Our culture & values
Companies are virtual entities that embody the sum of their objectives, cultures, hopes, talents and histories. One of the most complex parts in their scaling process is to preserve this uniqueness, that makes them both talented and attractive.
So many large corporations lost their souls and are frantically trying to compensate by acquiring smaller companies. This new blood is injected to rejuvenate the ghost, but like botox, it just has a temporary effect for a long-term cost.
Company culture is a piece of art, patiently stitched together by its members. It is often hard to exactly say why you felt comfortable discussing with this or that team. This feeling narrows down to very immaterial attentions, behaviors or words.
As we grow, more people will join our ranks. Inside, or as ambassadors, contributors and even community shepherds. You are all welcome, we are not here to drain your blood, but to combine and recombine, to all grow smarter and stronger, together. Feel no fear, this is no club, this is an adventure like no other, that we are delighted to share with the greatest number. Bring who you are, what you think and blend in a project bigger than us all, not by losing your particularities but by reinforcing us all with them.
We have a mission, we should share it and everyone joining should be able to assess if this project and its culture are compatible with their personal values.
Where do we come from?
Thibault & Philippe, 2 of CrowdSec founders, used to work in high security hosting, which was kind of a new field back in the 2010’s. They designed a stack of protection which would also block IPs that made violations.
One day, one of their clients, a famous sports-oriented e-commerce shop was under attack. It was not a real problem since it was protected by a robust stack, but the cybercriminal used more than 3,000 IP addresses to try to aggress the website. At this exact moment came this idea that would be the genesis of CrowdSec:
“What if we share those IPs with our peers and colleagues in the industry? That would cripple this crminal’s operations even further right?”
This was the starting point of a long journey, involving a lot of great minds into designing a lightweight product, Waze-like, that would not only block attacks but also share IPs with all its user community.
“Safer together” was born. The team started to gather around this idea that instead of being isolated sitting ducks, waiting to be picked one by one by the enemy, we could rather organize a sort of Internet neighborhood watch.
Yes, open-source can make money ethically!
At CrowdSec, we hire very skilled people and we like them to be dedicated to our mission: making the Internet a safer place for everyone. That doesn’t exactly match the vision of some open source icons, who prefer to stay frugal.
Well… Thank you but no thank you. We pay well, to get the most efficient and mission-driven professionals. How to solve the equation of a solution that should be open source and free, for the greatest number to benefit from it, but at the same time pay our people well?
We had to find a clean, respectful business model, that would make us sustainable, while being fair towards the people making the solution stronger: our community.
To achieve our goal, we decided to give everything for free to our community users and make businesses that wouldn’t (or often couldn’t) share IPs they blocked with us, be the ones paying to get access to our high-quality IP block lists. They would also get granted with tailor-made enterprise features specifically designed for them.
That way, we created a virtuous cycle, the community is both the engine and the beneficiary of this open source software. Members enjoy both the power of the behavior engine and the one from our reputation database, for free.
Businesses get what they want, an access to this premium data, without having to contribute to its generation and can access specific features to handle complex architectures or needs, on a larger scale.
Our mission is to empower everyone with a rock solid, free, first line of defense, whether they are individuals, institutions, SMBs or larger companies.
Our BHAG is an ambitious one: become the Internet trust broker, by constantly spotting all cybercriminal-controlled IPs and make them available to all willing to defend themselves. A crowd-sourced, Internet-scale, cyber threat intelligence.
We drink our own potion
Do we use our product? Not just at work, but at home as well? Of course we do!
The three-hole colander process
Got a brand new idea? Got a large budget to be invested? Ok. No unknown rules here. If our innovation can go through any (and many if possible) of those holes, it’s automatically a yes.
Hole #1: it should make our product more resilient, faster or more secure.
Hole #2: it should allow us to collect, qualify or distribute more nefarious IPs to our users.
Hole #3: it should drive adoption so the community keeps growing.
We make things super simple
We are committed to make our product as easy to you as possible. Yes we are specialists, former red team pentesters, DevOps, SecOps, DevSecOps, Admins. That is precisely why we should make a product not for ourselves only, but for everyone. Small shops in Thailand, universities in Botswana, individuals in Iceland, using any kind of system and connection. And they should be able to secure themselves in 2 minutes, without deep security knowledge. And if you are a rockstar working for a big hosting company, you should be able to tweak, adjust and use more complexe features. One size fits all.
We bring solutions along with problems
If you were the first one to identify a problem, take the extra step and bring a solution along with it since you are probably in the best position to do so.
You’re not alone, they’re not alone, our fates are bond
A community is a big thing to start, to care for, a great responsibility. But it also gives you strength, a sense of purpose. If you are facing an issue, personal or professional, we are here for you. So is the community. So be there for them, for us, for yourselves.
We innovate, iterate, test
Michael Porter once said that strategy is to accomplish activities in a different way than competitors. This is definitely what we do at CrowdSec. An unusual business model, unusual HR policies, blue ocean business model, etc. So if you have the least idea in mind that you’d like to share, there will always be someone to listen to you.
We are laser focus
We have one mission and one only. We don’t intend any time soon to provide side services, integration, compliance, training, or whatever else. We are an open source security software editor. Being good at it means there is close to no space for any other mission.
We use a scientific approach
There are no two methods around science. Make an hypothesis, experiment to collect data, confront hypothesis with results and exchange with peers to see if there is no flaw in your methods. Then and only then, you found something and all forces of the company can be by your side to support your findings and make it something big.
We want you to become the next generation of entrepreneurs
We love, we train. CrowdSec is a company founded by people with more than 50 combined years of entrepreneurship experience. We want to share it, make you the next gen of entrepreneurs. You get access to everything. Every single material or piece of content you qualify as useful for growth. And on top of that, we hold training sessions to take you always further. Live it from inside, replicate and adapt for yourself later, and trust me, the company members will be your investors by then!
CrowdSec’s family rules
- We are all equal, regardless of our salaries, positions, career paths.
- We are always fully transparent with each other so nothing becomes a problem
- We treat everyone with respect & trust
- We value all users and community members, no matter their expertise level
- We onboard new family members the best way we can