Paris, France: CrowdSec has announced a $5 million round of seed funding from European VC Breega. The security startup is aiming to rethink cybersecurity by creating a collaborative endpoint detection and response (EDR) system. Such rethinking lead to an open-source strategy to combat attacks on any network, anywhere.
The security startup will leverage this new funding to expand its global community of users and contributors in China and Asia. And enhance its functionality and recruit new talents to fuel its expansion.
According to CrowdSec CEO and Co-Founder Philippe Humeau, collaboration and global focus are keys to CrowdSec’s open-source approach.
Every year, states, banks, businesses and institutions spend billions of dollars to protect themselves. But still, cybercriminal groups hack them with much lesser means.
“This cyberwar is asymmetrically favourable to hackers, who benefit from time, use stolen resources and mainly open-source software, and face increasingly fragmented and permeable perimeters, including Cloud drives, SaaS, VMs, containers, and VPNs. Our goal is to rebalance the cyber-security game by creating innovative, free and collaborative software in order to fight, together, hacking on a global scale,” said Humeau.
This is an approach that suits the European startup CrowdSec, where the business community is diverse and steeped in a rugged individualism developed over centuries. CrowdSec is built on an independent, open culture and founded upon its collaborative inclusivity.
China and global growth
Open source code has been essential for China’s tech sector’s rapid growth and today it is one of the biggest consumers and contributors of open source technology. Chinese tech companies such as JD.com, the world’s third-largest internet company by revenue, were early adopters of open source technology. Inspired by JD.com, CrowdSec aims to expand its footprint in China. Through close collaboration with the open-source community in China, CrowdSec is seeking to assist the worldwide inter-networked community to now maintain its own safety.
Launched in December 2020 CrowdSec’s solution so far has already been adopted in more than 90 countries. And its team is expected to grow over the next 18 months. It plans to expand internationally and extend reach across all continents, including Asia and Greater China. CrowdSec is in the process of reaching out to key open-source influencers in China and other parts of Asia.
The security startup is currently in discussions with large customers, hosting companies, cloud makers and private companies globally. It will officially launch its commercial offering later this year, but will remain entirely free for its community and has already reported several hundred thousand IP addresses as dangerous.
The arrival of the largest real-time map of hacking
CrowdSec’s open-source filtering software blocks cyberattacks and anonymous attacks on IT assets. It tracks IP addresses used against members of its community in order to redistribute them and thus deactivate the attackers’ strike capability.
When a CrowdSec agent detects an attack, its report is curated by the platform and, if legitimate, shared with all users so that they can also protect themselves. This community generates, in real-time, one of the largest IP blocklists in the world.
Being able to protect each other without having to trust one another is also a key benefit. When system administrators, DevOps and SecOps join forces, they far outnumber hackers. CrowdSec provides them with the tool to federate.
It not only locally defends IT assets based on IP behaviour, but also generates the largest real-time hacking map on the internet. A new generation of distributed cyber threat intelligence that reshuffles the deck in the defence of internet-exposed IT resources.
A solution adapted to modern constraints
CrorwdSec said its solution is designed for public clouds, containers as well as bare-metal or virtualized architectures in enterprises. It provides a strong first line of defence of unprecedented efficiency and versatility.
The solution offers different types of remediation from simple access prohibition to two-factor authentication. Including CAPTCHAs, rights limitation, the transmission of information to a SIEM or to SecOps desks.
It can block port scans, web scans, password attacks, identity theft attempts, application denial of service, bots, credit card stuffing or fraud, among many other classes of attacks. By not exporting logs and collecting only the minimum amount of data (timestamp, attacking IP and recorded behaviour) CrowdSec complies with the European GDPR and, more generally, respects data privacy.
“Digital has become a natural extension of our lives and we need to provide an answer to the societal problem posed by mass hacking,” said Breega Partner and Co-Founder Maximilien Bacot
The techniques (or trends) developed over the last 30 years have clearly failed to address this problem. So, it seems logical to us to propose a community-based approach, which has already proven effective in so many other areas, yet has not been applied to cybersecurity… until now,” added Bacot.