CrowdSec CTI - Cyber Threat Intelligence
Welcome to CrowdSec's Cyber Threat Intelligence (CTI) platform! Our CTI provides real-time threat intelligence data collected from the global CrowdSec community, helping you make informed security decisions.
Choose Your Experience
CrowdSec CTI offers two ways to access our threat intelligence data:
🌐 Web UI Experience
Perfect for security analysts and investigators who want an intuitive interface to explore threat data.
What you can do:
- Search and analyze IP addresses with detailed threat reports
- Explore threat intelligence using our advanced search capabilities
- View real-time geolocation and risk assessments
- Access predefined searches for common threat hunting scenarios
- Browse the top most aggressive IPs attacking the community
Getting Started: Explore the Web UI →
🔧 API Integration
Ideal for developers and security engineers who want to integrate threat intelligence into their applications, SIEM, or security tools.
What you can do:
- Programmatically query threat intelligence data
- Integrate with existing security workflows and tools
- Build custom threat hunting applications
- Access the same data that powers our Web UI
- Scale your security operations with automated threat lookups
Getting Started: API Documentation →
Community-Powered Intelligence
Our CTI data is powered by the CrowdSec community - a global network of security engines that share attack patterns and malicious IPs in real-time. This collaborative approach ensures:
- Fresh Intelligence: Real-time updates from active attacks worldwide
- High Quality: Community validation reduces false positives
- Global Coverage: Intelligence from diverse geographical locations and attack vectors
- Context-Rich: Detailed behavioral analysis and attack classifications
Ready to Get Started?
Choose your preferred method above, or explore our comprehensive documentation to learn more about threat taxonomy, integrations, and advanced features.