Filigran raises $58M to scale open-source AI threat management suite
Filigran raises $58M Series C to scale its AI-driven threat management stack across OpenCTI, OpenBAS and OpenGRC. Backers include Eurazeo, Insight Partners, Accel, T.Capital.
Filigran raises $58M to expand its AI-driven threat management platform
Filigran has secured $58 million in Series C funding to accelerate global expansion and build out its AI-driven threat management stack. Founded in 2022, the French startup focuses on open-source and enterprise tools that make threat intelligence practical and accessible for security teams.
The round includes support from Eurazeo SE, Insight Partners LP, Accel Partners LP and Deutsche Telekom AG (T.Capital). It follows a $35 million Series B completed in October 2024.
What Filigran offers
OpenCTI is the core platform. It ingests, structures, correlates and enriches threat data from commercial feeds, internal telemetry and open-source sources to create a unified view for analysts and leadership. A flexible data model and connector framework support integrations and community-driven analytics, detections and connectors. Learn more at OpenCTI.
OpenBAS (Breach and Attack Simulation) lets teams run realistic, threat-informed scenarios to test controls and resilience. It's useful for validating configurations, finding gaps and prioritizing mitigation. Many teams map results to frameworks like MITRE ATT&CK to quantify coverage and improvement.
OpenGRC is in development to move from static compliance checklists to dynamic metrics and actionable alerts. The goal: help CISOs and risk managers tighten risk assessment, improve reporting and inform investment decisions with clearer signals.
For enterprises, Filigran provides managed cloud hosting, technical support, consulting, integration services, training and custom development to operationalize these platforms in production.
Why this matters for management
Interoperability and an open approach reduce lock-in and speed up integration across the SOC. Unifying threat data can sharpen detection, streamline response and simplify reporting to the board.
Pairing simulation (OpenBAS) with risk and compliance (OpenGRC) helps translate security posture into measurable outcomes. That supports budget planning, control validation and continuous improvement with clear KPIs.
Funding snapshot
Series C: $58 million supported by Eurazeo SE, Insight Partners LP, Accel Partners LP and Deutsche Telekom AG (T.Capital). Prior round: $35 million Series B in October 2024.
Due diligence checklist
- Integrations: Validate connectors with your SIEM, EDR, ticketing and intel feeds. Review API limits, throughput and data model fit.
- Data governance: Hosting model, data residency, PII handling, auditability and compliance requirements.
- TCO: Compare open-source vs. enterprise features, support SLAs, managed hosting costs and internal maintenance effort.
- Control validation: Use OpenBAS to test top attack paths. Track detection coverage, dwell time and false positives against ATT&CK techniques.
- Metrics: Define targets for alert quality, MTTR, risk reduction and reporting cadence via OpenGRC.
- Enablement: Training plan, implementation services, change management and community support maturity.
- Roadmap and SLAs: AI correlation and prioritization capabilities, OpenGRC maturity, uptime and response commitments.
Practical next steps
Run a 90-day pilot in one business unit. Integrate 3-5 high-value intel sources, a core detection pipeline and a handful of critical controls. Set clear success metrics tied to coverage, time-to-detect and remediation speed.
If team upskilling is on your 2025 plan, explore curated learning paths by role to accelerate adoption of AI and security analytics: Courses by job.
