About Client
CrowdSec is a hyper growth cybersecurity company with 300k+ installations. According to G2 it’s a market leader in 8+ categories.
Problem Statement
Supabase is an open source alternative to Firebase. It provides a lot of features like authentication, database, storage, etc.
CrowdSec offers their users an open source threat detection engine. This engine reads logs using parsers from various data sources to detect malicious IPs using scenarios.
Users wanted to use CrowdSec to protect their self-hosted Supabase instance. However, CrowdSec did not have parsers and scenarios for Supabase. Thus the user was not able to use CrowdSec to protect their Supabase instance.
Solution
We decided to build parsers and scenarios for Supabase. This would allow users to use CrowdSec to protect their Supabase instance.
Implementation
We studied all the components of Supabase. We found out that the log emitting services was postgres, pgbouncer and kong. However the log format for postgres was non-standard.
We updated the exisiting postgres parser to support the non-standard log format. We found out that the log format for pgbouncer and kong was standard, CrowdSec already had parsers for other service which were repurposed for pgbouncer and kong.
We bundled all this into a CrowdSec collection. We also wrote integration tests to ensure the parsers and scenarios work as expected.
Results
The parsers and scenarios are open source and available on CrowdSec Hub
We also wrote a blog post about this. You can read it here.