VentureBeat presents: AI Unleashed - An exclusive executive event for enterprise data leaders. Network and learn with industry peers. Learn More
Modern organizations are facing cyberthreats on all sides. Whether it’s DDoS attacks, brute force hackers or VOIP tempering, organizations need to be prepared to protect their internal systems.
While there are many solutions available to do this, intrusion detection systems (IDS) provide a framework for identifying any malicious attempts to break into an enterprise environment.
One such provider, CrowdSec, announced it has raised $14.8 million (€14 million) as part of a series A funding round led by Supernova Invest.
CrowdSec’s flagship solution includes an open-source IDS and intrusion prevention system (IPS) that provides a real-time blocklist curated by tens of thousands of machines and IP addresses.
An exclusive invite-only evening of insights and networking, designed for senior enterprise executives overseeing data stacks and strategies.
The organization claims this provides enterprises with the largest real-time database of cybercriminal-controlled IP addresses, which enables them to protect themselves against a high volume of zombie machines.
The time to address automated attacks is now
Cybercriminals will commonly compromise users’ devices so they can use them to launch malicious attacks against target organizations.
“CrowdSec can analyze and deal with 50+ different types of behaviors seen in logs. This ranges from credit card stuffing to port or web scans, credential brute force, VOIP tempering, comments trolling in CMS, ecommerce scalping, L7 DDoS, etc.,” said CrowdSec CEO and cofounder, Philippe Humeau.
“If it can be logged, CrowdSec can deal with it. Once a problem has been dealt with locally, if the same behaviour from the same IP address is seen somewhere else in our user community, the IP address behind it starts building a reputation against itself and eventually ends up in the blacklist, further reinforcing the protection for everyone. It’s like the Waze of firewalls,” Humeau said.
The IDPS market
CrowdSec falls most neatly into the intrusion detect and prevention systems market, expected to grow from $4.57 billion in 2020 to reach $9.04 billion by 2028. Currently, 100,000 users employ the solution.
The organization’s IPS solution is competing against a range of other providers including Trend Micro, with TippingPoint, a next-generation intrusion prevention system (NGIPS) designed to protect infrastructure and data in real time from known and unknown vulnerabilities with threat prioritization.
Trend Micro recently announced raising over $500 million in annual recurring revenue (ARR) in the fourth quarter of 2021.
Another competitor is FireEye, which offers an IPS alongside its FireEye Network Security solution that can detect known and unknown malware threats.
FireEye’s Multi-Vector Virtual Execution (MVX) technology automatically validates signature-based threats to identify legitimate security incidents and reduce false positive alerts. In June 2021, FireEye announced it intended to sell its products business for $1.2 billion to Symphony Technology, a private-equity firm.
Humeau claims that CrowdSec differentiates itself from competitors based on its ability to detect unknown threats.
“Our competition mainly harvests their signals through honeypots, so they are more likely to catch “CVE farmers” — people industrializing the exploitation of known vulnerabilities. Hence they detect the “background noise” (like Greynoise) but not attacks sent in a targeted manner against real servers by cybercriminals willing to make real profit,” Humeau said.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.