Cybersecurity startup makes open source pay, gains funding in a down market

Open-source models and platforms are proving valuable in solving one of the most urgent paradoxes all cybersecurity startups face: balancing the need to deliver reliable apps at scale and low cost while being open enough to integrate across existing IT infrastructure.

By bridging that paradox and others, open source is driving a seismic shift in cybersecurity, with threat intelligence being at the forefront. It’s fascinating to see startups capable of making open source pay so quickly and at such high funding rounds in a down market for VC investments. The latest and most noteworthy is the European cyber tech startup Filigran. The four-year-old startup received €15M ($16.3 million) in Series A funding led by global venture capital firm Accel, just six months after its initial €5M ($5.4 million) seed round.

“The Filigran team has achieved a huge amount since launch, and we believe that their open source community and platform approach will enable organizations to upscale their threat intelligence efforts,” said Andrei Brasoveanu, Partner at Accel. Existing investors Moonfire Ventures and Motier Ventures also participated in the round. Filigran’s Extended Threat Management (XTM) suite is in use at more than 4,200 organizations globally, including Marriott, Hermès, Airbus, Novartis, the FBI and the European Commission.

Leading cybersecurity providers are both evaluating and actively using Filigran’s open-source threat intelligence platform today. “The Threat Intelligence Team from SentinelOne is using OpenCTI,” Filigran CEO Samuel Hassine told VentureBeat in a recent interview.Hassine explained during a recent interview with VentureBeat how the company is deliberately built on open-source principles and design goals to ensure an open architecture, greater agility in responding to customer needs and the superiority of specific open-source tools over commercial ones.

Several cybersecurity CEOs have told VentureBeat that open-source tools for specific use cases are ahead of commercially available ones, giving their DevOps and product times an inside edge on accelerating release cycles. Filigran’s XTM suite is designed to give organizations the flexibility to structure, store and analyze threat intelligence while conducting stress tests and threat management exercises. The suite includes OpenCTI and OpenBAS. Filigran’s platform is ISO 22398 compliant and has been designed as a modern web application, including a RESTFul API and a UX-oriented frontend.

OpenCTI gives organizations the tools they need to organize, store and operationalize threat intelligence information at a technical, operational and strategic level. OpenBAS provides attack simulation tools on the XTM platform that use OpenCTI’s threat intelligence to create attack simulations, stress tests and threat management exercises. OpenBAS can also deliver a consolidated view of potential gaps in a company’s cybersecurity response, allowing for proactive improvement of defense mechanisms.

Hassine told VentureBeat that enterprises also use their platform to plan, schedule and conduct crisis exercises, in addition to regularly performing adversary and breach simulations.One of Filigran’s most well-known customers is the FBI, which uses the Open CTI platform to organize and analyze cybercrime data and enable collaboration and information sharing within and across agencies. The FBI also relies on Filigran to help improve response times and strategies to cyber incidents.

Filigran is now instrumental in organizing and analyzing cybercrime data, managing the modeling of multiple ransomware campaigns and enhancing response to cyber incidents. Open CTI’s threat intelligence capabilities include automated reasoning, automation, and advanced correlation that assist in investigations, enabling agencies to respond more quickly and effectively to cyber incidents.