crowdsecurity / crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
AI Architecture Analysis
This repository is indexed by RepoMind. By analyzing crowdsecurity/crowdsec in our AI interface, you can instantly generate complete architecture diagrams, visualize control flows, and perform automated security audits across the entire codebase.
Our Agentic Context Augmented Generation (Agentic CAG) engine loads full source files into context, avoiding the fragmentation of traditional RAG systems. Ask questions about the architecture, dependencies, or specific features to see it in action.
Embed this Badge
Showcase RepoMind's analysis directly in your repository's README.
Repository Summary (README)
PreviewCrowdSec is an open-source and participative security solution offering crowdsourced server detection and protection against malicious IPs. Detect and block with our Security Engine, contribute to the network, and enjoy our real-time community blocklist.
<p align="center"> <img src="https://github.com/crowdsecurity/crowdsec-docs/blob/main/crowdsec-docs/static/img/simplified_SE_overview.svg" alt="CrowdSec schema" title="CrowdSec Schema"/> </p>Features & Advantages
Versatile Security Engine
CrowdSec Security Engine is an all-in-one IDS/IPS and WAF.
It detects bad behaviors by analyzing log sources and HTTP requests, and allows active remediation thanks to the Remediation Components.
Detection rules are available on our hub under MIT license.
CrowdSec Community Blocklist
<a href="https://doc.crowdsec.net/docs/next/central_api/community_blocklist">The "Community Blocklist" is a curated list of IP addresses identified as malicious by CrowdSec. The Security Engine proactively blocks the IP addresses of this blocklist, preventing malevolent IPs from reaching your systems.
Console - Monitoring & Automation of your security stack
Multiple Platforms support
Outnumbering hackers all together
By sharing the threat they faced, all users are protecting each other (hence the name Crowd-Security). Crowdsec is designed for modern infrastructures, with its "Detect Here, Remedy There" approach, letting you analyze logs coming from several sources in one place and block threats at various levels (applicative, system, infrastructural) of your stack.
CrowdSec ships by default with scenarios (brute force, port scan, web scan, etc.) adapted for most contexts, but you can easily extend it by picking more of them from the HUB. It is also easy to adapt an existing one or create one yourself.
Installation
<!-- make this an image with link ?-->Resources
- Console: Supercharge your CrowdSec setup with visualization, management capabilities, extra blocklists and premium features.
- Documentation: Learn how to exploit your CrowdSec setup to deter more attacks.
- Discord: A question or a suggestion? This is the place.
- Hub: Improve your stack protection, find the relevant remediation components for your infrastructure.
- Public Roadmap: Vote for your favorite features and submit ideas to influence what we build next.
- CrowdSec Academy: Learn and grow with our courses.
- Corporate Website: For everything else.