CrowdSec

Last updated

CrowdSec is a French startup that owns an open source software for identifying and sharing malicious IP addresses. [1] [2] It was founded in 2019 by Philippe Humeau, [3] Laurent Soubrevilla [4] and Thibault Koechlin. [5]

Contents

CrowdSec
Type Private
Industrycomputer programming  OOjs UI icon edit-ltr-progressive.svg
Founder
  • Philippe Humeau
  • Laurent Soubrevilla
  • Thibault Koechlin
Headquarters,
France
Number of employees
29
Website https://www.crowdsec.net

Functioning

CrowdSec works by looking for aggressive IP address behavior by reading service, container or server logs. These logs can be local (Linux / BSD / Windows) or come from a SIEM (ELK) or directly from a cloud service (Cloudtrail, pubsub, etc.).

When an IP address is identified by the security engine as actively attempting to penetrate or corrupt the protected system, it is blocked by a remediation component that may be part of the CrowdSec solution or may already exist (firewall, proxy, etc. .). Several remedial choices are offered, ranging from banning the IP to sending a Captcha or even Http notification, depending on the context and needs.

The system is participatory because if an IP address exhibiting aggressive behavior is spotted by a member of the user network, its report is confronted with the entire network for approval. If a sufficient number of trusted participants report the same behavior from this IP, it is then included in a block list distributed to all participants. The IP is then removed from this list when network participants stop reporting it for a sufficient period of time. [6]

The block list provides protection against attacks aimed at exploiting massive vulnerabilities on the Internet, while the security engine aims to protect against targeted attacks. [7]

License

The security engine that analyzes logs and responds to threats is open source and distributed under the MIT license. Software is free to use and the company is remunerated on the sale of signals to customers not participating in the detection network as well as by providing additional services oriented towards large accounts. [8]

History

In October 2021, during its first participation in the Assises de la Sécurité, CrowdSec presented its open source security suite. This suite includes an MIT-licensed Intrusion Detection System (IDS), as well as a free Intrusion Prevention System (IPS) that helps manage attacks based on each company's specific business needs. In addition, the suite also includes Collective Threat Intelligence (CTI) to protect all users. [9]

By 2021, CrowdSec has crawled over 130,000 IP addresses. [10] and is used in over 90 countries

In February 2022, Crowdsec launched its tool on OPNsense, an open source firewall and routing software based on FreeBSD. [11] [12]

Fundraising

In October 2020, Crowdsec carried out its first fundraising of 1.5 million euros, carried out with business angels and organized by Reflexion Capital. [13] [14]

In May 2021, the startup CrowdSec raised 4 million euros in seed from Breega to develop its platform. [15] [16]

In October 2022, Crowdsec raised 14 million euros in Serie A from Supernova Invest (Lead), [17] Breega (follow-on) [18] & Louis Christophe Laurent (BA) [19]

Related Research Articles

Gabon Telecom SA is the largest telecom company in Gabon. The company manages the country's country code top-level domain, .ga. It operates about 35,000 land lines, and its cellular phone service subsidiary, Libertis, has 200,000 customers. In 2007, Maroc Telecom acquired 51% of the company from the government of Gabon. In June 2018, Gabon Telecom launched APS solutions to protect 400,000 IP addresses.

<span class="mw-page-title-main">Fail2ban</span> Intrusion prevention software framework

Fail2ban is an intrusion prevention software framework. Written in the Python programming language, it is designed to prevent brute-force attacks. It is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally, such as iptables or TCP Wrapper.

Offensive Security Certified Professional is an ethical hacking certification offered by Offensive Security that teaches penetration testing methodologies and the use of the tools included with the Kali Linux distribution. The OSCP is a hands-on penetration testing certification, requiring holders to successfully attack and penetrate various live machines in a safe lab environment. It is considered more technical than other ethical hacking certifications, and is one of the few certifications that requires evidence of practical penetration testing skills.

<span class="mw-page-title-main">Edwy Plenel</span> French journalist

Hervé Edwy Plenel is a French political journalist.

