Company:CrowdSec

From HandWiki

Crowdsec is a France startup that owns an open source software for identifying and sharing malicious IP addresses.[1][2] It was founded in 2019 by Philippe Humeau,[3] Laurent Soubrevilla[4] and Thibault Koechlin.[5]

CrowdSec
TypePrivate
FounderPhilippe Humeau

Laurent Soubrevilla

Thibault Koechlin
Headquarters
Montrouge
,
France
Number of employees
29
Websitehttps://www.crowdsec.net

Functioning

CrowdSec works by looking for aggressive IP address behavior by reading service, container or server logs. These logs can be local (Linux / BSD / Windows) or come from a SIEM (ELK) or directly from a cloud service (Cloudtrail, pubsub, etc.).

When an IP address is identified by the security engine as actively attempting to penetrate or corrupt the protected system, it is blocked by a remediation component that may be part of the CrowdSec solution or may already exist (firewall, proxy, etc. .). Several remedial choices are offered, ranging from banning the IP to sending a Captcha or even Http notification, depending on the context and needs.

The system is participatory because if an IP address exhibiting aggressive behavior is spotted by a member of the user network, its report is confronted with the entire network for approval. If a sufficient number of trusted participants report the same behavior from this IP, it is then included in a block list distributed to all participants. The IP is then removed from this list when network participants stop reporting it for a sufficient period of time.[6]

The block list provides protection against attacks aimed at exploiting massive vulnerabilities on the Internet, while the security engine aims to protect against targeted attacks.[7]

License

The security engine that analyzes logs and responds to threats is open source and distributed under the MIT license. Software is free to use and the company is remunerated on the sale of signals to customers not participating in the detection network as well as by providing additional services oriented towards large accounts.[8]

History

In October 2021, during its first participation in the Assises de la Sécurité, CrowdSec presented its open source security suite. This suite includes an MIT-licensed Intrusion Detection System (IDS), as well as a free Intrusion Prevention System (IPS) that helps manage attacks based on each company's specific business needs. In addition, the suite also includes Collective Threat Intelligence (CTI) to protect all users.[9]

By 2021, CrowdSec has crawled over 13,0000 IP addresses.[10] and is used in over 90 countries

In February 2022, Crowdsec launched its tool on OPNsense, an open source firewall and routing software based on FreeBSD.[11][12]

Fundraising

In October 2020, Crowdsec carried out its first fundraising of 1.5 million euros, carried out with business angels and organized by Reflexion Capital.[13][14]

In May 2021, the startup CrowdSec raised 4 million euros in seed from Breega to develop its platform.[15][16]

In October 2022, Crowdsec raised 14 million euros in Serie A from Supernova Invest (Lead),[17] Breega (follow-on)[18] & Louis Christophe Laurent (BA)[19]

