Cyber security startup based in Paris Filigree leverages the success of OpenCTI to create a suite of open source threat management products. The company has already found some early traction with OpenCTI, its open source threat intelligence platform.
That’s why the company recently raised 15 million euros (about $16 million at today’s exchange rate) in a funding round led by Accel with existing investors Moonfire Ventures and Motier Ventures also participating.
Filigran’s first product is OpenCTI. It is a threat intelligence platform that allows you to collect threat data from multiple sources in a single interface. Thanks to its modular approach, customers can use links to import and enrich data from various sources, including threat intel providers such as CrowdStrike, SentinelOne or Sekoia. In this sense, OpenCTI is a product that gives your own data.
After that, cybersecurity teams can explore the data set in a structured way. OpenCTI supports relationships between entities, which adds some much-needed context when investigating a threat. The platform also offers different ways to visualize your data.
In other words, it has become an important tool for cybersecurity teams that manage incidents every day and that can be used as an alternative ThreatQuotient, Anomaly the EclecticIQ.
“This software product is designed to give you an overview of your entire threat environment. Most importantly, it is not limited to technical or non-technical elements. It’s really a unified view of your threat environment, from the most technical and low-level elements to the most strategic,” co-founder and CEO Samuel Hassine told me.
“So you’ll find insights that will help you become better at detecting threats naturally—improve your response to security incidents—but also improve your risk analysis as a CISO.”
From an open source project to 70 employees
Samuel Hasin and its co-founder Julien Richard first started working on OpenCTI several years ago, long before Filigran started. Hassine worked for several years for France’s cybersecurity agency ANSSI and then for Tanium, while Richard spent several years leading engineering teams working on data-driven products.
At first, OpenCTI was just a side project. But the duo decided to create a startup around this product. In addition to gathering more than 4,000 stars on GitHub and 10 million downloads for the open source version of OpenCTI, Filigran already has more than a hundred paying customers, including Marriott, Thales, Airbus, as well as the FBI, the European Commission and the Dutch police.
These customers pay for the enterprise edition of OpenCTI, which can be used as a hosted software-as-a-service or on-premises product with an enterprise license. Now, Filigran wants to follow the examples of CrowdStrike or Palo Alto and build a portfolio of cybersecurity products.
Filigran’s second product is OpenBAS, an attack simulation platform formerly called OpenEX. OpenBAS can be used to create exercise scripts across various communication channels such as email and text messages. Everything is then recorded in OpenBAS so you can review the company’s goals and performance against those goals.
OpenBAS can be used as a standalone product, but works best if you already use OpenCTI, as it can use the threat intelligence data in OpenCTI. There will be two more products in Filigran’s Extended Threat Management (XTM) product suite that focus on data-driven risk analysis and crisis management.
“The vision that Julien and I have for the XTM Suite is a suite of four products that interact with each other to become more useful. You can use each individually, but when you use the whole suite, it creates a lot of value,” Hassine said.
Currently 40 people work for Filigran. The company plans to establish a team in the US and increase to 70 employees by the end of the year.