CrowdSec Console
Monitor cyber threats on online services

Connected to CrowdSec Agent, the Console provides a visual data panorama of threats, alerts, remediation decisions, and suspicious IP activity.
Get started for freeGet started for free
01/04

Connecting CrowdSec Agents to the Console

Access an instant overview and be alerted of all suspicious acting

  • Attach your existing CrowdSec Agent installations to the Console with a simple CLI command
  • Manage fleets of CrowdSec installations and monitor installed scenarios, bouncers, alerts or software versions
  • Manage your machines through naming and tagging
02/04

Get a visual overview of intrusion attempts

Explore all suspicious activity and intrusion attempts to  understand the threat landscape

  • Visualize all alerts on all installations either with a detailed list of all attacks or with charts
  • Explore the data with simple or complex filters (inclusion, exclusion through criteria...)
  • Click on an IP address to learn about its reputation
03/04

Understand suspicious activity on your services

CrowdSec reduces alert fatigue and allows users to focus on important threats and attacks

  • Identify which IP is attacking your services and through which attack vector
  • Analyze past activity history over time and months to identify trends and patterns
  • Create organizations, invite team members and share results for collaborative analysis
04/04

Leverage cyber threat intelligence from the CrowdSec community

CrowdSec Console shares data from the CrowdSec community-driven CTI to provide detailed information on each IP's activity and reputation

  • Assess the aggressivity of each IP, based on reports from the CrowdSec community
  • Find out more about offending IPs: country of origin, autonomous system, type of attacks, aggressivity level, report dates etc.
  • Understand how this IP is attacking your environment: how, when etc.

Why use the CrowdSec Console

Centralized overview of all your CrowdSec installations

Unique cockpit to manage all CrowdSec setups - detection scenarios, bouncers, updates

All alerts & attacks on all your servers in one place

Immediate overview of all threats, alerts on all your machines for faster decision-making

Bridge to the CrowdSec Cyber Threat Intelligence

Console offers an interface to access the community-fueled CTI to retrieve detailed intelligence on all attacking IP addresses

CrowdSec Agent in few figures

CrowdSec is a free, open-source and collaborative IPS. Analyze behaviors, respond to attacks & share signals across the community.

5.5M

Rogue IPs in the CTI database

30K

"Shoot-in-sight" IPs in the blocklist

2M

Signals/day received from the community

+50K

Machines contributing to the CTI

Why use the CrowdSec Console

Centralized overview of all your CrowdSec installations

Unique cockpit to manage all CrowdSec setups - detection scenarios, bouncers, updates

All alerts & attacks on all your servers in one place

Immediate overview of all threats, alerts on all your machines for faster decision-making

Bridge to the CrowdSec Cyber Threat Intelligence

Console offers an interface to access the community-fueled CTI to retrieve detailed intelligence on all attacking IP addresses

Run the Agent effectively on multiple platforms

OS

Linux
Linux
Coming soon
FreeBSD
FreeBSD
Coming soon
Windows
Windows
Coming soon
Open WRT
Open WRT
Coming soon

Services

Iptables
Iptables
Coming soon
Nftables
Nftables
Coming soon
Nginx
Nginx
Coming soon
Apache
Apache
Coming soon
Caddy
Caddy
Coming soon
PF
PF
Coming soon
Traefik
Traefik
Coming soon

Data sources

AWS Cloudwatch
AWS Cloudwatch
Coming soon
Amazon Kinesis
Amazon Kinesis
Coming soon
Docker
Docker
Coming soon

Platforms

Cloudflare
Cloudflare
Coming soon
AWS
AWS
Coming soon
Docker
Docker
Coming soon

Discover how companies are using our CTI

Select
esyoil is using CrowdSec Agent to bring multiple data sources together and block bad IPs before they even act, leveraging log analysis.
John DOE
 - 
CEO at Acme Inc.
EsyOil
Yannick Siegler has been one of our earliest adopters and most involved community members. Discover his CrowdSec Agent use cases, both personal and professional.
John Doe
 - 
CEO at Acme Inc.
Siegler Informatique
We had a chat with Dyllan Pascoe, co-founder of Lookopen. Find out how he used CrowdSec Agent and how it helped him secure his clients' IT assets.
John DOE
 - 
CEO at Acme Inc.
Lookopen

Get started with CrowdSec today

Install an agent
Select

$ curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | sudo bash
$ sudo apt-get install crowdsec

COPY CODE
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

$ curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.rpm.sh | sudo bash
$ sudo yum install crowdsec

COPY CODE
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

$ sudo apt-get install crowdsec

COPY CODE
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

$ docker run -d -v acquis.yaml:/etc/crowdsec/acquis.yaml -e COLLECTIONS="crowdsecurity/sshd" -v /var/log/auth.log:/var/log/auth.log -v /path/mycustom.log:/var/log/mycustom.log --name crowdsec crowdsecurity/crowdsec

COPY CODE
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

# pkg install crowdsec

COPY CODE
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

$ wget -qO - https://github.com/crowdsecurity/crowdsec/releases/latest/download/crowdsec-release.tgz | tar zxvf -
$ cd crowdsec-v* && sudo ./wizard.sh -i

COPY CODE
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

DIVE INTO CROWDEC’S UNIVERSE

Get started with
the Console today