Crowdsec leverages crowdsourcing to reinvent cybersecurity economics

Join Transform 2021 this July 12-16. Register for the AI event of the year.

Imagine a Ferarri losing Le Mans to a 40-year-old Pinto with a broken headlight and two flat tires. That pretty much describes the cybersecurity industry.

Every day, hackers spending just a few thousand dollars manage to thwart defenses that cost companies hundreds of millions of dollars. That’s because these security systems only need to be beaten once out of thousands of tries to have their vulnerabilities exploited.

Crowdsec wants to even that playing field and fix this economic imbalance by using crowdsourcing and open-source software. Building what it calls a “massively multiplayer firewall,” the company believes this collaborative approach represents a critical strategic shift for protecting digital assets.

“If you have to be open, then you have to take the risk that all your assets and resources have to be defended wherever they are,” said Crowdsec CEO and cofounder Philippe Humeau. “The point of our thinking is the only way to secure those is to establish trust between two peers. And the only way to establish trust reliably on a large scale is the crowd.”

The company, based in Paris and founded in December 2020, announced today it has raised a $5 million round of funding. Maximilien Bacot, a partner at Breega which led the round, said the concept was too compelling to pass up, even for a firm that doesn’t invest in a lot of security startups.

“The product vision that they are putting on the table, to make sure that we can protect everybody by using the crowd, is very important,” he said. “I love the product and the vision.”

More protection for less

Enterprises have to spend so much on security because they face so many disadvantages. Once a vulnerability is found, it can take time for a patch to be released. And it can take time to deploy the patch.

At the same time, the perimeter that companies have to protect continues to expand as more data moves to the cloud. Not only is this digital footprint larger, but it is more complex, increasing the chances of human or software vulnerabilities.

“The bottom line is the castle strategy is over except if you want to go back to pagers and faxes and stuff that would drag your business 30 years back in time,” Humeau said. “And then you would not be competitive anymore.”

Humeau believes Crowdsec can succeed because there are more humans working in cybersecurity than there are hackers. If they would only band together, that human-driven power could have a big impact.

Of course, some companies attempt to leverage this human factor with bug bounty programs. Crowdsec wants to take that further by creating a platform that allows for real-time, large-scale collaboration.

Once a member of the Crowsdec community reports an IP address that was used to launch an attack, Crowdsec’s software blocks it across its network. In doing so, Humeau said the company will create the largest real-time hacking map on the Internet. That will help block such methods as port scans, identity theft, and denial of service attacks.

In addition to these defensive capabilities, Crowdsec will offer several types of remediation, including simple
access prohibition and rights limitation. The solution will work on just about any environment, including public clouds, containers, and virtualized architectures.

The basic platform will be free as an incentive for people to adopt it and contribute back to the community. Crowdsec will offer some paid services eventually on top of that.

At the most recent RSA, Crowdsec won the grand prize for innovation. In just the 5 months it’s been live, the company has attracted more than 6,000 users in 90 countries.

The company intends to use the money to expand its team and accelerate its efforts to grow its community.

VentureBeat

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Source: Read Full Article