Safer Together
in 5 minutes 

CrowdSec is a free & open-source security
automation tool leveraging local IP behavior detection
& a community-powered IP reputation system.

Our decentralized collaborative security engine is based on a cloud infrastructure
CrowdSec community will grow accuracy and efficiency
An Open-source approach to a decentralized collaborative security engine

Crowd-powered security

CrowdSec parses logs to assess the behavior of IP addresses coming to your apps, websites, services, etc. Offending IPs are dealt with locally (block, captcha, 2FA, etc.) and if you allow it, sent to us for curation, before being shared in the community to protect everyone.

Collaborative firewall leveraging both behavior & reputation

Let’s”outsmart hackers together” in 5 simple steps:

CrowdSec analyzes logs (systems, cloud trails, app, pub/sub, etc.)

IP behavior is evaluated by scenarios (you can write or download)

The agent checks if the IP is present in the IP reputation DB

Your policy is automatically enforced: block, captcha, 2FA, etc.

Finally, the aggressive IP is shared with the community

  • Scenarios can be found in the Hub
  • Writing your own behavior detection is super simple
  • Grok patterns are used for log parsing
  • YAML is used to describe behaviors
CrowSec is dynamic and open source
Let’s achieve the “digital herd immunity”
Firewalls mainly consist of static rules which do not protect public applications or services that need to stay accessible by anyone (Web, App, DNS, mail, etc.)
  • 64% : Non-human traffic on web ports
  • 937 : Average daily scans on an IP
  • 6 billions : Attacks on application layer
  • 70% : Breaches starting from the application layer

(Sources : CrowdSec | Akamai SOTI 2019 | Verizon report 2019)

A next-gen fail2ban was needed

Next gen fail2ban

Automate your security: Data connectors, scenarios & bouncers are readily available from our Hub to defeat various attacks like password brute force, port scans, web scans, credential stuffing, and more.

CrowdSec key features

CrowdSec, written in Go language is designed to run seamlessly on servers, Cloud machines, Containers or to be called through API directly from your code.


Logs are normalized using GROK patterns, enriched by our IP blocklists.


YAML Scenarios allow to detect most attacks, as long as they generate logs (which the vast majority does).

Act & share

In case of an aggression, you can react with a captcha or 2FA, drop the packet, etc. You decide howwhere.

Some upcoming milestones

May 2020
CrowdSec Open Source Product Launched !
June/July 2020
CrowdSec introduced @OSSIR & Pass the salt conference
First fundraiser (pre-seeding, cashed-in $1M)
September 2020
Smart Money round (1.5 M€). Recruited two more members (front/fullstack), and our International marketing manager.
November 2020
Release v1.0 stable. Local & global API, packages, container.
Q1 2021
Seeding Round. Premium SAAS feature launch
July 2021
AI team recruitment, most of premium & enterprise features should be available
4th Quarter 2021
Partnership & OEM program
1st half 2022
Artificial intelligence: Anticipation of attacks
Fund raiser, A serie.
2nd half 2022
Support for mid to long-range spacecraft (yes we check if you read it all)
Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.