Skip to main content
Topic: CrowdSec (Read 200 times) previous topic - next topic

CrowdSec

CrowdSec

https://crowdsec.net/the-solution/

https://hub.crowdsec.net

What is CrowdSec and how does it work?

CrowdSec is an open-source and crowd-powered software enabling you to detect & block attacks. While sharing with its user community, you contribute to improve its efficiency and make the Internet safer.

Allows you to detect attacks and respond at all required levels (detect where your logs are, block at CDN or application level)

Is easy to install and maintain with no technical requirement. The installer even comes with a wizard duh!

Is designed to be integrated with other solutions and components (ie. use CrowdSec to read your mod_security logs and automatically block attackers at your CDN level)

Is about sharing : meta-data about the attack/attacker you detect is sent to a central API, and malevolent IPs are shared with all users.

Is a lightweight : it runs standalone, doesn’t require much ram or CPU

Can work with cold logs: you can run it on “cold” logs and see what could have happened

Comes with out of the box dashboards, because we know visualisation is key