Welcome to the CrowdSec Blog

Introducing the integration of SigmaHQ into the CrowdSec Security Engine to further improve post-exploitation behavior detection on Windows.

Reduce cybersecurity costs while boosting efficiency with the CrowdSec Guide to Cost-Effective Security Operations. Learn strategies backed by real-world data!

Protect SUSE Linux with CrowdSec’s community-driven Security Engine, open source, behavior-based threat detection with real-time crowdsourced intelligence.

Learn how Websupport leverages the CrowdSec WAF to enhance web security for their customers without any configuration and workflow changes.

Le Monde, one of the most prestigious news organizations, utilizes CrowdSec to enhance their security, reduce operational costs, and supercharge efficiency.

Explore CrowdSec’s enhanced CTI scoring system, now more explainable and reliable, with improved quantiles for accurate threat analysis and IP data tracking.

The CrowdSec WAF is a powerful solution that combines the classic benefits of a WAF with CrowdSec’s unique crowd-powered and behavior-based approach

Am I Under Attack leverages advanced AI algorithms to detect anomalies in your logs indicating more sophisticated or targeted attacks.

Discover how CrowdSec’s blocklists seamlessly integrate with Check Point’s firewall to minimize cyber intrusions and save firewall load times.

Effective CDR isn’t just about spotting and reacting to threats but also creating a proactive strategy that keeps your cloud infrastructure safe and resilient.

In a previous article, we introduced the CTI Report, this time, we are taking it a step further and introducing new and advanced search options for our IP lookup.  You now have access to multiple search options to accurately and effectively explore the CrowdSec CTI.   Let’s take a look. IP lookup search These new search […]

Learn how script-based attacks work, why it is difficult for traditional antivirus software to detect them, and how to properly detect and mitigate this threat.

In this article, we explore methods on how to improve ecommerce security, combat bots, block bad traffic, and cut your overall operational costs.

In this article, we shed some light on the ingress traffic vs. egress traffic paradigm and how CISO’s focus shifted from securing servers to securing users.

ScaleCommerce, a leading provider of high-performance and secure online shop solutions, uses CrowdSec to reduce operational costs and supercharge efficiency.

The collection of threat data is one of the most crucial stages, if not the most crucial, of the threat intelligence lifecycle. The quality of the data collected at this stage will define all the following stages. With low-quality, inaccurate, or undiversified data, the subsequent analysis will produce inaccurate results, leading to ineffective or even […]

In case you missed it, we recently announced the new Blocklists Catalog in the CrowdSec Console. In the catalog, you can find several blocklists centralized in one place, including third-party blocklists that are free to all users.  All users on the CrowdSec Console can subscribe their Security Engines to third-party blocklists to secure their systems […]

Explore the latest CVE-2024-4577 PHP-CGI Argument Injection vulnerability and learn how to detect and block malicious IPs attempting to exploit it.

Find out the truth about many SOC teams’ misconceptions of threat intelligence blocklists and why they are often perceived as complex and risky.

Learn how to configure the AWS WAF Remediation Component to protect applications running behind an ALB that can block both IPs and countries.

Learn how to protect your serverless applications hosted behind CloudFront or Application Load Balancer with CrowdSec and the AWS WAF.