply to the community blocklist.

    Detection Engine Improvements

    Experience increased efficiency with faster response times for high-volume log processing and a decrease in required processing power.

    Feature Flag
    Support

    Try all new beta features by activating manually features disabled by default.

    Kubernetes Audit Acquisition

    Monitor and protect your whole K8s cluster, not just the services running on it.

    New Blocklist API and Premium Blocklists

    Subscribe to at least 2 CrowdSec blocklists in addition to the community fuelled blocklists.

    Why use our Security Engine

    Reduce intrusions
    by 90%

    By using CrowdSec Security Engine, users noticed a 90% drop in intrusion attempts on their online services, due to the community blocklist containing a curated list of aggressive IPs.

    Eliminate alert fatigue with 0 false positive

    By preventively blocking aggressive IPs, and Internet background noise, SOC teams and security analysts can focus on alerts that matter.

    Seamless
    setup

    CrowdSec Security Engine was developed to fit the needs of modern IT setups. Working with all popular server OS, containers, servers and applications, the Security Engine is easy to set up and integrates effortlessly with your CI/CD process.

    CrowdSec Security Engine in few figures

    CrowdSec has quickly grown to become the largest crowd-powered CTI network.

    38M

    Rogue IPs in the CTI database

    45K

    “Shoot-in-sight” IPs in the blocklist

    14M

    Signals/day received from the community

    65K+

    Machines contributing to the CTI

    File TypeFile NameDownloadShare
    Data SheetCrowdSec two pager (PDF)

    日期

    標題

    CrowdSec Security Engine 1.5 is officially here!

    New IP External Blocklists

    Gain real-time & crowdsourced protection against aggressive IPs.

    Our mission is simple Make the Internet a safer place for everyone

    CrowdSec

    CrowdSec generates a real-time crowdsourced CTI (cyber threat intelligence database): when a malicious IP is identified and blocked locally, it is then shared with the community.

    Real-time data

    Zero-false positives

    Actionable Threat Intelligence

    Behavior analysis

    Contextualized data

    How the CrowdSec agent works

    Where you can use CrowdSec

    OS

    Services

    Languages & frameworks

    Plaftorms

    CrowdSec Threat Intelligence

    Community-fueled IP reputation database

    The most advanced real-world CTI

    Only highly accurate and detailed information

    Highly curated data sets

    Seamless integration with your cybersecurity solution

    Get Started with CrowdSec

    By submitting this form, you agree to be contacted about CrowdSec products. 

    Product Enquiry

    Tel: (65) 6296 4268
    Email: sales@version-2.com.sg

    test-02

    Whatapp Us

    test-03

    Partner Deal Registration

    Contact Us
    Register

    Product Enquiry

    Tel: (65) 6296 4268
    Email: sales@version-2.com.sg

    test-02

    Whatapp Us

    Contact Us
    test-03

    Partner Deal Registration

    Register