February '24: Securing the Future
Filigran's journey so far, Pento gets acquired by HiBob, and our usual podcast and reading recommendations.
Hello and welcome to the February newsletter.
This month, we caught up with Samuel Hassine, Co-founder and CEO of French cybersecurity startup Filigran, to talk about the journey so far, their Series A raise, and the power of open source threat intelligence.
Enjoy.
Mattias and the Moonfire team
đđ„
The Snapshot
Hereâs a quick roundup of interesting stuff we saw this month:
- Warren Buffettâs annual letter, warning that âeye-poppingâ gains are over.
- Richard Feynmanâs letter to a former student about how to find problems worth solving.
- Google launched a one million token context multimodal model, Gemini 1.5.
- A team of volunteers using AI â and just staring at the data â managed to read a scroll flash-fried by the eruption of Mount Vesuvius in 79 AD.
- Andrej Karpathyâs latest lecture: âLetâs build the GPT Tokenizerâ.
- OpenAI launched Sora, its text-to-video model.
Portfolio Updates
Filigran & Pento
Filigran raises âŹ15m Series A
Filigran, the threat intelligence management platform, announced its âŹ15m Series A today, led by Accel, and joined by us and Motier Ventures.
They plan to use the funding to open offices in the US and Australia, further develop their eXtended Threat Management suite, and grow the team to 70 people by the end of this year.
Read more below.
Pento acquired by HiBob
Pento, the Copenhagen-born, London-based payroll automation platform, has been acquired by HR and benefits solution platform HiBob.
âWe are incredibly proud of what the Pento team has achieved over the years, and this milestone is no different. We have built the best-in-class payroll offering that modern businesses deserve, and canât wait to see the opportunities it will unlock when we pair this with the best HRIS on the market.â
â Jonas BĂžgh Larsen, co-founder and CEO of Pento.
What's Up at Moonfire?
Filigran and the future of open source cybersecurity
âAt the beginning, it was really about two guys that would like to solve a problem faced by cybersecurity practitioners,â says Samuel Hassine, Co-founder and CEO of Filigran.
The problem? How to build open source tooling capable of handling all kinds of cybersecurity threats at a strategic level within an organisation, whatever your size and level, whether CISO or analyst.
Then Head of Cyber Threat Intelligence at the French Cybersecurity Agency (ANSSI), Samuel knew there were plenty of tools to help businesses detect and combat threats â but there were none to manage and properly handle your overall threat landscape. He saw the need for infrastructure that allowed for better understanding and more efficient sharing of security threat data.
In part, it was a personal challenge: to prove you could create a great open source cybersecurity platform. But it was also from a desire to democratise threat intelligence, bringing transparency and interoperability to an industry where itâs sorely needed. By allowing everyone to see and work with the source code, Filigran could foster a more robust ecosystem where each user helps improve the product and the strength of the network.
âFive years ago, the threat intelligence field was still young with too few mature teams and organisations, and we thought we could really add to it by bringing something to the table that could help people to learn, share and raise the maturity level of the whole community,â says Samuel.
Building in the open
Samuel brought his long-time friend Julien Richard (Co-founder and CTO of Filigran) onboard â and they started building. âWeâve known each other for more than 12 years,â recalls Samuel. âWe met while building another side project, and we just never stopped creating. So when I was thinking about creating new platforms for threat intelligence and adversary simulation, I knew we had to create this together.â
Together, they developed the two open source threat intelligence tools that would become Filigran: OpenCTI, designed to help cybersecurity teams organise, store and operationalise threat intelligence information at a technical and strategic level; and OpenEx (now OpenBAS), which uses the intelligence gathered in OpenCTI to simulate relevant and realistic attacks against and stress test the resilience of critical infrastructure.
This is what sets Filigran apart â what they call âeXtended Threat Managementâ (XTM). It takes a threat-driven approach to security, with a database of threat intelligence at the centre that can be leveraged to create new data-driven security tools. Customers can integrate various data sources â internal, external, feed providers, threat intelligence providers â into their platform, and create and consume public feeds. It promotes a robust, open-source network of threat intelligence, sharing data and best practices.
They both had full-time jobs â Samuel at ANSSI then Tanium, and Julien VP of Engineering at data and AI SaaS platform Yooi â so they worked on it in their spare time, moonlighting as open source cybersecurity pioneers over evenings, weekends, and long nights.
They needed that grit to build the early open source community around it. âThe secret to building that kind of community is quite simple. You have to be there 24/7. If you let one person wait for six hours on an answer to a question when theyâre trying to deploy or use your product, you will never build that community.â
But they loved it, and still do. âEven right now with 40 people and a company to run, weâre still working until late in the evening because we think itâs essential to be hands-on and committed in bringing game changing features, content or help to the table. Itâs really part of who we are.â
And it shows. Launched in September 2022, in 18 months Filigranâs grown from two to 40 people and has more than 4,200 customers globally using their product, including Marriott, HermĂšs, Airbus, Novartis, the FBI, and the European Commission.
Open season
When Samuel and Julien first released OpenCTI and OpenBAS as open source products, the community exploded.
âWe didnât expect this huge traction at the beginning as our products were not mature yet. We knew the community was pretty large, but we didnât realise the willingness and scale of the community. We had a few big accounts that asked us desperately to create a company, because they need to put it into a product, they need insurance, they need SaaS â all that.â
It was a nice problem to have.
All startups look for early user data to nail product market fit â âOpen-source is a way to shorten that path, but it was not the original intention,â says Samuel. âPeople give you feedback, telling you about their problems on a daily basis on all channels.â
They leveraged the demand to launch enterprise versions of their products and expand their presence internationally. Filigran was born. âFrom day one, we knew we could make something important and that actually solves multiple challenges in our industry,â says Samuel.
Human + machine
We at Moonfire thought so too.
Filigran first appeared on our radar in October 2022, soon after its founding. Our data-driven sourcing pipeline picked up the opportunity, matching Filigran with the parts of our thesis talking about the importance of open source and cybersecurity tools, and automatically bringing it to our attention. At the same time, Akshat heard about the founders through our network, adding a valuable human perspective.
But it wasnât just this combination of machine intelligence and human insight that made it clear we needed to double down. It was the strength of Samuel and Julien as founders, their pace of execution, and the comprehensiveness of what they were building. This was a young, raw company â but one with outstanding performance.
â Mattias, Akshat and Mike đđ„
Podcast of the Month
Gamecraft: Distribution (Ep. 14)
Mitch and Blake discuss the importance of distribution in the gaming industry â not just moving atoms or bits, but the myriad systems that exist between the developer of the game and ultimate end user, and how they affect value creation. They also cover why customer acquisition is almost always arbitrage, and what happens when a distribution system breaks.
Also recommend listening to their episode on gaming going global, where they go through the new business models, payments systems, and demographics in the emerging gaming markets of the Middle East, Southeast Asia, Sub-Saharan Africa, and India.
Good Read of the Month
'The Last Kings of Shanghai: The Rival Jewish Dynasties That Helped Create Modern China' by Jonathan Kaufman
Really interesting read, telling the story of the rivalry between two Jewish families â the Sassoons and the Kadoories â originally from Baghdad, who influenced Chinese business and politics for more than 175 years, profiting from the Opium Wars, surviving Japanese occupation, and nearly losing everything as the Communists came into power.
Thatâs all for this month.
Until next time, all the best,
Mattias and the Moonfire team
đđ„