“It’s a real mess lately,” says Philippe Humeau, CEO and founder of CrowdSec, describing the current state of cybersecurity market categories. In a recent episode of Category Visionaries, Philippe pulled back the curtain on an uncomfortable truth about category creation in cybersecurity: it’s often more about marketing theatrics than solving real problems.
The Category Creation Game
“As soon as you try to leave marketing doing proper job, they all go drinking beer and stop piecing in every other flower pot and they give names to things and it’s terrible mess,” Philippe explains, highlighting how yesterday’s category name becomes today’s obsolete label. He points to a telling example from this year’s Black Hat conference: “They’re all pretending to be XDR. I was like but what you do is a CM. Actually, yes, but people have budget for XDR and not for CM.”
This candid assessment reveals a deeper problem in the cybersecurity industry: the tendency to chase trending categories rather than focus on solving real security challenges. It’s a game that CrowdSec has chosen not to play.
Finding Space in the Blue Ocean
Instead of forcing themselves into existing categories, CrowdSec has embraced what Philippe calls a “blue ocean strategy.” Their approach straddles multiple traditional categories:
- Cyber Threat Intelligence (CTI)
- Intrusion Detection System (IDS)
- Intrusion Prevention System (IPS)
“We are probably the biggest CTI owners so far because we collect from 100,000 different machines in 175 different countries,” Philippe notes. But he’s quick to add, “Are we just this? No, we’re also an IDS and an IPS.”
A $30 Billion Market Opportunity
When it comes to market size, the opportunity is substantial. “It’s tagged as a 30 to 20 billion market and growing,” Philippe shares. Their target market spans several key segments:
- Large corporations
- Banks
- Insurance companies
- Media companies
- CMS providers
- VPN providers
- IoT camera manufacturers
What connects these diverse segments? They all share a critical need: understanding “what’s happening, when is happening and where” in terms of cyber threats.
Two-Tier Market Strategy
CrowdSec’s market approach is bifurcated between their block list service and their signal intelligence:
“The market is everyone for the block list part,” Philippe explains. But for their advanced signal intelligence service, which processes “16 million threats per day,” the target narrows to larger enterprises that can leverage this depth of intelligence.
“We see 16 million valuations per day… We cannot all get them into a block list. It would not be curated enough, it would trigger false positives,” Philippe notes. Out of the 7 million IP addresses they continuously monitor, only 20,000 to 25,000 make it to their block list, ensuring “100% success rate and no false positive and no poisoning attempt.”
Beyond Category Constraints
CrowdSec’s approach demonstrates an important lesson for cybersecurity startups: sometimes the most effective strategy is to transcend traditional category definitions. While industry analysts and marketers might push for neat categorization, the reality of modern cybersecurity challenges demands solutions that cross boundaries.
“People are buying signals,” Philippe observes matter-of-factly. Whether a company wants to protect their VPN entry points or prevent their IoT cameras from becoming part of a botnet, the fundamental need remains the same: actionable intelligence about cyber threats.
This focus on solving real problems rather than fitting into predefined categories has served CrowdSec well. Their network has grown to approximately 110,000 installations in just two years, with ambitions to reach a million users – proving that sometimes the best category is the one you define for yourself.
For cybersecurity startups navigating their own category decisions, CrowdSec’s story offers a compelling alternative to the traditional category creation playbook: focus on solving real problems, embrace complexity where necessary, and let your solution define its own space in the market.
Twitter
facebook
linkedin