Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development , Threat Intelligence

Filigran Expands AI-Driven Threat Intel With $35M Series B

Insight Partners-Led Round Boosts US Growth, Fuels Threat Intelligence for Filigran
Filigran Expands AI-Driven Threat Intel With $35M Series B
Samuel Hassine, co-founder and CEO, Filigran (Image: Filigran)

A cyberthreat management startup led by a former Tanium executive raised $35 million to expand its product capabilities around threat intelligence and attack simulation.

See Also: Live Webinar | Cyber Threats in Financial Services: An Adversary-Focused Strategy Beyond Compliance

Filigran said the Series B funding will allow the Paris-based company to enhance its threat intelligence product and security validation and threat simulation tool through advancements in artificial intelligence and natural language processing, according to co-founder and CEO Samuel Hassine. The money will also support Filigran's expansion into the U.S. market as well as hiring across its engineering and sales teams.

"We are actually solving a very pressing problem for SecOps teams that are really, really struggling with their threat intelligence program right now," Hassine told Information Security Media Group.

What's Next in Threat Intelligence, Breach and Attack Simulation

Filigran, founded in 2022, employs 79 people and has raised $59.2 million, including an $18.2 million Series A funding round in February 2024 led by Accel. The firm has been led since inception by Hassine, who previously spent nearly three years overseeing Tanium's security strategy and operations in Europe. The most recent funding should give Filigran sufficient resources to reach breakeven within three years.

The company's most recent funding round was led by Insight Partners, which Hassine said has a vast network of operators who can provide hands-on support in areas like market development and product marketing. Insight's presence in the United States complements Accel - which has a strong presence in Europe - thereby giving Filigran a robust base for U.S. expansion, according to Hassine (see: Are Pure-Play Threat Intel Vendors a Vanishing Breed?).

Filigran plans to implement natural language processing and proactive threat intelligence inside its cyber threat intelligence offering to support security teams with predictive alerts and scenario simulations. For breach and attack simulation, Filigran will debut a scenario-building feature, which he said will enable teams to assess their defenses test their security posture using AI-driven, realistic threat simulations.

"We have non-technical users connecting to the platform, so they need to be able to ask questions in natural language and have the platform get answers to them," he said. "We're in proactive security, which means a lot of use cases about correlation. If you have a new incident, it needs to be attributed and automatically correlated with previous incidents. The platform can alert you and be very proactive."

Hassine said Filigran’s approach to AI is pragmatic, applying it to specific use cases where automation and intelligence can reduce manual effort and boost outcomes. For threat intelligence, AI helps analysts query data naturally, making complex information digestible to non-technical users. In attack simulation, AI can help design realistic scenarios that are dynamically tailored to the customer's operational context.

"AI can help not just to generate content out of the blue, but more like to adapt something already existing to the context of the organization," Hassine said. "And that can be very, very thoughtful, and that makes that more realistic."

Taking Filigran's Cyber Know-How Global

The U.S. market represents a significant growth opportunity, with 75% of global cybersecurity spending based there. Filigran is ramping up hiring in sales and senior roles within the U.S., with plans to double the workforce and generate equal or higher revenue from the U.S. compared to Europe. Hassine said Filigran is looking to build a balanced 50/50 sales model with direct and partner-driven approaches.

'We have a very, very strong inbound motion, and we have a widespread install base, so that's the strength of our ecosystem and community members," Hassine said. Obviously, if we want to be really succeeding in the go-to-market motion, it's a selective deal with that outbound demand generation."

Although Filigran has no exact counterpart, Hassine said the company faces competition from both threat intelligence platforms like ThreatQuotient and ThreatConnect as well as threat simulation tools like SafeBreach and AttackIQ. Hassine said Filigran serves large enterprises and government agencies with in-house security operations teams, emphasizing sectors such as finance, energy, and defense.

"For external and direct customers, it's large organizations that have at least an internal SecOps team, because our products are for security operations," Hassine said. "It could be for incident response or detection engineering."

Following the funding, Filigran is closely tracking community engagement, product adoption, and sales pipeline growth, with specific attention to expanding the company's breach and attack simulation user base. The Filigran team will also monitor road map delivery and product usage to ensure continued relevance and customer satisfaction, according to Hassine.

"It's really about the building of the sales pipeline, and the fact that we're really closely monitoring this, and then, it's all about the usage of the product, about the delivery, and how we are able to deliver the roadmap we have, and also, our capability to build maybe a third product," Hassine said.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.