Outnumbering cybercriminals all together

Gain crowd-sourced protection against malicious IPs.

Discover our products

Illustration of the heart not yet protect by CrowdSecIllustration of the heart not yet protect by CrowdSec

Why Crowdsec

Cybercriminals need IP addresses to mask their locations. By teaming together, we burn a resource precious to their operations. CrowdSec is a platform federating blue teamsto secureall Internet-exposed infrastructures.

PRODUCTS

CrowdSec offers a crowd-based cyber security suite to protect your online services, visualize & act upon threats, and a TIP (Threat Intel Platform) to block malicious IPs.

HOW TO GET started?

01
Install the Agent on your servers
02
Create an account on the Console
03
Use global CTI to detect cyber attacks
01
CrowdSec Agent

The collaborative malicious activity detection and remediation tool. And it’s open-source & free!

graphic illustration for the product crowdsec agent
Crowdsec Agent
Crowdsec Console
02
CrowdSec Console

The cockpit to monitor your server's security, visualize intrusion attempts, get alerts on unusual activities, and collect intelligence on IP addresses.

graphic illustration for the product crowdsec console
03
CrowdSec Threat Intelligence

The largest Cyber Threat Intelligence (CTI) network on earth, fueled in real time by the CrowdSec community. 

graphic illustration for the product crowdsec threat intelligence

CrowdSec in figures

Alpaga icon

18 million

Rogue IPs detected

Yellow Github Icon

5.8k

Stars on GitHub

Earth icon

174

Countries

People icon

135k

Installations

Curved blue backgroundCurved blue backgroundCurved blue background

Where you can use CrowdSec

CrowdSec runs on Linux, Windows, VMs, containers or bare-metal servers. It can even be interfaced with your existing code through our API.

OS

Linux
Linux
Coming soon
FreeBSD
FreeBSD
Coming soon
Windows
Windows
Coming soon
Open WRT
Open WRT
Coming soon

Services

Iptables
Iptables
Coming soon
Nftables
Nftables
Coming soon
Nginx
Nginx
Coming soon
Apache
Apache
Coming soon
Caddy
Caddy
Coming soon
PF
PF
Coming soon
Traefik
Traefik
Coming soon

Languages & Frameworks

JS
JS
Coming soon
PHP
PHP
Coming soon
Wordpress
Wordpress
Coming soon
Python
Python
Coming soon

Platforms

Cloudflare
Cloudflare
Coming soon
AWS
AWS
Coming soon
Docker
Docker
Coming soon

The open-source and collaborative IPS

3 alpacas with sunglasses in an icon

When tens of thousands join forces

Using our free & open-source Agent, you protect your infrastructures and enroll in the largest CTI network on earth. You contribute and curate our real-time blocklist, adding and removing IP addresses as they are used and dropped by criminals.

Icon to illustrate global protection

Local detection, global protection

The IDS automatically identifies 50+ suspicious behaviors in logs and blocks the aggressive IP behind them. This IP is then shared in the network to adjust its real-time reputation. If enough different agents around the world are also tagging the IP, it integrates a global blocklist..

Icon representing a rocket to illustrate high performance

High Performance

Using Go for ultra-fast execution & low-memory usage, CrowdSec’s IDS is well suited to be the CWPP/CNAPP of your containers but can also analyze thousands of log lines per second in any regular Windows, Linux or BSD environment (IPV4 & IPV6 addresses are handled).

Dashboard icon

Observability

With CrowdSec SaaS console, you can manage fleets of servers & workloads, visualize attacks and alerts in real-time, and remediate intrusion attempts in any way you see fit.

Earth Icon to illustrate cumulating layers of defence

Let our data reinforce your existing tools

CrowdSec is all about data and API. The global network wisdom can be directly injected into any firewall appliance, load balancer, reverse proxy, or at higher levels in business stacks. Let the API tell your tools whether we know about the IP connecting and what we recommend.

Control icon to illustrate GDPR compliance

GDPR Compliant

Sharing is caring but privacy matters even more. We collect the very strict minimum in order to be GDPR compliant. We never export your logs . The only data sent for curation are a timestamp, the aggressive IP, and the scenario used in the attack.

Icon representing a magic wand to illustrate the ease of use

Ease of use

CrowdSec is developed by former pentesters, SecOps & DevOps, to be a fire-and-forget and easy-to-deploy software.

CrowdSec is available on a variety of OS & containers, and integrated with a large number of services (servers, proxies, WAFs , etc.).

3 alpacas with sunglasses in a medal

Join the crowd

Our core advantage over the cybercriminals? Our strength in numbers. Together, we stand as a community and act swiftly in coordination. When we join forces, we outnumber the criminals and burn their IPs, one by one, crippling their anonymity.

Illustration of the world map, with little alpacas everywhere, carrying flags
Illustration of an insect robot
Illustration of a crab robot

Leverage CrowdSec across various verticals

Select
CrowdSec for 

VOIP

VOIP operators are frequently the target of credential thefts, allowing criminals to call additionally taxed telephone number services they own to cash-in money. CrowdSec protects VOIP servers by detecting and blocking credential brute forces attacks.

VOIP
CrowdSec for 

Ecommerce

Ecommerce websites are amongst the most attacked websites. Most commun attemps include page scraping, credit card stuffing, credential stealing or scalping. CrowdSec provides protection against intrusion attempts by detecting all malicious activity and banning nefarious traffic while limiting false positives.

Ecommerce
CrowdSec for 

MSSP

CrowdSec offers Managed Security Service Companies a simple all-in-one tool to monitor intrusion attempts on fleets of servers. Able to detect a large variety of attacks, CrowdSec comes with a dedicated SaaS tool to visualise and remediate all nefarious activity.

MSSP
CrowdSec for 

SOC teams

With 50% of internet traffic generated by bots, Security Operations Center analysts are frequently overwhelmed with alerts and false positives. CrowdSec identifies automated and malicious trafic to feed only highly curated data to analysts, to remove alert fatigue and allowing users to focus on high priority threats.

SOC teams

Discover how companies are using CrowdSec

See all use cases

Lookopen

We had a chat with Dyllan Pascoe, co-founder of Lookopen. Find out how he used CrowdSec and how it helped him secure his clients' IT assets.

Read use case

Siegler Informatique

Yannick Siegler has been one of our earliest adopters and most involved community members. Discover his CrowdSec use cases, both personal and professional.

Read use case

EsyOil

Esyoil is using CrowdSec to bring multiple data sources together and block IPs before they even act, leveraging log analysis.

Read use case
2 purple alpacas in suits and sunglasses

Open-source before it was cool

At CrowdSec we believe the best way to develop cybersecurity software is through open-source. We are all about transparency, trust and code quality. 

The Agent has always been and will always remain open source (MIT license). We will open source other components of the CrowdSec solution in the future.

DIVE INTO CROWDEC’S UNIVERSE

Get started with
CrowdSec today