From Open Source Roots to Cybersecurity Disruption: The Filigran Story

Samuel, with over 15 years in threat intelligence and crisis management, had witnessed firsthand how delays in understanding threats could lead to severe consequences. Julien, a seasoned data engineer and AI practitioner, recognized that tools existed to aggregate, process, and make sense of complexity—but they weren't being woven into operations in a meaningful way.

They asked: What if proactive threat intelligence could be made accessible, actionable, and integrated—as open source at its heart but enterprise-grade in its performance? That question became Filigran.

Founders Behind the Vision: Samuel & Julien

Samuel Hassine serves as CEO & co-founder. His background spans leadership in security strategy and threat intelligence—he previously held senior roles at the French government's ANSSI and in crisis management. This experience gave him both domain depth and a reputation for rigor.

Julien Richard is CTO & co-founder. With 20+ years working in product engineering and AI/data engineering, Julien's strength lies in turning complex architectures and models into stable, high-performance systems. He had managed large engineering teams and contributed to open source work before Filigran.

Together, they represent a balance of strategy + technical execution; domain expertise + engineering discipline. This blend would prove essential for Filigran's rapid growth.

Read Also: Unfabled: How Hannah Samano Is Rewriting Women’s Health for a New Era

The Early Work: Open Source, Proof, and Community

Before becoming a whole company, Samuel and Julien began building tools in their spare time. OpenCTI (for threat-knowledge aggregation), OpenEx (for threat simulation/crisis-management exercises), and OpenBAS (for breach & attack simulation) are some of their early projects. These tools grew from open source roots—attracting users and contributors who saw value in more organized threat intelligence.

They listened closely to users: some from government agencies, others from private companies. They saw that threat intelligence was often one step too far downstream; organizations needed not just information but context and actionable insight. The founders recognized that to scale, they had to offer enterprise-level reliability, integrations, and support.

Turning Seed into a Suite of Products: XTM Suite

With validation in hand from early adopters, they formalized Filigran in 2022. The founding mission: build a unified eXtended Threat Management (XTM) suite combining multiple tools under one roof. This includes:

• OpenCTI: For threat knowledge structuring, sharing, and storage. Helps companies track and understand threat campaigns, actors, and tactics.
• OpenBAS: For breach & attack simulation—identifying security gaps by simulating adversaries.
• OpenEx (sometimes stylized differently) for crisis management and planning.
  

These tools helped organizations anticipate threats rather than simply responding. Under Julien's tech leadership, features for real-time alerting, contextual risk scoring, and automation workflows were built. Under Samuel, the product's go-to-market strategy grew: addressing both open source users and paying enterprise customers who need more robust features.

Facing the Storm: Challenges & Growth

As with many cybersecurity startups, early growth came with friction:

• Trust & Adoption: Organizations are cautious about adopting open source tools for threat intelligence, especially in regulated industries. Filigran needed to demonstrate reliability.
• Complexity of Threat Data: Standardizing threat intelligence (different formats, languages, metrics) proved challenging. Julien's engineering experience helped here.
• Balancing free/open and paid/enterprise: Open source is popular with users, but to scale, you need offerings that users can pay for, without turning the community off. Filigran tackled this by adding layers of enterprise features, support, service, and uptime guarantees.
  

Despite challenges, their traction was strong. By mid-2023, over 3,000 organizations and users were interacting with their open source platforms. Some large global customers—corporates and governmental bodies—started coming in.

Funding, Scaling, and Global Ambition

Filigran's seed round in 2023 raised about €5 million, allowing investment in open source core, infrastructure, and enterprise support.

In 2024,  the company raised a $35 million Series B round led by Insight Partners and with participation from both Accel and Moonfire. The funding will be used to accelerate the development of product innovation, scale AI-powered threat intelligence technologies, and expand into the U.S. and Pacific markets.

They expanded their customer base to include big names in corporate and public sectors: Airbus, Marriott, Thales, Hermès, Rivian, European Commission, FBI, and others. These partnerships both validated the platform and underscored the urgency of better, proactive cybersecurity.

Philosophy & Leadership: What Drives Them

Samuel and Julien share a few core beliefs:

• Proactivity over reactivity: Many breaches happen because threat intelligence was gathered too late. Filigran aims to shift that to anticipation.
• Open source as bedrock: They believe open source ensures transparency, wider community trust, and faster feedback loops. It also helps democratize cybersecurity tools.
• Accessibility & usability: Tools are only helpful if people can use them. Filigran emphasizes user experience, integrations, and ease of onboarding.
• Global mindset with local sovereignty: While based in France, their ambition is global. But they also understand that regulation, threat landscapes, and compliance vary regionally; solutions must adapt.

What's Next: Challenges & Roadmap

Looking forward, Filigran under Hassine & Richard has several priorities:

• Building more AI-driven automation in threat detection and response.
• Enhancing products like breach simulation and risk assessment (e.g., more refined adversary models, real-time simulation of attacks).
• Expanding to new geographies while meeting localized regulation, compliance, and threat profiles.
• Deepening enterprise product offerings: improved SLAs, support, training, and governance features.
• Sustaining and growing the open source community—both for innovation and legitimacy.