Paris-based cybersecurity company Filigran has established a German team to build local presence across the DACH region, bringing its open-source threat management platform directly to organizations and public authorities in the area.
Cybersecurity requires local expertise. With a newly formed German team, Filigran is making its open-source platform for threat intelligence, attack simulation, and cyber risk management directly accessible to organizations across the DACH region—at a time when regulatory frameworks such as NIS2 are increasing pressure on companies to adopt risk-based security strategies.
Filigran, a Paris-headquartered threat management company, has made its open-source-based solutions available for the German-speaking market. Simultaneously, the company opened an additional office in Japan in April. For organizations and public authorities in the DACH region, this marks the first time they will have access to local points of contact for a technology already used by more than 6,000 organizations worldwide.
A Platform Approach Instead of Isolated Data Feeds
While many threat intelligence providers deliver isolated data points, Filigran takes an integrated platform approach. Its core product, OpenCTI, aggregates and correlates threat information from a wide range of sources—from commercial feeds and open-source intelligence to internal telemetry—and makes it operationally useful within existing security processes. The platform implements the international STIX-2.1 standard and offers more than 260 connectors to common security tools, enabling integration into existing infrastructures.
The eXtended Threat Management (XTM) platform extends OpenCTI with two additional modules: OpenAEV (Adversarial Exposure Validation) simulates real-world attacks to test the effectiveness of existing security measures, while OpenGRC provides data-driven, risk-based cyber risk management. According to the company, the time from threat assessment to handoff to responsible teams is approximately five minutes. Customers have reported up to 70 percent faster threat detection and a reduction of up to 80 percent in preparation time for security testing.
Bringing Threat Intelligence to the Management Level
Many security organizations treat threat intelligence as an operational matter confined to the Security Operations Center. Filigran aims to move this knowledge to the management level, using it as a basis for strategic decision-making. With regulatory requirements such as NIS2 explicitly demanding risk-based approaches, this perspective is gaining traction.
The DACH region is Europe’s largest cybersecurity market. Growing demand for independent, interoperable platforms and a broader trend toward digital sovereignty are favorable conditions for European providers that prioritize transparency and compliance with EU law. Filigran’s open-source model is positioned to address these needs.
Local Team With Industry Experience
Oliver Keizers, VP Sales Central EMEA, describes the market need: “In 2025 alone, tens of thousands of vulnerabilities were reported, yet only a fraction were actually exploited by attackers. What organizations need is the ability to identify threats relevant to them, prioritize them, and derive concrete actions.”
Channel Manager Irina Tolda emphasizes the importance of the partner ecosystem: “We are building a strong network in the DACH region that enables system integrators and managed security service providers to incorporate our platform into their offerings—giving mid-market companies access to professional threat intelligence.”
Falk Schwendike, Senior Solution Engineer with more than seven years of experience in cyber threat intelligence, adds: “Many organizations invest in threat intelligence feeds without extracting operational value from that data. We close exactly that gap.”
Growth and International Expansion
Filigran has grown to more than 230 employees in under four years. In October 2025, the company closed a Series C funding round of $58 million. It recorded 90 percent revenue growth in 2025 and ranks among the 30 fastest-growing mid-market cybersecurity companies in IT-Harvest’s Cyber 150 list—for the second consecutive year.
The DACH team will be present at several industry events in the coming months, including the Cyber Threat Intelligence Conference (#FIRSTCTI26, April 21–23, Munich), the NIS-2-Congress (May 12–13, 2026, Frankfurt), and the SIGS Threat Intelligence Forum (June 3, 2026, Zurich).
Dr. Jakob Jung is Editor-in-Chief of Security Storage and Channel Germany. He has been working in IT journalism for more than 20 years. His career includes Computer Reseller News, Heise Resale, Informationweek, Techtarget (storage and data center) and ChannelBiz. He also freelances for numerous IT publications, including Computerwoche, Channelpartner, IT-Business, Storage-Insider and ZDnet. His main topics are channel, storage, security, data center, ERP and CRM.
Contact via Mail: jakob.jung@security-storage-und-channel-germany.de