ENNAENNA

CrowdSec

MIT

๐Ÿง  Threat Intelligence ยท Go

CrowdSec is a collaborative open-source intrusion prevention system that detects and blocks malicious behavior using crowd-sourced threat intelligence from its global community of users. It analyzes server logs in real time using behavioral scenarios to identify attacks such as brute force attempts, port scans, web exploitation, and credential stuffing, then shares anonymized threat signals with the CrowdSec network. System administrators, DevOps teams, and security engineers deploy CrowdSec to protect servers and applications with an IPS that becomes more effective as more participants contribute threat data to the collective intelligence pool. Its modular architecture supports custom parsers and scenarios for any log format, and it integrates with firewalls, CDNs, and application middleware through its bouncer ecosystem to enforce blocking decisions at multiple network layers.

13.2kstars
610forks
272issues
Updated 20d ago
+I use this
View on GitHubOfficial Website

Tags

idsipscollaborativethreat-intelattacks-preventiondetectionlinuxprotectionsecuritywaf

Details

Category
๐Ÿง  Threat Intelligence
Language
Go
License
MIT
Platforms
๐Ÿงlinux๐ŸŽmacos๐ŸชŸwindows

Links

GitHub Repository

github.com/crowdsecurity/crowdsec

Official Website

crowdsec.net

Releases

github.com/crowdsecurity/crowdsec/releases

Issues

github.com/crowdsecurity/crowdsec/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Community Reviews

Alternatives & Comparisons

Suricata

C/Rust

High-performance IDS/IPS and network monitoring engine. Multi-threaded with Snort-compatible rules and protocol logging.

Compare CrowdSec vs Suricata

Wazuh

C/Python

Open-source SIEM and XDR platform. Endpoint detection, log analysis, vulnerability scanning, and compliance monitoring.

Compare CrowdSec vs Wazuh

OpenSnitch

Go

GNU/Linux interactive application firewall inspired by Little Snitch.

Compare CrowdSec vs OpenSnitch

Snort3

C++

Next-generation open-source intrusion detection and prevention system.

Compare CrowdSec vs Snort3

More in Threat Intelligence

MISP

PHP/Python

Open-source threat intelligence and sharing platform. Structured IOC management, feeds, correlation, and STIX/TAXII export.

threat-inteliocsharing

OpenCTI

TypeScript/Python

Cyber threat intelligence platform. Knowledge management for threat data with STIX2 native storage and graph visualization.

threat-intelstix2knowledge-graph

TheHive

Scala/JavaScript

Incident response case management platform. Collaborative investigation with observable analysis, playbooks, and MISP integration.

incident-responsecase-managementsoc

GRR Rapid Response

Python

Remote live forensics framework by Google. Deploy agents across thousands of endpoints for artifact collection and analysis.

dfirremote-forensicsendpoint

KAPE

C#

Kroll Artifact Parser and Extractor. Fast triage collection and parsing of forensic artifacts from Windows, macOS, and Linux.

dfirtriageartifact-collection

Cortex

Scala/Python

Observable analysis and active response engine. Analyze IOCs at scale with 100+ analyzers for IPs, hashes, URLs, and domains.

ioc-analysisobservableenrichment