OpenCTI

OpenCTI is an open-source threat intelligence platform that enables organizations to manage cyber threat intelligence knowledge and observables at tactical, operational, and strategic levels through a Structured Threat Information Expression (STIX) 2.1-based knowledge schema. The platform structures, stores, organizes, and visualizes both technical information like Tactics, Techniques, and Procedures (TTPs) and non-technical information like attribution and victimology, linking each piece of intelligence to its primary source with confidence levels, first and last seen dates, and relationship mapping between data points for comprehensive threat context.

OpenCTI provides 300+ modular connectors that automatically import and enrich threat intelligence from multiple sources including CrowdStrike, SentinelOne, Sekoia, MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK), and Malware Information Sharing Platform (MISP) in a unified interface, enabling Security Operations Center (SOC) teams to conduct intelligence-driven security operations with automated workflows and collaborative sharing. The platform integrates artificial intelligence (AI) for threat feed imports, search functionality, generating insights and summaries, and creating finished intelligence reports through templates, while serving as the foundation for Filigran's eXtended Threat Management (XTM) suite alongside OpenBAS breach and attack simulation platform for proactive threat validation and testing across the entire threat management lifecycle.

Founded in 2022 by Samuel Hassine (CEO, former France Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI) and Tanium executive) and Julien Richard (CTO, former Axway engineering leader), Filigran has raised $60M across three funding rounds led by Insight Partners, Accel, and Moonfire Ventures, growing to 160 employees serving 6,000+ organizations including Airbus, Thales, Marriott, Hermès, Rivian, the Federal Bureau of Investigation (FBI), European Commission, and New York City (NYC) Cyber Command. With 10 million+ downloads, 4,300+ GitHub contributors, and International Organization for Standardization (ISO) 27001 and System and Organization Controls (SOC) 2 certifications, OpenCTI has become the leading community-driven threat intelligence platform with both free Apache 2.0-licensed Community Edition and managed Enterprise Edition offering advanced automation, AI features, and comprehensive support.