Filigran's Open-Source Model Fuels 4x Growth in U.S. Cyber Market

NEW YORK, NY – March 23, 2026 – As the cybersecurity industry prepares to convene for the annual RSA Conference, European threat management firm Filigran is making waves with a major announcement of its own: a nearly fourfold increase in North American annual recurring revenue over the past year. This explosive growth, underpinned by significant enterprise wins and a unique open-source business model, signals a powerful validation of the company's strategy in the highly competitive U.S. market.

Founded in 2022, the Paris-based company has rapidly established itself as a formidable player, attracting 29 new enterprise and government customers in the last twelve months. This roster includes high-profile organizations such as the FBI, alongside major players in finance, healthcare, and technology, demonstrating deep penetration into highly regulated and security-conscious sectors. This momentum is not just about new logos; a 119% net revenue retention rate indicates that existing customers are significantly expanding their investment, adopting more capabilities from the company's Extended Threat Management (XTM) platform.

The Open-Source Engine of Growth

At the heart of Filigran's success is a strategy that diverges from many of its proprietary competitors. The company's commercial growth is built upon OpenCTI, one of the world's largest open-source threat intelligence communities, used by over 6,000 organizations globally. This practitioner-driven foundation provides a continuous feedback loop and a go-to-market engine that purely commercial vendors find difficult to replicate. The open-source model fosters transparency and trust, eliminating the vendor lock-in that many enterprises fear, while allowing Filigran to build enterprise-grade SaaS solutions on top of a battle-tested core.

This approach yields tangible results for customers. Electric vehicle manufacturer Rivian, for instance, deployed Filigran’s platform across its security operations and reported a 95% improvement in response times and an 88% reduction in mean time to detect threats over a 12-month period. The efficiency gains are clear at the operational level.

“OpenCTI has saved our CSOC several minutes per ticket,” said Chris Mandich, Director of Cybersecurity Operations at Rivian. “When the team goes through hundreds of cases per day, this easily adds up to hours very quickly.”

This blend of community-driven innovation and enterprise-focused features allows organizations to start with a powerful open-source tool and scale into a fully supported, feature-rich commercial platform as their needs evolve. It's a model that appears to be resonating deeply with a security community that values collaboration and adaptable technology.

Riding the Proactive Defense Wave

A broader market shift is also fueling Filigran's ascent. Organizations are increasingly moving away from a reactive posture of simply triaging endless alerts. Instead, they are embracing proactive, threat-informed defense strategies, a trend crystallized in frameworks like Continuous Threat Exposure Management (CTEM). This approach prioritizes a continuous understanding and reduction of an organization's actual cyber risk.

Filigran’s XTM platform is purpose-built for this paradigm shift. It unifies threat intelligence, adversarial validation, and risk management into a single platform, aiming to close the critical gap between knowing about a threat and taking effective action against it. “Security teams are not losing because they lack data, they’re losing because they can’t move fast enough from intelligence to action,” explained Samuel Hassine, co-founder and CEO of Filigran and former Head of Cyber Threat Intelligence at France’s national cybersecurity agency (ANSSI). “That is the problem Filigran was built to solve... For the first time, security teams can continuously know their threats, test their defenses and prove their resilience, without switching tools.”

Furthering this vision, the company recently announced the general availability of OpenAEV Enterprise Edition, which it bills as the industry’s first open-source, threat-informed adversarial exposure validation solution. Tightly integrated with the OpenCTI threat intelligence platform, OpenAEV enables security teams to build and execute attack scenarios based on prioritized threats and the MITRE ATT&CK framework. This allows them to proactively test and validate their defenses across technical, human, and business domains, moving from theoretical risk assessment to practical, evidence-based resilience.

A European Success Story in the U.S. Market

Filigran’s rapid expansion is a compelling story of a European tech company successfully cracking the code to the American market. Backed by over $100 million in total funding—including a recent $58 million Series C round led by Eurazeo with support from Deutsche Telekom, Accel, and Insight Partners—the company has the capital to fuel its ambitious growth plans. This financial strength is being translated directly into market presence and operational scale.

To support its customer growth, the company expanded its U.S. team by 77% over the past year, bringing its North American headcount to 43. This investment in local talent is complemented by a partner-first go-to-market strategy, which saw partner-attached revenue grow by 200% year-over-year. Independent industry analysts have also taken note. Filigran was recognized as one of the fastest-growing midsize cybersecurity firms, landing in the top 30 of the 2026 Cyber 150 list for its 90% headcount growth in 2025. Simultaneously, its OpenCTI platform was named a Leader in the G2 Winter 2026 Threat Intelligence Grid, an accolade based directly on user satisfaction and market presence.

“The ability to turn intelligence into decisive action is a true competitive advantage. Filigran has given our teams the clarity and confidence to make faster, better-informed decisions, reducing our exposure to risk and allowing us to focus our resources where they matter most,” commented Chris Novak, former Vice President of Global Cybersecurity Solutions at Verizon Business.

Platform Innovation and Future Trajectory

While expanding its footprint, Filigran has continued to innovate on its platform. Major updates to OpenCTI include expanded AI capabilities, from AI-assisted threat feed ingestion to a natural-language query chatbot, enhancing the user experience and accelerating analysis. The company also launched XTM Hub, a free resource center providing dashboards, attack scenarios, and integrations, and the Filigran Academy, an interactive training platform to develop XTM expertise.

With a fortified U.S. presence and a war chest from its recent funding, Filigran is looking ahead. The company's priorities include continued enterprise growth in North America alongside international expansion into new markets, including Japan. As it prepares to showcase its full XTM platform at the upcoming RSA Conference in San Francisco, the company's momentum suggests that its open-source, community-first approach to tackling complex cyber threats is not just an alternative, but a leading strategy for the future of enterprise security.