OpenCTI maker Filigran raises $16 million for its cybersecurity threat management suite


Cybersecurity startup based in Paris watermark capitalizes on the success of OpenCTI to create a suite of open source threat management products. The company has already found some momentum with OpenCTI, its open source threat intelligence platform.

That’s why the company recently raised €15 million (around $16 million at current exchange rates) in a funding round led by Accel with participation from existing investors Moonfire Ventures and Motier Ventures.

Filigran’s first product is OpenCTI. It is a threat intelligence platform that allows you to bring together threat data from multiple sources into a single interface. With its modular approach, customers can use connectors to import and enrich data from a variety of sources, including threat data providers such as CrowdStrike, SentinelOne or Sekoia. In this sense, OpenCTI is a “bring your own data” product.

After that, cybersecurity teams can explore the dataset in a structured way. OpenCTI supports relationships between entities, which adds much-needed context when investigating a threat. The platform also offers different ways to visualize your data.

In other words, it has become an important tool for cybersecurity teams managing incidents on a daily basis and can be used as an alternative to Threat Quotient, Anomaly Or EclecticIQ.

“This software product is designed to give you an overview of your entire threat environment. Most importantly, this is not limited to technical or non-technical elements. It’s truly a consolidated view of your threat environment, from the most technical and low-level elements to the most strategic,” co-founder and CEO Samuel Hassine told me.

“You will thus find information which will of course help you to better detect threats – to improve your response to security incidents – but also to improve your risk analysis as a CISO.

From an open source side project to 70 collaborators

Samuel Hassine and his co-founder Julien Richard started working on OpenCTI several years ago, long before Filigran was created. Hassine spent several years working for ANSSI and then Tanium, while Richard spent several years leading engineering teams working on data-driven products.

At first, OpenCTI was just a side project. But the duo decided to create a startup around this product. In addition to raising more than 4,000 stars on GitHub and 10 million downloads for the open source edition of OpenCTI, Filigran already has more than a hundred paying customers, including Marriott, Thales, Airbus, but also the FBI, the European Commission and the Dutch police.

These customers pay for the enterprise edition of OpenCTI, which can be used as a hosted or on-premises software product as a service with an enterprise license. From now on, Filigran wants to follow the examples of CrowdStrike or Palo Alto and build a portfolio of cybersecurity products.

Filigran’s second product is OpenBAS, an attack simulation platform previously called OpenEX. OpenBAS can be used to create exercise scenarios across multiple communication channels, such as email and SMS. Everything is then recorded in OpenBAS so you can review the company’s goals and performance against those goals.

OpenBAS can be used as a standalone product, but it works best if you already use OpenCTI because it can use threat intelligence data from OpenCTI. Filigran’s eXtended Threat Management (XTM) product suite will include two other products focused on data-driven risk analysis and crisis management.

Image credits: watermark

“The vision that Julien and I have for the XTM Suite is a suite made up of four products that interact with each other to make them more useful. You can use each of them separately, but when you use the entire suite, it creates a lot of value,” Hassine said.

Currently, 40 people work for Filigran. The company plans to build a team in the United States and reach 70 employees by the end of the year.


Leave a Comment

Your email address will not be published. Required fields are marked *