References

  1. Krim, Mourad (2023-05-30). "CrowdSec Engine 1.5, la solution de cybersécurité communautaire fournit des informations contextuelles sur les menaces" (in fr-FR). https://itsocial.fr/actualites/crowdsec-engine-1-5-la-solution-de-cybersecurite-communautaire-fournit-des-informations-contextuelles-sur-les-menaces/. 
  2. "Crowdsec leverages crowdsourcing to reinvent cybersecurity economics" (in en-US). 2021-05-04. https://venturebeat.com/business/crowdsec-leverages-crowdsourcing-reinvent-cybersecurity-economics/. 
  3. "CrowdSec : une approche collective de la protection contre les menaces" (in fr). https://www.lemagit.fr/tribune/CrowdSec-une-approche-collective-de-la-protection-contre-les-menaces. 
  4. "Crowdsec, la start-up qui disrupte le marché de la cybersécurité" (in fr). https://www.bfmtv.com/economie/replay-emissions/hashtag-decryptage/crowdsec-la-start-up-qui-disrupte-le-marche-de-la-cybersecurite_AB-202305190310.html. 
  5. "CrowdSec, le logiciel collaboratif qui lutte contre les cybermenaces" (in fr). 2022-10-06. https://www.lesechos.fr/start-up/deals/crowdsec-le-logiciel-collaboratif-qui-lutte-contre-les-cybermenaces-1866765. 
  6. "Le français CrowdSec tente une protection cyber collaborative" (in fr). 2022-10-06. https://www.lefigaro.fr/secteur/high-tech/le-francais-crowdsec-tente-une-protection-cyber-collaborative-20221006. 
  7. "CrowdSec believes using an IDS is the key to stopping hackers" (in en-US). 2022-10-06. https://venturebeat.com/security/crowdsec-ips/. 
  8. "Crowdsec, un outil de prévention d'intrusions, conçu pour protéger les serveurs, les services et les conteneurs, présenté comme une version modernisée et collaborative de Fail2Ban" (in fr-FR). 6 March 2021. https://securite.developpez.com/actu/313207/Crowdsec-un-outil-de-prevention-d-intrusions-concu-pour-proteger-les-serveurs-les-services-et-les-conteneurs-presente-comme-une-version-modernisee-et-collaborative-de-Fail2Ban/. 
  9. "Philippe Humeau, Président de CrowdSec : Notre approche est que l'on est fort tous ensemble" (in fr). 2023-06-02. https://www.globalsecuritymag.fr/Philippe-Humeau-President-de,20211001,116627.html. 
  10. "Crowdsec, un outil de prévention d'intrusions, conçu pour protéger les serveurs, les services et les conteneurs, présenté comme une version modernisée et collaborative de Fail2Ban" (in fr-FR). 6 March 2021. https://securite.developpez.com/actu/313207/Crowdsec-un-outil-de-prevention-d-intrusions-concu-pour-proteger-les-serveurs-les-services-et-les-conteneurs-presente-comme-une-version-modernisee-et-collaborative-de-Fail2Ban/. 
  11. Korben (2022-02-24). "CrowdSec débarque sur OPNsense" (in fr-FR). https://korben.info/articles/crowdsec-opnsense. 
  12. CrowdSec. "Cybersecurity Platform CrowdSec Announces Compatibility With Windows, Synology, OPNSense And Magento" (in en). https://www.prnewswire.com/news-releases/cybersecurity-platform-crowdsec-announces-compatibility-with-windows-synology-opnsense-and-magento-301532917.html. 
  13. "CrowdSec veut devenir le « Waze » de la cybersécurité" (in fr). 2020-10-15. https://www.lesechos.fr/pme-regions/innovateurs/crowdsec-veut-devenir-le-waze-de-la-cybersecurite-1255803. 
  14. "Lutte contre les IP malveillantes : CrowdSec lève 1,5 M€ - Le Monde Informatique" (in fr). 2020-10-15. https://www.lemondeinformatique.fr/actualites/lire-lutte-contre-les-ip-malveillantes-crowdsec-leve-1-5-meteuro-80713.html. 
  15. Vitard, Alice (5 May 2021). "La start-up CrowdSec lève 4 millions d'euros pour déployer son firewall communautaire" (in fr). https://www.usine-digitale.fr/article/la-start-up-crowdsec-leve-4-millions-d-euros-pour-deployer-son-firewall-communautaire.N1090044. 
  16. "Paris-based CrowdSec raises $5 million to firewall the world" (in en-GB). 2021-05-04. https://tech.eu/2021/05/04/paris-based-crowdsec-raises-5-million-to-firewall-the-world/. 
  17. Chowdhury, Hasan. "CrowdSec wants to halt ransomware and other cyber attacks by crowdsourcing defense. Here's the 14-slide pitch deck it used to raise $13.9 million." (in en-US). https://www.businessinsider.com/crowdsec-raises-139m-to-crowdsource-defense-against-cybercrime-2022-10. 
  18. "Crowdsec décolle avec une levée de fonds de 14 M€ - Le Monde Informatique" (in fr). 2022-10-07. https://www.lemondeinformatique.fr/actualites/lire-crowdsec-decolle-avec-une-levee-de-fonds-de-14-meteuro-88248.html. 
  19. Goudou, Guillaume (2022-10-21). "CrowdSec, le Waze de la cybersécurité, lève 14 millions et s'internationalise" (in fr-FR). https://business-cool.com/actualites/actu-business/crowdsec-levee-de-fonds/.