Am I Under Attack: Cut Through the Noise to Detect Sophisticated and Targeted Attacks with CrowdSec’s New feature
Did you know that there may be anomalies in your logs indicating more sophisticated, targeted attacks that you are missing?
To help you deal with those targeted attacks, we are excited to introduce Am I Under Attack, a groundbreaking feature now available in the CrowdSec Console!
Am I Under Attack leverages advanced AI algorithms to monitor unusual surges of activities in your stack and identify patterns that could indicate targeted cyber attacks against your organization. When such anomalies are detected, Am I Under Attack sends you notifications along with actionable steps to help you mitigate the threat effectively.
Taking log monitoring and security alerting to the next level
While the Console Community Plan allows you to monitor alerts shared by your Security Engines, it’s difficult to distinguish between the daily flow of alerts and complex patterns that require your immediate attention, concentrated on one server or across your whole organization.
Important alerts might be missed, and subtle patterns indicating targeted attacks can go unnoticed. This gap leaves your organization vulnerable to sophisticated cyber threats that exploit these oversights.
Let’s take a look at what’s in for you with the new Am I under Attack feature.
- Get proactive threat detection: Am I Under Attack shifts through large volumes of alerts to highlight significant threats.
- Get advanced attack pattern identification: Utilizes sophisticated algorithms to detect patterns that may signify a coordinated attack.
- Get timely notifications: Am I Under Attack alerts you immediately when potential threats are identified.
How to activate Am I Under Attack
It literally takes two seconds! As this is a premium feature, you need an active SaaS Enterprise plan to access it.
Don’t have one? It’s only $31/month per Security Engine enrollment and you can upgrade your Community Plan directly through the Console.
You will also need to have a Security Engine enrolled in your Console account to activate the feature. Check out this guide if you need detailed instructions.
Once you have your Security Engine enrolled and your plan upgraded to SaaS Enterprise, go to your Alerts dashboard and locate the Am I Under Attack toggle.
Click on it to activate it and you’re all set!
How does Am I Under Attack work?
Once activated, the CrowdSec AI algorithms will monitor your Security Engine alerts 24/7.
If CrowdSec systems detect a targeted attack or unusual pattern, we will notify you immediately to warn you that your infrastructure might be under threat.
An in-app notification will be pushed into your Console account.
As shown in the screenshot above, this red banner will ensure that none of the organization’s users using the Console can miss what is currently happening on your infrastructure.
But what if no Console user is logged in at the time of the incident?
You and every admin member of your organization will also receive an email notifying you of the suspicious activity detected by Am I Under Attack.
The email also includes a quick comprehensive view of the ongoing attack and outlines immediate actions you can take, such as updating firewall rules or inspecting logs, to prevent attackers from infiltrating your IT systems.
Be proactive with your threat detection
Sophisticated and targeted attacks are on the rise, but I assume you already know that!
Am I Under Attack helps you boost your security strategy by providing proactive, AI-driven monitoring that ensures critical threats are identified and addressed promptly.
Your commitment to enhanced security not only protects your assets but also reinforces trust with your clients and stakeholders.
Activate this new feature today and maximize your protection against targeted and sophisticated attacks!