<span class="mw-page-title-main">Alain Lefebvre</span> French author and journalist (born 1960)

Alain Lefebvre is a French entrepreneur and author. He has made significant contributions to client server computing. He co-founded SQLI in 1990 and led the company for over ten years. Alain Lefebvre has published more than 29 books, five of which are about computer and internet topics. Since 1995, Lefebvre and his wife Murielle Lefebvre have been promoting Montessori education in France. He is the founder of the first professional social network in France, 6nergies.net. He has held network events, conferences, and was interviewed in 2004 about Web 2.0. He also published a book about social networks in 2005.

<span class="mw-page-title-main">Qwant</span> Search engine based in France

Qwant is a French search engine that launched in February 2013. Qwant claims to respect the privacy of its users by not tracking them for advertising purposes or reselling their personal data, as well as being impartial in the display of results.

<span class="mw-page-title-main">Jacques-François Lefranc</span>

Jacques-François Lefranc was a French cleric and anti-Masonic author.

<span class="mw-page-title-main">Solange Ghernaouti</span> Swiss academic, international expert in cybersecurity and cyber defence

Solange Ghernaouti is a professor at the University of Lausanne (UNIL) and an international expert on cybersecurity and cyberdefence. She regularly collaborates with various United Nations, European and government institutions as well as with private corporations.

<span class="mw-page-title-main">Direction générale des études et de la documentation</span> Foreign intelligence agency of Morocco

The General Directorate for Studies and Documentation is the foreign intelligence agency of Morocco, under authority of the Administration for National Defense. It is officially tasked with maintaining national security and the safety of national institutions.

<span class="mw-page-title-main">Civitas (movement)</span>

Civitas, also known as France Jeunesse Civitas and Institut Civitas, was an association generally considered to be Traditionalist Catholic, integrist, nationalist, and of the extreme right. The association defines itself as a "Traditionalist Catholic lobby group". The group was once associated with the Society of St. Pius X, but it has evolved under the new leadership of Alain Escada and the "chaplaincy" is now provided by Capuchin Friars of Morgon. On February 14, 2023, the Global Project Against Hate and Extremism (GPAHE) released a report in which it classified Civitas as a "religious nationalist", "anti-LGBTQ+", and "conspiracy" group.

<span class="mw-page-title-main">Zone to Defend</span> French sites occupied by citizens to resist development projects

Zone to Defend or ZAD is a French neologism used to refer to a militant occupation that is intended to physically blockade a development project. By occupying the land, activists aim to prevent the project from going ahead. The acronym "ZAD" is a détournement of "deferred development area". The ZADs are organized particularly in rural areas with an ecological or agricultural dimension, although the name has also been used by occupations in urban areas, for example in Décines-Charpieu and Rouen.

<span class="mw-page-title-main">Laure Calamy</span> French film and theatrical actress

Laure Calamy is a César Award-winning French film, TV and theatre actress best known for her roles in Call My Agent! and My Donkey, My Lover & I.

Marcel Frémiot was a French composer and musicologist.

<span class="mw-page-title-main">Bilal Hassani</span> French singer

Bilal Hassani is a French singer-songwriter and YouTuber. She represented France in the Eurovision Song Contest 2019 with the song "Roi", finishing in 16th place.

<span class="mw-page-title-main">Hirak (Algeria)</span> Protests against the government

The 2019–2021 Algerian protests, also called Revolution of Smiles or Hirak Movement, began on 16 February 2019, six days after Abdelaziz Bouteflika announced his candidacy for a fifth presidential term in a signed statement. These protests, without precedent since the Algerian Civil War, were peaceful and led the military to insist on Bouteflika's immediate resignation, which took place on 2 April 2019. By early May, a significant number of power-brokers close to the deposed administration, including the former president's younger brother Saïd, had been arrested.

AirTag was a French startup that was acquired by Morpho, at the time a Safran subsidiary, in 2015. It was a mobile shopping and payments provider.

The Katiba des Narvalos is a non-partisan collective constituted from citizens from all venues of life, dedicated to fighting jihadism on social networks and more generally on the Internet. Their tactics comprise parody, as to discredit jihadist propaganda; surveying and reporting offending accounts; and infiltrating cyber-jihadist networks as to prevent terrorist attacks.

