Skip to content

Commit 982e4ba

Browse files
authored
feat(cti): 📝 CTI doc - Introduction (#674)
The first page of the CTI documentation. This page will inform the user about the CTI, what it is, and its benefits. ![image](https://github.com/user-attachments/assets/bd475f86-0e37-4f9f-9976-eea4d7d00420) ![image](https://github.com/user-attachments/assets/ff88cfa9-9867-4d7c-90b8-18786fa5c2ca) ![Capture d’écran 2024-11-18 à 15 04 09](https://github.com/user-attachments/assets/3e865337-6dff-4ecb-98ed-66cf09c5540f) The pages are coming in following PRs: - Advanced filtering with facet - IP Details page
2 parents 73db233 + 367aaf3 commit 982e4ba

File tree

3 files changed

+86
-14
lines changed

3 files changed

+86
-14
lines changed

crowdsec-docs/sidebarsUnversioned.js

Lines changed: 24 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -132,7 +132,7 @@ module.exports = {
132132
{
133133
label: "Blocklists",
134134
type: "doc",
135-
id: "blocklists/intro"
135+
id: "blocklists/intro",
136136
},
137137
{
138138
type: "category",
@@ -174,6 +174,17 @@ module.exports = {
174174
},
175175
],
176176
},
177+
{
178+
type: "category",
179+
label: "CTI",
180+
items: [
181+
{
182+
type: "doc",
183+
label: "Introduction",
184+
id: "console/cti/intro",
185+
},
186+
],
187+
},
177188
{
178189
type: "category",
179190
label: "Decision",
@@ -186,11 +197,11 @@ module.exports = {
186197
{
187198
type: "category",
188199
label: "Enterprise support",
189-
link:{
200+
link: {
190201
type: "doc",
191202
id: "console/enterprise_support",
192203
},
193-
items: []
204+
items: [],
194205
},
195206
{
196207
type: "link",
@@ -346,8 +357,8 @@ module.exports = {
346357
"integrations/sophos",
347358
"integrations/genericfirewall",
348359
"integrations/remediationcomponent",
349-
]
350-
}
360+
],
361+
},
351362
],
352363
troubleshootingSideBar: [
353364
{
@@ -375,7 +386,7 @@ module.exports = {
375386
{
376387
type: "doc",
377388
id: "service_api/getting_started",
378-
label: "Getting Started"
389+
label: "Getting Started",
379390
},
380391
{
381392
type: "category",
@@ -384,8 +395,7 @@ module.exports = {
384395
"service_api/quickstart/authentication",
385396
"service_api/quickstart/blocklists",
386397
"service_api/quickstart/integrations",
387-
]
388-
398+
],
389399
},
390400
{
391401
type: "category",
@@ -394,24 +404,24 @@ module.exports = {
394404
{
395405
type: "doc",
396406
label: "Python",
397-
id: "service_api/sdks/python"
398-
}
399-
]
407+
id: "service_api/sdks/python",
408+
},
409+
],
400410
},
401411
{
402412
type: "link",
403413
label: "Swagger",
404-
href: "https://admin.api.crowdsec.net/v1/docs#/"
414+
href: "https://admin.api.crowdsec.net/v1/docs#/",
405415
},
406416
{
407417
type: "link",
408418
label: "Redoc",
409-
href: "https://admin.api.crowdsec.net/v1/redoc"
419+
href: "https://admin.api.crowdsec.net/v1/redoc",
410420
},
411421
{
412422
type: "doc",
413423
id: "service_api/faq",
414-
label: "FAQ"
424+
label: "FAQ",
415425
},
416426
],
417427
guidesSideBar: [
786 KB
Loading
Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
---
2+
title: Introduction
3+
description: Introduction to the Alerts section of the CrowdSec Console
4+
---
5+
6+
**CrowdSec’s Cyber Threat Intelligence (CTI)** is a cutting-edge platform that enhances your cybersecurity defenses through community-driven insights and advanced threat intelligence. This introduction provides an overview of CTI’s purpose, benefits, competitive advantages and including a search page with filters and IP detail pages.
7+
8+
Investigate your first IP [there](https://app.crowdsec.net/cti).
9+
10+
![Alerts](/img/console/cti/home.jpeg)
11+
12+
# What Is Cyber Threat Intelligence (CTI)?
13+
14+
CrowdSec’s Cyber Threat Intelligence (CTI) platform empowers organizations with real-time, actionable data on suspicious or malicious IP addresses. By leveraging community-shared threat signals and enriching them with advanced analytics, CTI offers a robust framework for identifying and mitigating risks before they impact your infrastructure.
15+
16+
CTI serves as your go-to resource for proactive defense, offering an intuitive interface, powerful search capabilities, and detailed insights into potentially harmful IPs and their activities.
17+
18+
# What Are the Benefits of CTI?
19+
20+
**1. Real-Time Threat Awareness**
21+
22+
CTI keeps you informed of the latest cybersecurity threats. By analyzing and enriching data from a global community, it provides up-to-the-minute intelligence on suspicious activities, enabling swift and informed decision-making.
23+
24+
**2. Comprehensive IP Insights**
25+
26+
Every IP address in CTI comes with a detailed profile:
27+
28+
- Risk scores and threat levels
29+
- Associated threat types (e.g., brute force, spam, port scanning)
30+
- Geolocation data
31+
- Historical activity logs
32+
33+
This wealth of information equips you with everything needed to understand the potential risks associated with an IP.
34+
35+
**3. Community-Powered Defense**
36+
37+
CrowdSec stands apart with its community-based approach. By pooling insights from thousands of users worldwide, CTI benefits from a vast, ever-growing database of validated threat intelligence.
38+
39+
**4. Search and Discovery Tools**
40+
41+
With CTI’s advanced search and filtering capabilities, finding relevant information about IPs has never been easier. Whether you’re investigating a specific IP or searching for trends, CTI provides an intuitive and streamlined experience.
42+
43+
**5. Integration-Friendly**
44+
45+
CTI integrates seamlessly into your existing CrowdSec setup, making it an invaluable part of your defense strategy without requiring additional complexity. Use the [Free CrowdSec CTI API](https://app.crowdsec.net/settings/cti-api-keys) to access threat data programmatically and enhance your security operations.
46+
47+
# What to Expect Next
48+
49+
In this documentation, you’ll discover:
50+
51+
### IP Details Pages
52+
53+
Dive deep into individual IP profiles to uncover:
54+
55+
- Risk assessment scores
56+
- Threat patterns
57+
- Timeline of malicious activity
58+
- Geographical distribution of attacks
59+
60+
### Faceted Research for Analysts
61+
62+
Understand how CTI enables analysts to uncover trends, identify repeat offenders, and map out potential attack vectors using advanced research tools. [(You can check this example)](<https://app.crowdsec.net/cti?q=classifications.classifications.name:%22crowdsec:ai_vpn_proxy%22+AND+(reputation:malicious+OR+reputation:suspicious)&page=1>)

0 commit comments

Comments
 (0)