CrowdSec

CrowdSecCyber Threat Intelligence

The largest and most diverse CTI network on earth

Delivering key contextualized and curated benchmarking insights from real users across the globe.

Try it nowWatch it live
CTI hero

The CrowdSec CTI Network in Figures

Access the most advanced real-world CTI. The CrowdSec CTI distributes IP reputation intelligence and aids threat hunters in detecting, investigating, and responding to cyber threats more effectively and efficiently.

25M+

Malicious IPs in our CTI database

80K+

Machines from real users contributing to the network

12M+

Signals received on average per day

190+

Countries representing our database

Understand Your Attackers

Blocking any and all aggressive IPs is a solid option. But blocking IPs based on unwanted behaviors that have the potential to harm your infrastructure, gives you greater flexibility and targeted protection for your perimeter.

Search for free

IP Range, Domains, and Top ClassificationsComprehensive profile of an IP address.

Crowd ConfidenceLevel of confidence from users in the CrowdSec Network reporting an IP.

Location OriginThe geographical location where an IP address is based.

Background NoiseReflects automatic and mild attacks at a large scale, without a specific target, at a constant pace over time.

IP AggressivenessSeverity of an IP's malicious activities.

ActivityReflects how active an IP has been in the last 3 months.

Attack DetailsSummarizes specific attack scenarios linked to an IP.

Top Targeted CountriesCountries mostly targeted by an IP.

Questions Threat Hunters Answer with CrowdSec Cyber Threat Intelligence

Which cyber threats pose the greatest risk to my organization's security?

What specific threats should I prioritize in my security efforts?

How can I effectively track and analyze the origin of cyber threats?

How can I effectively track and analyze the origin of cyber threats?

The Network Effect of Cyber Threat Intelligence

We believe the best way to defend against cyber threats is to work together by sharing information and collaborating as one.

Our open source Security Engine sits at the heart of our data collection and it is built on community intelligence, giving us a bird’s eye view of the global attack landscape and allowing us to detect advanced behaviors and cyber attacks like never before. Security Engine users actively contribute to a network of threat intelligence that strengthens the defense of the entire CrowdSec Network.

Learn more

How Can I Access the Threat Intelligence Feed?

Query the CrowdSec CTI to understand more about the IP addresses that have been targeting your online systems.

You can query the CrowdSec CTI in two ways.

Sign up to CrowdSec Console for free

Create a CrowdSec Console account and get 50 queries per day for free, including full information on any given IP. Upgrade your plan to increase your query limit.

Sign up nowWatch it live
Sign up

Query and IP address directly in the search bar

You can query the CrowdSec CTI without a Console account directly from the IP search bar. You get 50 queries per day and limited information on any given IP. To get detailed information on an IP, create a CrowdSec Console account.

Try it now
Sign up

Leading Threat Intelligence

Download our Majority Report and discover key insights on emerging threats.

Download Now
Leading Threat Intelligence

Have questions?

Speak with one of our experts or ask your question on Discord

Speak to an expertJoin our Discord