Image: Watermark.
Something new in sight for OpenCTI. This open source cyber threat intelligence analysis solution will now benefit from the support of an ad hoc company, Filigran. Launched this fall by Samuel Hassine and Julien Richard, the company wants to industrialize solutions around this ecosystem.
“We are reaching the limits of the current organization, we need to devote ourselves to it full-time and to grow the research and development team while developing an international company capable of meeting the growth challenges of our platforms”, explains Samuel Hassine to ZDNet.fr.
The new company, based in Ile-de-France, now has seven employees. The two creators of Filigran were until now the president and treasurer of the Luatix association, which aims precisely to “support the research and development of free solutions in the field of cybersecurity and crisis management”.
Developed by Anssi
OpenCTI was developed within Anssi from September 2018 by Samuel Hassine. This knowledge management and sharing tool was initially designed to meet the needs of the agency. The application must allow to store, organize, visualize and share its knowledge in terms of cyber threats.
An open source project still supported by Anssi, the use of this platform being considered as a facilitator for the exchange of information. But if the solution has gained in popularity, “the absence of professional technical support and an ecosystem of competent partners has become an obstacle to its adoption”, notes Samuel Hassine, in charge of Cyber Threat Intelligence at the Anssi until May 2020.
Need for structuring
In large large companies, “teams of analysts and cyber engineers are already using the platform, but the transition to production requires the establishment of contractualization and support from the publisher”, he continues. , while competition is fierce in this market, from the American Anomali to the Dutch EclecticIQ via ThreatQuotient, also based in the United States.
Beyond state cybersecurity agencies that use the solution to analyze their cyber data, this type of solution should allow companies or large organizations to improve their detection capabilities, facilitate incident response and better assess their degree of vulnerability to attacker modi operandi.