YesWeHack is a global security company headquartered in Paris, France. It provides a crowdsourced platform for bug bounty programs where ethical hackers can report security exploits and vulnerabilities. It was founded in 2015 by Guillaume Vassault-Houlière, Manuel Dorne and Romain Lecoeuvre.

Avisa Partners is a French firm involved in lobbying, cybersecurity and copyright, competitive intelligence, and online influence. It was created in 2010 and evolved from predecessors including iStrat and a 2018 merger between Demeter, Lexfo and Avisa.

SWILE is a French app-based company that focuses on improving the employee experience. Among others, the platform offers meal vouchers, gift vouchers, mobility vouchers, and business travel solutions.

References

  1. Krim, Mourad (2023-05-30). "CrowdSec Engine 1.5, la solution de cybersécurité communautaire fournit des informations contextuelles sur les menaces". IT SOCIAL (in French). Retrieved 2023-06-02.
  2. "Crowdsec leverages crowdsourcing to reinvent cybersecurity economics". VentureBeat. 2021-05-04. Retrieved 2023-06-13.
  3. "CrowdSec : une approche collective de la protection contre les menaces". LeMagIT (in French). Retrieved 2023-06-02.
  4. "Crowdsec, la start-up qui disrupte le marché de la cybersécurité". BFM BUSINESS (in French). Retrieved 2023-06-02.
  5. "CrowdSec, le logiciel collaboratif qui lutte contre les cybermenaces". Les Echos (in French). 2022-10-06. Retrieved 2023-06-02.
  6. "Le français CrowdSec tente une protection cyber collaborative". LEFIGARO (in French). 2022-10-06. Retrieved 2023-06-02.
  7. "CrowdSec believes using an IDS is the key to stopping hackers". VentureBeat. 2022-10-06. Retrieved 2023-06-13.
  8. "Crowdsec, un outil de prévention d'intrusions, conçu pour protéger les serveurs, les services et les conteneurs, présenté comme une version modernisée et collaborative de Fail2Ban". Developpez.com (in French). 6 March 2021. Retrieved 2 June 2023.
  9. "Philippe Humeau, Président de CrowdSec : Notre approche est que l'on est fort tous ensemble". Global Security Mag Online (in French). 2023-06-02. Retrieved 2023-06-02.
  10. "Crowdsec, un outil de prévention d'intrusions, conçu pour protéger les serveurs, les services et les conteneurs, présenté comme une version modernisée et collaborative de Fail2Ban". Developpez.com (in French). 6 March 2021. Retrieved 2 June 2023.
  11. Korben (2022-02-24). "CrowdSec débarque sur OPNsense". Korben (in French). Retrieved 2023-06-02.
  12. CrowdSec. "Cybersecurity Platform CrowdSec Announces Compatibility With Windows, Synology, OPNSense And Magento". www.prnewswire.com. Retrieved 2023-06-13.
  13. "CrowdSec veut devenir le « Waze » de la cybersécurité". Les Echos (in French). 2020-10-15. Retrieved 2023-06-02.
  14. "Lutte contre les IP malveillantes : CrowdSec lève 1,5 M€ - Le Monde Informatique". LeMondeInformatique (in French). 2020-10-15. Retrieved 2023-06-02.
  15. Vitard, Alice (5 May 2021). "La start-up CrowdSec lève 4 millions d'euros pour déployer son firewall communautaire". L'Usine Digitale (in French). Retrieved 2023-06-02.
  16. "Paris-based CrowdSec raises $5 million to firewall the world". Tech.eu. 2021-05-04. Retrieved 2023-06-13.
  17. Chowdhury, Hasan. "CrowdSec wants to halt ransomware and other cyber attacks by crowdsourcing defense. Here's the 14-slide pitch deck it used to raise $13.9 million". Business Insider. Retrieved 2023-06-13.
  18. "Crowdsec décolle avec une levée de fonds de 14 M€ - Le Monde Informatique". LeMondeInformatique (in French). 2022-10-07. Retrieved 2023-06-02.
  19. Goudou, Guillaume (2022-10-21). "CrowdSec, le Waze de la cybersécurité, lève 14 millions et s'internationalise". Business Cool (in French). Retrieved 2023-06-02.