Achieve security excellence without breaking the budget!

Download guide

am i under attack

Am I Under Attack: Cut Through the Noise to Detect Sophisticated and Targeted Attacks with CrowdSec’s New feature

Did you know that there may be anomalies in your logs indicating more sophisticated, targeted attacks that you are missing?

To help you deal with those targeted attacks, we are excited to introduce Am I Under Attack, a groundbreaking feature now available in the CrowdSec Console

Am I Under Attack leverages advanced AI algorithms to monitor unusual surges of activities in your stack and identify patterns that could indicate targeted cyber attacks against your organization. When such anomalies are detected, Am I Under Attack sends you notifications along with actionable steps to help you mitigate the threat effectively.

Taking log monitoring and security alerting to the next level

While the Console Community Plan allows you to monitor alerts shared by your Security Engines, it’s difficult to distinguish between the daily flow of alerts and complex patterns that require your immediate attention, concentrated on one server or across your whole organization.

Important alerts might be missed, and subtle patterns indicating targeted attacks can go unnoticed. This gap leaves your organization vulnerable to sophisticated cyber threats that exploit these oversights.

Let’s take a look at what’s in for you with the new Am I under Attack feature.

  • Get proactive threat detection: Am I Under Attack shifts through large volumes of alerts to highlight significant threats.
  • Get advanced attack pattern identification: Utilizes sophisticated algorithms to detect patterns that may signify a coordinated attack.
  • Get timely notifications: Am I Under Attack alerts you immediately when potential threats are identified.

How to activate Am I Under Attack

It literally takes two seconds! As this is a premium feature, you need an active SaaS Enterprise plan to access it. 

Don’t have one? It’s only $31/month per Security Engine enrollment and you can upgrade your Community Plan directly through the Console. 

You will also need to have a Security Engine enrolled in your Console account to activate the feature. Check out this guide if you need detailed instructions.

Once you have your Security Engine enrolled and your plan upgraded to SaaS Enterprise, go to your Alerts dashboard and locate the Am I Under Attack toggle. 

Click on it to activate it and you’re all set!

how to activate am i under attack in crowdsec console

How does Am I Under Attack work?

Once activated, the CrowdSec AI algorithms will monitor your Security Engine alerts 24/7. 

If CrowdSec systems detect a targeted attack or unusual pattern, we will notify you immediately to warn you that your infrastructure might be under threat.

An in-app notification will be pushed into your Console account.

As shown in the screenshot above, this red banner will ensure that none of the organization’s users using the Console can miss what is currently happening on your infrastructure.

But what if no Console user is logged in at the time of the incident?

You and every admin member of your organization will also receive an email notifying you of the suspicious activity detected by Am I Under Attack.


The email also includes a quick comprehensive view of the ongoing attack and outlines immediate actions you can take, such as updating firewall rules or inspecting logs, to prevent attackers from infiltrating your IT systems.

Be proactive with your threat detection

Sophisticated and targeted attacks are on the rise, but I assume you already know that! 

Am I Under Attack helps you boost your security strategy by providing proactive, AI-driven monitoring that ensures critical threats are identified and addressed promptly. 

Your commitment to enhanced security not only protects your assets but also reinforces trust with your clients and stakeholders.

Activate this new feature today and maximize your protection against targeted and sophisticated attacks!

WRITTEN BY

You may also like

new and advanced ip lookup search
Product Updates

Introducing the New and Advanced IP Lookup Search

In a previous article, we introduced the CTI Report, this time, we are taking it a step further and introducing new and advanced search options for our IP lookup.  You now have access to multiple search options to accurately and effectively explore the CrowdSec CTI.   Let’s take a look. IP lookup search These new search […]

Discover CrowdSec’s Free Third-Party Blocklists
Product Updates

Discover CrowdSec’s Free Third-Party Blocklists

In case you missed it, we recently announced the new Blocklists Catalog in the CrowdSec Console. In the catalog, you can find several blocklists centralized in one place, including third-party blocklists that are free to all users.  All users on the CrowdSec Console can subscribe their Security Engines to third-party blocklists to secure their systems […]

Streamlining ELK Stack with CrowdSec via Syslog
Product Updates

Streamlining ELK Stack with CrowdSec via Syslog

By integrating CrowdSec with the ELK stack via Syslog, you can enhance your security monitoring capabilities and bolster your threat detection mechanisms.