Ready to launch your own podcast? Book a strategy call.
Frontlines.io | Where B2B Founders Talk GTM.
Strategic Communications Advisory For Visionary Founders
CrowdSec: Building the ‘Waze of Cybersecurity’ Through Community-Powered Defense
In a recent episode of Category Visionaries, Philippe Humeau, CEO and founder of CrowdSec, shared how his company is revolutionizing cybersecurity through collaborative defense. With over $21 million in funding, CrowdSec is reimagining how organizations protect themselves against cyber threats by harnessing the power of community-driven security.
From Gaming to Cybersecurity: The Genesis of CrowdSec
Humeau’s journey into cybersecurity began unexpectedly in his university years when he met someone who had cracked the games he played as a child. “I met here guys that was cracking games back in the days for Amiga and Atari mini,” Philippe recalls. “He took me down the rabbit hole of security, and it was a forever crush ever since.”
This early fascination with security led Humeau through roles as a penetration tester and defensive security specialist before founding CrowdSec, where he’s now tackling one of cybersecurity’s most persistent challenges: the limitation of fighting alone against increasingly sophisticated threats.
Reimagining Intrusion Prevention for the Modern Era
CrowdSec builds upon the legacy of traditional Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS), but with a crucial twist: collaboration at scale. As Philippe explains, “If your machine is being grasped by, I don’t know, ransomware letter remove, maybe it’s the same case somewhere else and the same IP address is behind both attacks.”
This insight led to CrowdSec’s innovative approach: creating what Humeau describes as “some kind of internet neighborhood watch” where organizations collectively identify and block malicious actors. The system works through two main components:
The results speak for themselves: “92% of the protection is done by this reputation component by the block list and 8% is left to the behavior engine,” notes Philippe.
Product-Led Growth in an Enterprise-Heavy Market
While many cybersecurity companies rely heavily on enterprise sales, CrowdSec has embraced a product-led growth (PLG) strategy. “It’s absolutely PLG,” Philippe emphasizes. “Our clients are mainly in the first place, our users. We are an open source company, an editor.”
This approach has driven remarkable growth, with Humeau noting they’ve reached “probably 110,000 installation in two years. And we are going toward a million.” The strategy proved compelling enough for early investor Breega to back the company even before it had established a revenue stream, understanding the value of the network effect CrowdSec was building.
The Challenge of Monetizing Open Source Security
One of CrowdSec’s biggest challenges has been balancing open source principles with business sustainability. “Bringing an open source company to the market is not easy already because you’re telling the investors, guys, we are giving something for free. But trust me, we have a plan,” Philippe shares.
The company’s solution has been to focus on the value of their threat intelligence data. With visibility into “16 million threats per day” across “7 million IP addresses we are watching continuously,” CrowdSec has built a valuable data asset that larger organizations are willing to pay for.
Network Effects in Cybersecurity
CrowdSec’s most innovative aspect may be its application of network effects to cybersecurity. As Philippe explains, “A network effect is about getting stronger every time someone is joining and getting more valuable every time someone is interacting constantly.”
This approach challenges the traditional “Captain America approach” to cybersecurity, as Humeau colorfully describes it: “Hollywood makes us think that you can fight alone against an army… But the reality is when you fight alone against an army, you lose, period. No matter how better you’re equipped or whatever, you just lose.”
The Future of Collaborative Security
Looking ahead, CrowdSec aims to build what Humeau calls “an entirely real time list or map of all the addresses using by cybercriminals.” The goal is ambitious but clear: “If one is used and we don’t know about it yet, it will be added to the block list in minutes. And if one is released by the guys and is not used anymore, it will disappear from the block list in minutes and eventually down to seconds if we are enough partaking into this effort.”
This vision represents a fundamental shift in how organizations approach cybersecurity, moving from isolated defense to collaborative protection. With their rapid growth and clear vision, CrowdSec is well-positioned to lead this transformation, proving that in cybersecurity, as in many other fields, the whole can be greater than the sum of its parts.
For organizations interested in joining this collaborative security movement, CrowdSec can be found at crowdsec.net. As Philippe humorously warns, “Be careful just close to the C on your keyboard there’s maybe an X and it’s a totally different website.”
Philippe's approach with CrowdSec, leveraging open-source to foster community collaboration, underlines the power of collective intelligence in enhancing cybersecurity defenses.
Inspired by "Thinking, Fast and Slow," Philippe emphasizes the importance of recognizing how instinctive and analytical thinking impacts leadership and problem-solving, advocating for a balanced approach in strategic decision-making.
Identifying a wide-ranging yet specific target market, such as large corporations in need of reliable threat signals, demonstrates the importance of understanding and addressing the nuanced requirements of different industry verticals.
CrowdSec's focus on product-led growth, particularly in a field slow to adopt this strategy, underscores the potential for such a model to drive adoption and user engagement, especially when the product directly contributes to its own improvement through user participation.
The journey of securing funding for an open-source project like CrowdSec, especially in the cybersecurity space, provides insights into the challenges of convincing investors of the viability and potential profitability of open-source models, emphasizing the importance of demonstrating network effects and the intrinsic value of the data or signals generated.