Open-source models and platforms are proving valuable in solving one of the most urgent paradoxes all cybersecurity startups face: balancing the need to deliver reliable apps at scale and low cost while being open enough to integrate across existing IT infrastructure.
By bridging that paradox and others, open source is driving a seismic shift in cybersecurity, with threat intelligence being at the forefront.
Open source is becoming kryptonite for cybersecurity startups
It’s fascinating to see startups capable of making open source pay so quickly and at such high funding rounds in a down market for VC investments. The latest and most noteworthy is the European cyber tech startup Filigran. The four-year-old startup received €15M ($16.3 million) in Series A funding led by global venture capital firm Accel, just six months after its initial €5M ($5.4 million) seed round.
“The Filigran team has achieved a huge amount since launch, and we believe that their open source community and platform approach will enable organizations to upscale their threat intelligence efforts,” said Andrei Brasoveanu, Partner at Accel.
Existing investors Moonfire Ventures and Motier Ventures also participated in the round. Filigran’s Extended Threat Management (XTM) suite is in use at more than 4,200 organizations globally, including Marriott, Hermès, Airbus, Novartis, the FBI and the European Commission.
VB Event
The AI Impact Tour – NYC
We’ll be in New York on February 29 in partnership with Microsoft to discuss how to balance risks and rewards of AI applications. Request an invite to the exclusive event below.
Leading cybersecurity providers are both evaluating and actively using Filigran’s open-source threat intelligence platform today. “The Threat Intelligence Team from SentinelOne is using OpenCTI,” Filigran CEO Samuel Hassine told VentureBeat in a recent interview.
What makes Filigran’s approach to open source unique
Hassine explained during a recent interview with VentureBeat how the company is deliberately built on open-source principles and design goals to ensure an open architecture, greater agility in responding to customer needs and the superiority of specific open-source tools over commercial ones.
Several cybersecurity CEOs have told VentureBeat that open-source tools for specific use cases are ahead of commercially available ones, giving their DevOps and product times an inside edge on accelerating release cycles.
Filigran’s XTM suite is designed to give organizations the flexibility to structure, store and analyze threat intelligence while conducting stress tests and threat management exercises. The suite includes OpenCTI and OpenBAS. Filigran’s platform is ISO 22398 compliant and has been designed as a modern web application, including a RESTFul API and a UX-oriented frontend.
OpenCTI gives organizations the tools they need to organize, store and operationalize threat intelligence information at a technical, operational and strategic level. OpenBAS provides attack simulation tools on the XTM platform that use OpenCTI’s threat intelligence to create attack simulations, stress tests and threat management exercises. OpenBAS can also deliver a consolidated view of potential gaps in a company’s cybersecurity response, allowing for proactive improvement of defense mechanisms.
Hassine told VentureBeat that enterprises also use their platform to plan, schedule and conduct crisis exercises, in addition to regularly performing adversary and breach simulations.
OpenCTI’s dashboards contextual threat intelligence in real-time, providing organizations the data they need to adjust and strengthen their security posture, averting potential intrusions and breaches. Source: Filigran
Filigran and FBI are partners in fighting cybercrime
One of Filigran’s most well-known customers is the FBI, which uses the Open CTI platform to organize and analyze cybercrime data and enable collaboration and information sharing within and across agencies. The FBI also relies on Filigran to help improve response times and strategies to cyber incidents.
The FBI’s reliance on Filigran also indicates how enterprises trust the company’s open-source threat intelligence platform. “The integration of OpenCTI into the FBI’s operational framework represents a significant evolution in knowledge management and threat analysis,” Hassine wrote last year. “It enables the FBI to manage vast amounts of data, identify patterns and connections, and respond more effectively to cyber threats,” he continued.
Open source is helping to streamline how integrated Open CTI is with law enforcement operational frameworks. Hassaine contends that this marks a “significant evolution in terms of knowledge management and threat analysis” during a recent interview with VentureBeat.
Filigran is now instrumental in organizing and analyzing cybercrime data, managing the modeling of multiple ransomware campaigns and enhancing response to cyber incidents. Open CTI’s threat intelligence capabilities include automated reasoning, automation, and advanced correlation that assist in investigations, enabling agencies to respond more quickly and effectively to cyber incidents.
Cybersecurity’s future being defined by open-source
Cybersecurity company founders and senior product leaders tell VentureBeat that open sources’ many benefits are core to their company’s current and future development strategy.
John Morello, CTO and co-founder of Gutsy told VentureBeat in a recent interview that the open-source nature of Google‘s BERT open-source language model allows Gutsy to customize and train their model for specific security use cases while maintaining privacy and efficiency.
Many cite more transparency and better assurances of data privacy, along with great availability of expertise and more integration options across their architectures, as key reasons for going with open source.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.