DISCLAIMER: For an improve rendering please check the original source on our drive : https://docs.google.com/presentation/d/1akI0F7CYqff7xJuPklrQiYE4xymv6bU1FHHjvP9lBLY/edit#slide=id.g12c452509f1_2_41
Also more details provided on our github page: https://github.com/crowdsecurity/fundraising-decks
2. Cyber
security
is not a
problem
of means
192G of high
value PI
500K accounts 267M records
5.2M accounts
solarwind
32M accounts
high profile hack
Tens of thousand
mail servers
Client trust (for
an auth system)
Billions… and…
counting
83M accounts
The others
800K records
5700 users
4. Last 40 years approach to cybersecurity
vs
CrowdSec’s approach…
vs
5. Here’s the plan…
1> We edit an
open source
software
2> which creates
a network, benefiting
to its users
3> This community
generates a real
time map of rogue
IP address
4>… which we
monetize along
with extra services
A Waze of Cybersecurity
6. Laurent
Soubrevilla
COO
Coder turned entrepreneur,
loves automation & KPI driven
strategies. 3 times founder,
1 exit, 3 fundraisers.
Accountable for
Delivery
Planning
Execution
CEO
3 times founder, business angel.
4 fundraisers, 3 exits. 22 years in
cyber security. Changed focus
from tech to business 10y ago.
Accountable for
Vision
Means
Business
Thibault
Koechlin
CTO
Former red team pentester. FOSS
advocate, coder & mentor.
Involved in many security projects.
Switched from offensive to
defensive security.
Accountable for
Security
Architecture
Stability
A seasoned triumvirate, on a mission…
Philippe
Humeau
7. Behavior
(aggressing you)
Syslog, Splunk
journald, Cloudtrails,
SIEM, ELK, Kafka, etc.
ours yours
community
Reputation
(aggressing many)
$_
1 >Acquire 2 >Detect 3>Remedy 4>Share
(This process is fully
The massively
collaborative IPS
8. CrowdSec already deals with
50+ attacks & unwanted behaviors…
Web Scans Port Scans
21 22 23 25 80
VOIP abuse
Credentials
brute-forcing
XSS, SQLi, & Php-based
armageddons
L7 DDoS
(Applicative)
Ransomware
(lateral move)
Targeted
attacks
Bot scalping,
scraping or
monitoring
Credit card
stuffing
9. +
and builds a real-
time map of
cybercriminal
IP address pools
Already collecting more signals than anyone before, from 172 countries.
11. our network organizes
a shortage, choking
their weakest link.
Cyber criminals need IP
addresses to scale their
OPS & stay anonymous…
12. A fair model: Software against signals.
Give… and you shall receive.
MIT license.
As free as it can be
Transparent, auditable
and trustable.
Open to contribution
Free, forever.
We monetize access to
CTI for those not sharing
$
OPEN SOURCE (MIT) FREE (to use, copy, modify)
13. A network effect
in the making…
…but past its cold boot phase
September 2022
112 000
Installations (in 2 years)
7 200 000
Bad IPs identified
16 000 000
Daily reports received
175
Countries
15. The power of 0.3%
350
300
250
200
150
100
50
0
Jan 2 Jan 16 Jan 30 Feb 13 Feb 27 Mar 13
Alerts per week
Blocked by reputation
Blocked by behavior
-92% of the bad traffic aimed at a server,
Is blocked, just based on IP reputation.
7.2 M IP
addresses
22K IP
addresses
SMOKE FIRE
~0.35%
(the 8% remaining are dealt
with by the behavior engine)
17. CrowdSec
is a 7D CTI
4D CTI
2D CTI
● Which IP
● Seen how many times last hour
● Which behavior
● Geography
● Actionable. We are 99,99%
sure!
● Type of IP (4g, VPN, Tor, etc.)
● Against what type of industry
● Which IP
● Was it aggressive recently
● What vulnerability (CVE)
● Type of IP (4g, VPN, Tor, etc.)
● Which IP
● What (simple) CVE
18. Network’s
maturity
stages
More signals
(see more threats)
Stronger signals
(distribute more IP, still
with no false positive)
Real time signals
(identifying in seconds
not minutes)
PHASE 1 PHASE 2 PHASE 3
Today
23. Loved by
professionals
Voted #17 on G2 best 2022
cybersecurity product,
leader in 30+ categories.
(And as Venture Beats highlighted, only 3 out of 50
products are edited by startups. We outranked
Microsoft, GitHub, Symantec, Dynatrace, Tenable, ...)
24. Technical deck KPI deck Monetization plan Investment plan Team deck Communication & community deck
Safer
together
“An excellent way to really
protect exposed servers”
Willy Tarreau
(Founder - Haproxy)
“CrowdSec takes a novel approach
to programmatically staying ahead
of emerging threats through a novel
application of crowd-sourcing”
Omkhar Arasaratnam
(Engineering Director - Google)
“It’s so good, I thought it already existed.
I’ll be among the 1st customers.”
Yoav Kutner
(Founder - Magento & Oro Inc)
“Crowdsec [is] making the world
safer [...] go grab and install it.”
Flemming Riis
(Director Risk Assessment - GoDaddy)
“Likely the most innovative
security solution”
Michel Moriniaux
(SRE - Microsoft/LinkedIn)
“An excellent approach
to the problem”
Frank Denis
(Security guru, former OVH CISO)
“In an everything-Cyber world, it’s
reassuring to find some genuine
security professionals.”
Nicolas Ruff
(Security Engineer, Google)