Paris-based cybersecurity startup Filigran is leveraging the success of OpenCTI to develop a portfolio of open-source threat management solutions. Their first product, OpenCTI, has already seen early success as an open-source threat intelligence platform.
Recently, Filigran secured €15 million (approximately $16 million) in funding in a round led by Accel, with participation from existing investors Moonfire Ventures and Motier Ventures.
“This software product is designed to give you an overview of your entire threat environment. More importantly, it’s not limited to technical or non-technical elements. It’s really a consolidated view of your threat environment, from the most technical and low-level elements to the most strategic ones,” said co-founder and CEO Samuel Hassine.
“So you’ll find information that will help you get better at threat detection, improve your response to security incidents, but also improve your risk analysis as a CISO.”
OpenCTI allows customers to gather threat data from various sources through its modular design. Using connectors, users can import and enrich data from providers such as CrowdStrike, SentinelOne, and Sekoia. This brings a unique “bring-your-own-data” approach to the platform.
From there, cybersecurity teams can explore the data in a structured manner, with support for relationships between entities for added context. The platform also offers various data visualization methods.
Essentially, OpenCTI is a crucial tool for cybersecurity teams handling incidents on a daily basis, and can serve as a viable alternative to other threat management solutions like ThreatQuotient, Anomali, and EclecticIQ.
Filigran’s journey began several years ago when co-founders Samuel Hassine and Julien Richard started working on OpenCTI as a side project. Both founders have a strong background in cybersecurity and data engineering, with Hassine previously working with France’s ANSSI cybersecurity agency and Tanium, and Richard leading engineering teams in data-driven products.
“At first, OpenCTI was just a side project. But the duo decided to build a startup around this product,” the article notes.
Today, OpenCTI boasts more than 4,000 stars on GitHub and 10 million downloads for the open-source edition. But beyond its open-source success, Filigran has also gained over a hundred paid customers, including major names like Marriott, Thales, and Airbus, as well as organizations like the FBI, European Commission, and Dutch police.
These customers opt for the enterprise edition of OpenCTI, which is available as a hosted software-as-a-service or on-premise with an enterprise license. Following the footsteps of other successful cybersecurity companies like CrowdStrike and Palo Alto, Filigran is now expanding its product portfolio.
Their second product, OpenBAS, was previously known as OpenEX. It is an attack simulation platform that allows companies to create exercise scenarios across multiple communication channels, such as email and text messages. All data is recorded in OpenBAS, allowing for review of goals and performance against those goals.
“OpenBAS can be used as a standalone product, but it works better if you’re already using OpenCTI as it can leverage the threat intelligence data,” the article explains.
Filigran has two additional products in their eXtended Threat Management (XTM) suite, focusing on data-driven risk analysis and crisis management. The company’s ultimate vision for this suite is a collection of four products that work together to provide value to customers. Though, each product can also be used separately.
Currently, Filigran has 40 employees and intends to expand to 70 employees by the end of the year. Plans for a U.S. team are also in the works.