Welcome to the CrowdSec Blog

Explore CrowdSec’s enhanced CTI scoring system, now more explainable and reliable, with improved quantiles for accurate threat analysis and IP data tracking.

The CrowdSec WAF is a powerful solution that combines the classic benefits of a WAF with CrowdSec’s unique crowd-powered and behavior-based approach

Am I Under Attack leverages advanced AI algorithms to detect anomalies in your logs indicating more sophisticated or targeted attacks.

Discover how CrowdSec’s blocklists seamlessly integrate with Check Point’s firewall to minimize cyber intrusions and save firewall load times.

Effective CDR isn’t just about spotting and reacting to threats but also creating a proactive strategy that keeps your cloud infrastructure safe and resilient.

In a previous article, we introduced the CTI Report, this time, we are taking it a step further and introducing new and advanced search options for our IP lookup.  You now have access to multiple search options to accurately and effectively explore the CrowdSec CTI.   Let’s take a look. IP lookup search These new search […]

Learn how script-based attacks work, why it is difficult for traditional antivirus software to detect them, and how to properly detect and mitigate this threat.

In this article, we explore methods on how to improve ecommerce security, combat bots, block bad traffic, and cut your overall operational costs.

In this article, we shed some light on the ingress traffic vs. egress traffic paradigm and how CISO’s focus shifted from securing servers to securing users.

ScaleCommerce, a leading provider of high-performance and secure online shop solutions, uses CrowdSec to reduce operational costs and supercharge efficiency.

The collection of threat data is one of the most crucial stages, if not the most crucial, of the threat intelligence lifecycle. The quality of the data collected at this stage will define all the following stages. With low-quality, inaccurate, or undiversified data, the subsequent analysis will produce inaccurate results, leading to ineffective or even […]

In case you missed it, we recently announced the new Blocklists Catalog in the CrowdSec Console. In the catalog, you can find several blocklists centralized in one place, including third-party blocklists that are free to all users.  All users on the CrowdSec Console can subscribe their Security Engines to third-party blocklists to secure their systems […]

Explore the latest CVE-2024-4577 PHP-CGI Argument Injection vulnerability and learn how to detect and block malicious IPs attempting to exploit it.

Find out the truth about many SOC teams’ misconceptions of threat intelligence blocklists and why they are often perceived as complex and risky.

Learn how to configure the AWS WAF Remediation Component to protect applications running behind an ALB that can block both IPs and countries.

Learn how to protect your serverless applications hosted behind CloudFront or Application Load Balancer with CrowdSec and the AWS WAF.

By integrating CrowdSec with the ELK stack via Syslog, you can enhance your security monitoring capabilities and bolster your threat detection mechanisms.

Follow our journey as we upgrade the CrowdSec infrastructure to allow our IPv6-only users to set up CrowdSec without any hiccups.

By leveraging CrowdSec’s open source and collaborative approach, Bordeaux IUT mitigates security risks and fosters a culture of transparency and resilience.

The CVE-2024-3273 exploit for D-Link NAS devices is being used aggressively by botnets hijacking IoT devices. Learn more about this exploit and how to block it.

We are introducing a much-needed revamp of the CrowdSec CTI report to empower threat hunters and analysts to swiftly locate vital threat information.