Open-source models and platforms are proving invaluable for addressing one of the most pressing challenges faced by cybersecurity startups: achieving a balance between delivering reliable applications at scale and low cost while ensuring compatibility with existing IT infrastructure. By overcoming this challenge and others, open source is revolutionizing the cybersecurity landscape, with threat intelligence leading the charge.
0:01/14:43 Are you ready for AI agents? Open source is becoming a game-changer for cybersecurity startups.
It's impressive to see startups successfully leveraging open-source solutions, even in a challenging market for venture capital. A standout example is the European cybersecurity startup Filigran, which secured €15M ($16.3 million) in Series A funding from global venture capital firm Accel just six months after raising €5M ($5.4 million) in seed funding. “The Filigran team has achieved remarkable milestones since launch, and we believe that their open-source community and platform approach will empower organizations to enhance their threat intelligence initiatives,” remarked Andrei Brasoveanu, Partner at Accel.
Filigran's Extended Threat Management (XTM) suite comprises a range of open-source cybersecurity products, including OpenCTI and OpenBAS, which equip organizations to structure, store, and analyze threat intelligence while performing stress tests and threat management exercises. Over 4,200 organizations worldwide, including Marriott, Hermès, Airbus, Novartis, the FBI, and the European Commission, utilize the XTM suite.
Prominent cybersecurity providers are currently exploring and adopting Filigran’s open-source threat intelligence platform. “The Threat Intelligence Team at SentinelOne is utilizing OpenCTI,” stated Filigran CEO Samuel Hassine in a recent interview.
What Sets Filigran’s Approach Apart
Hassine shared insights during an interview on how Filigran is built on open-source principles and design goals to foster an open architecture. This approach enhances agility in addressing customer needs and highlights the advantages of specific open-source tools over commercial alternatives. Several cybersecurity CEOs have noted that open-source tools for specialized use cases often outperform their commercial counterparts, giving their development and product teams a competitive edge in accelerating release cycles.
The XTM suite allows organizations to flexibly structure, store, and analyze threat intelligence while conducting stress tests and threat management exercises. It features a modern web application design, ensuring ISO 22398 compliance, a RESTful API, and a user-friendly frontend.
OpenCTI equips organizations with essential tools for organizing, storing, and operationalizing threat intelligence across technical, operational, and strategic levels. Meanwhile, OpenBAS provides attack simulation capabilities that leverage OpenCTI’s threat intelligence to conduct simulations, stress tests, and threat management exercises, offering a consolidated view of potential cybersecurity gaps for proactive defense improvements. Enterprises also utilize the platform for planning and conducting crisis exercises and adversary simulations.
OpenCTI’s dashboards present contextual threat intelligence in real-time, providing organizations with critical data to strengthen their security posture and prevent potential intrusions and breaches.
Filigran’s Collaboration with the FBI
Filigran's partnership with the FBI highlights the trust placed in its OpenCTI platform for organizing and analyzing cybercrime data, enhancing collaboration across agencies, and improving incident response strategies. “The integration of OpenCTI into the FBI’s operational framework marks a significant advancement in knowledge management and threat analysis,” Hassine noted. “It enables the FBI to manage extensive data sets, identify patterns, and respond more effectively to cyber threats.”
This collaboration illustrates how open source is streamlining integration with law enforcement operational frameworks, marking a critical evolution in managing and analyzing threats.
The Future of Cybersecurity Defined by Open Source
Cybersecurity founders and senior product leaders emphasize that the benefits of open source are central to their current and future development strategies. John Morello, CTO and co-founder of Gutsy, explained that the open-source nature of Google’s BERT language model allows for customized training tailored to specific security applications while ensuring privacy and efficiency. Key drivers for choosing open source include greater transparency, enhanced data privacy assurances, access to expertise, and increased integration capabilities across platforms.