Bennet also works at Esyoil where they are actively using CrowdSec in their production environment as he will explain in the interview. Actually, Bennet first reached out to us with suggestions for improvement but then ended up liking CrowdSec so much that he enrolled as an ambassador. We’re very happy about that and for everything, […]

CrowdSec is now a proud member of the Alliance for Digital Trust (ACN – Alliance pour la Confiance Numérique). The Alliance pour la Confiance Numérique (ACN – Alliance for Digital Trust) represents organizations (world leaders, SMEs, and mid-sized enterprises) in the digital economy, particularly those specializing in cybersecurity, digital identity, and artificial intelligence. The ACN […]

In this article, I’ll describe how to install the CrowdSec agent and the firewall bouncer directly on Raspberry Pi OS and convert it into a sort of honeypot using endlessh (an ssh tarpit) and a web server which only purpose is for CrowdSec to detect attacks in its logfiles. Raspberry Pi is a perfect device […]

In this tutorial, we will cover installing and securing a Nextcloud instance with the CrowdSec software. Nextcloud is an extensible collaborative drive tool to replace traditional office suites and drives. (GSuite and Microsoft 365). The focus is on privacy with an easily self-hosting tool. CrowdSec is a collaborative security solution based on the principle of analysis and the correlation […]

This article is a direct translation from Florian Burnel’s work on his blog, IT Connect. The original piece can be found here If you want to install CrowdSec on a Microsoft Exchange 2019 server, you can find a tutorial also written by Florian Burnel and translated to English, here. I. Introduction Until today, the CrowdSec agent […]

We were so lucky to get an interview with early CrowdSec supporter and contributor of the CrowdSec Traefik bouncer Fabien Bonalair. The Traefik bouncer empowers existing Traefik Proxy users to mitigate security threats from attackers directly in Traefik. Obviously, this is terrific – especially in a K8s environment where blocking traffic using a host firewall […]

As CrowdSec is approaching its second anniversary, our community is stronger than ever and increasing at an exponential rate. We reached a point where each day more than 1 million signals – data on nefarious IP activity –  is shared with CrowdSec, contributing to the biggest Cyber Threat Intelligence in the world. With 1.8 million […]

From day one, open-source has been a key pillar of CrowdSec. Our team works full-time on editing open-source software and actively promoting community building and development. But, to be able to spread the love broader, we rely on our international network of partners who are in charge of providing exceptional support to our clients. Today, […]

This new major version brings new features: Introduction Before we get started, here is a quick reminder of what a bouncer is in the CrowdSec ecosystem: pieces of standalone software in charge of acting upon blocked IPs. They can either be within the applicative stack or work out of the band. While the CrowdSec agents […]

Cyberattack attempts against companies and individuals happen almost every day, but this is not something that businesses talk about with a wider audience. If data about the attackers were shared among businesses, everyone would have a chance to better prepare for and fight against cyberattacks. Philippe Humeau, the CEO of CrowdSec, explained to Cybernews how […]

Based on the CrowdSec data shared by the community, this first edition of the report provides an overview of the main cyber threats identified worldwide. It was issued by leveraging the strength of the CrowdSec global community. Every single day, all members report and exchange cyber threat data with each other, making CrowdSec one of […]

The latest addition to CrowdSec was OPNsense, a FreeBSD distribution designed for security. OPNsense is easy to set up and offers a firewall and routing software to secure a network. It can be compared to pfSense from which it is derived. It is therefore widely used by companies. This tutorial covers how to install the […]

To get to know Gérald better, we asked him five questions.   Hey Gérald, can you tell our community about yourself? You can also call me Gandalf, edoukki, drEagle, Geronimo, Guignol…I took the name of “Gandalf from the Conjurers,” my own “hackers team” in my teenage years when I was already in the computer world […]

We’re honored to announce that CrowdSec, collaborative, free and open source security automation platform, has been named to G2’s Best Software Awards, placing #17, on the Security Products list. G2 is a software marketplace based on user reviews and feedback. It helps more than 60 million software buyers annually to discover, review and manage the […]

Introduction Each user who accesses your site is identifiable by an IP address. CrowdSec is an open source tool capable of determining whether this IP is potentially malicious or not. To do so, the CrowdSec agent that you will have installed on your server will analyze different data sources (log files, etc.). According to predefined remediation […]

Introduction In this tutorial, we are going to see how we can write a CrowdSec parser to process Asterisk logs and then how to write a CrowdSec scenario to detect common attacks (user enumeration, brute force …) on this service. Requirements In order to write the CrowdSec parser and scenario, we will need the following: […]

Qualys just published CVE-2021-4034 which is trivial to exploit and impacts a large variety of distributions and versions. In a nutshell, the vulnerability, also called PwnKit, allows for a local escalation of privilege (LPE), due to out-of-band writing, in Polkit’s Pkexec, an alternate solution to the “sudo” privilege management tool. Pkexec is installed by default […]

Today, we’re releasing version 1.3.0 of CrowdSec. What’s new in this release This release brings the support of Kinesis as a data source. While we were already supporting CloudWatch in the AWS universe, this data source suffers various limitations that don’t make it very fit when it comes to processing significant throughput of events (mostly […]

Introduction Hello again to the readers who have read the first part of the article about how to integrate CrowdSec to Kubernetes and detect attacks. For the others, welcome to part 2, which will cover the remediation part on Kubernetes and, more precisely, on Nginx Ingress Controller. First, you need to have a ready Kubernetes […]

It’s finally happening. We’re opening our own Discord server as a replacement for our Gitter. We’ll be keeping our Discourse. As it turns out those two – Discord and Discourse (or Disco2 as we call them internally) – supplement each other really well. Also, the new Discord fills an important role for us – or […]

At CrowdSec we want our users to protect themselves regardless of the tech stack they use. The simplest way to do that is to implement threat remediation at the network level, with a firewall bouncer. CrowdSec bouncers can also be set up at the upper levels of an applicative stack:  web server, CDN, and in […]