We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Imagine a Ferarri losing Le Mans to a 40-year-old Pinto with a broken headlight and two flat tires. That pretty much describes the cybersecurity industry.
Every day, hackers spending just a few thousand dollars manage to thwart defenses that cost companies hundreds of millions of dollars. That’s because these security systems only need to be beaten once out of thousands of tries to have their vulnerabilities exploited.
Crowdsec wants to fix this economic imbalance by using crowdsourcing and open source software. The company is building what it calls a “massively multiplayer firewall,” and it believes this collaborative approach represents a critical strategic shift for protecting digital assets.
“If you have to be open, then you have to take the risk that all your assets and resources have to be defended wherever they are,” Crowdsec CEO and cofounder Philippe Humeau told VentureBeat. “The point of our thinking is the only way to secure those is to establish trust between two peers. And the only way to establish trust reliably on a large scale is the crowd.”
The company, which was founded in December 2020 and is based in Paris, today announced it has raised a $5 million round of funding. Breega led the round, and partner Maximilien Bacot said the concept was too compelling to pass up, even for a firm that doesn’t invest in a lot of security startups.
“The product vision that they are putting on the table, to make sure that we can protect everybody by using the crowd, is very important,” he said. “I love the product and the vision.”
More protection for less
Enterprises have to spend a lot on security because they face so many disadvantages. Once a vulnerability is found, it can take time for a patch to be released. And it can take more time to deploy the patch.
Meanwhile, the perimeter companies have to protect continues to expand as more data moves to the cloud. Not only is this digital footprint larger, it is also more complex, increasing the chances of human or software vulnerabilities.
“The bottom line is the castle strategy is over except if you want to go back to pagers and faxes and stuff that would drag your business 30 years back in time,” Humeau said. “And then you would not be competitive anymore.”
Humeau believes Crowdsec can succeed because there are more humans working in cybersecurity than there are hackers. If the defenders banded together, that human-driven power could have a big impact.
Of course, some companies attempt to leverage this human factor with bug bounty programs. Crowdsec wants to take that further by creating a platform that allows for real-time, large-scale collaboration.
Once a member of the Crowsdec community reports an IP address that was used to launch an attack, Crowdsec’s software blocks it across its network. In this way, Humeau said the company will create the largest real-time hacking map on the internet. This will help block threats like port scans, identity theft, and denial of service attacks.
In addition to these defensive capabilities, Crowdsec will offer several types of remediation, including simple access prohibition and rights limitation. The solution will work on just about any environment, including public clouds, containers, and virtualized architectures.
The basic platform will be free as an incentive for people to adopt it and contribute back to the community. Crowdsec will eventually offer some paid services on top of that.
Crowdsec won the grand prize for innovation at the most recent RSA. In the five months it has been live, the company says it has already attracted more than 6,000 users in 90 countries.
The company intends to use the funding to expand its team and accelerate efforts to grow its community.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.