By Jean-Philippe Salles, VP Product, Filigran
Founded in 2022, Filigran is a European cybertech that offers open solutions encompassing threat intelligence, adversary simulation, and crisis response. At Filigran, we believe that embracing open standards, fostering information sharing, and putting the general interest first are pivotal to advancing cybersecurity. This dedication has led us to an exciting juncture: we’ve become a member of OASIS Open, where we’re fully dedicated to the future advancement of the STIX standard.
Since Filigran’s inception, we’ve been tenacious in our implementation of the latest STIX data model within OpenCTI, Filigran’s open threat intelligence platform. Because CTI’s dynamic landscape requires an agile approach, we’ve strived to ensure OpenCTI consistently remains ahead of the curve. Our ongoing collaboration with the broader community has enriched the STIX 2.1 model, embedding it further within OpenCTI to address niches that the current model may not cater to comprehensively.
As we’ve grown — with a great team of over 20 experts and an impressive seed funding of $5 million —we are translating our hands-on experience and rich insights into direct contributions to the evolution of the STIX standard within our Extended Threat Management portfolio.
The OASIS Cyber Threat Intelligence (CTI) Technical Committee (TC) & Filigran: A Perfect Synergy
Through collaboration with other members in the OASIS CTI TC, we aim to actively infuse our proficiency in technical standard implementation, expediting the inclusion of new iterations within our products.
A notable example is the exemplary work by the OASIS CTI TC on a STIX extension, laser-focused on incident handling. OpenCTI has concurrently been reflecting on this theme, meticulously refining our case management modules. This synchronicity provides an opportune moment for collaboration. As a member of the TC, our dual goal is to share our learnings and to assimilate insights from OASIS, ensuring our products evolve seamlessly with the standard’s progression.
Our CEO, Samuel Hassine, summed this enthusiasm, stating, “Common language is the keystone for collaboration among CTI and blue teams. It’s a fundamental principle for our product line, especially for OpenCTI. Participating actively in the evolution of STIX is exhilarating, plus, there are more extension horizons to delve into, so the CTI community can expect exciting announcements soon!”
Beyond STIX: Filigran’s Expanding Vision
Our partnership with OASIS doesn’t end with STIX. Filigran’s broader vision encompasses proactive contributions to TAXII and other emergent cybersecurity standards. By consistently straddling the realms of theory and application, we intend to provide practical feedback from the front lines, helping shape policies and protocols that are both rigorous and implementable. Moreover, given our European heritage and reach, we’re uniquely positioned to bring a blend of global and regional perspectives, augmenting the universality of the standards.
The Road Ahead
Looking forward, we anticipate a flurry of synergistic activities. Regular workshops, cross-collaborations with other industry stalwarts, and participatory development are in the cards. Our experience with entities such as the European Commission, the European Union Agency for Cybersecurity (ENISA), and the National Cybersecurity Agency of France (ANSSI) equips us with nuanced understandings that we’re eager to share.
In conclusion, through collaborative efforts with like-minded OASIS members, we’re determined to strengthen cybersecurity’s foundational pillars. We aim to foster a more secure digital future for all, enriched by shared expertise and powered by innovation.