Use cases for CrowdSec with the goal of protecting a signup process?

I’ve been looking at CrowdSec and from what I can tell it focuses pretty strongly on web request and e.g. firewall logs.

Is there any sort of applicability of this tool for detection and remediation of other activities?

Specifically, service signups. My use case would be detecting suspicious/abusive signups on a service provisioning platform and the suspicion partly revolves around external factors (signup IP, email domain, service name chosen).

We tend to see human offenders rather than bots, so a captcha-based solution wouldn’t make sense.

Does this sound like the sort of problem it would make sense to try and solve using CrowdSec, or this not the tool for that? We could do custom tie-ins for detection and remediation from our platform with CrowdSec if applicable.

CrowdSec primarily reads logs, so if the application log these details such as IP, email and such then yeah it could detect it but from my own opinion you wouldnt want to log email addresses to a log file.

However, you could use our blocklists to proactively block known malicious ip address such a proxy/vpn which is known to be abused by people to avoid rate limits.