Listing Thumbnail

    CrowdSec | Support by cloudimg

     Info
    Sold by: cloudimg 
    Deployed on AWS
    Free Trial
    AWS Free Tier
    This product has charges associated with it for seller support. CrowdSec, the open source collaborative behavioural security engine (IDS/IPS), preinstalled and running as a system service with the SSH and Linux detection collections and the firewall remediation bouncer already enforcing bans in iptables. Parse your logs, detect malicious behaviour and block attacking IPs at the host firewall within minutes of launch. Backed by 24/7 cloudimg support.

    Overview

    Open image

    This is a repackaged open source software product wherein additional charges apply for cloudimg support services.

    Overview CrowdSec is a free and open source, collaborative behavioural security engine. It parses logs, detects aggressive and malicious behaviour using a curated library of detection scenarios, and remediates by blocking the offending source IPs. This image delivers CrowdSec fully installed and running as a system service, with detection collections installed and a firewall remediation bouncer already enforcing decisions, so a host intrusion detection and prevention appliance is protecting the box within minutes of launch.

    Detection Engine The crowdsec agent installed from the official package repository and run by the bundled systemd service, started on boot and restarted on failure. It tails the system journal and the SSH authentication log, runs the events through the installed parsers and scenarios, and records its verdicts as decisions in the embedded Local API. The Linux and SSH detection collections ship installed, so brute-force and credential-stuffing behaviour against the host is detected out of the box. Add more collections from the hub to cover web servers, proxies, mail servers and dozens of other applications.

    Firewall Remediation The firewall bouncer installed and run by its own systemd service polls the Local API for active decisions and enforces them in iptables and ipset, so an attacking IP is dropped at the host firewall the moment a scenario fires. The bouncer authenticates to the engine with a per-instance API key generated on first boot, so no shared secret ships in the image.

    Local API And State The embedded Local API is bound to loopback and backed by a local database on a dedicated, independently resizable data disk, holding the machines, bouncers, alerts and decisions. Drive the engine entirely from the command line: list decisions, inspect metrics, add and remove bans, register additional bouncers and browse the detection hub. There is no web interface to secure: the API is private by default.

    Ready To Use Connect over SSH and the engine is already running and protecting the host. Read the welcome notes, review the active decisions and metrics, install the collections that match your workloads, point the acquisition at your own log sources and the bans are enforced automatically. The Local API database and engine state live on a dedicated data disk.

    cloudimg Support 24/7 technical support by email and chat. Help with log acquisition configuration, collection and scenario selection, parser and whitelist tuning, bouncer deployment, central console enrolment, allowlisting and upgrade planning.

    Use Cases Host intrusion detection and prevention for an internet-facing server. SSH brute-force protection that bans attacking IPs at the firewall automatically. A behavioural security layer for a web server, reverse proxy or application host. A building block for a fleet-wide collaborative security posture.

    All product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

    Highlights

    • CrowdSec, the open source MIT-licensed collaborative behavioural security engine (IDS/IPS), preinstalled and running as a systemd service with the Linux and SSH detection collections installed, no manual setup required
    • The firewall remediation bouncer is installed and active, polling the loopback Local API and enforcing bans in iptables and ipset with a per-instance API key generated on first boot, so attacking IPs are dropped at the host firewall automatically
    • Drive the engine from the command line to list decisions, inspect metrics, add bans and install hub collections, with the Local API database on a dedicated, independently resizable data disk and 24/7 technical support from cloudimg

    Details

    Sold by

    Delivery method

    Delivery option
    64-bit (x86) Amazon Machine Image (AMI)

    Latest version

    Operating system
    Ubuntu 24.04

    Deployed on AWS
    New

    Introducing multi-product solutions

    You can now purchase comprehensive solutions tailored to use cases and industries.

    Multi-product solutions

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Free trial

    Try this product free for 7 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.

    CrowdSec | Support by cloudimg

     Info
    Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.
    If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier  for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier  for more details.

    Usage costs (800)

     Info
    • ...
    Dimension
    Description
    Cost/hour
    t3.small
    Recommended
    t3.small
    $0.05
    t2.micro
    t2.micro instance type
    $0.04
    t3.micro
    t3.micro instance type
    $0.04
    c5a.12xlarge
    c5a.12xlarge instance type
    $0.24
    c5a.16xlarge
    c5a.16xlarge instance type
    $0.24
    c5a.24xlarge
    c5a.24xlarge instance type
    $0.24
    c5a.2xlarge
    c5a.2xlarge instance type
    $0.24
    c5a.4xlarge
    c5a.4xlarge instance type
    $0.24
    c5a.8xlarge
    c5a.8xlarge instance type
    $0.24
    c5a.large
    c5a.large instance type
    $0.08

    Vendor refund policy

    Refunds available on request.

    How can we make this page better?

    Tell us how we can improve this page, or report an issue with this product.
    Tell us how we can improve this page, or report an issue with this product.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    64-bit (x86) Amazon Machine Image (AMI)

    Amazon Machine Image (AMI)

    An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.

    Version release notes

    Initial release of CrowdSec 1.7.8, the open source collaborative behavioural security engine, as a ready-to-use detection and firewall-remediation service with the Linux and SSH collections installed.

    Additional details

    Usage instructions

    Connect via SSH on port 22 as the default login user for your operating system variant (the user guide lists it per variant). This is a headless security-engine service: there is no web interface. Read the welcome notes with: sudo cat /root/crowdsec-info.txt. Confirm the engine and the bouncer are running with: systemctl status crowdsec and systemctl status crowdsec-firewall-bouncer. Check the agent can reach the Local API with: sudo cscli lapi status. The Local API is bound to loopback on port 8080 (health: curl http://127.0.0.1:8080/health ). Operate the engine with cscli: sudo cscli metrics, sudo cscli decisions list, sudo cscli collections list, sudo cscli bouncers list. Install more detection collections from the hub with: sudo cscli collections install crowdsecurity/<name> then sudo systemctl reload crowdsec. Point the log acquisition at your own sources by editing /etc/crowdsec/acquis.yaml. The Local API database and engine state live on a dedicated data disk mounted at /var/lib/crowdsec.

    Resources

    Vendor resources

    Support

    Vendor support

    cloudimg provides 24/7 technical support for this product by email and live chat. Our engineers help with deployment, configuration, updates, performance tuning and troubleshooting; critical issues receive a one hour average response. Contact support@cloudimg.co.uk .

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 reviews
    No customer reviews yet
    Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.