February '24: Securing the Future

Filigran's journey so far, Pento gets acquired by HiBob, and our usual podcast and reading recommendations.

February '24: Securing the Future

Hello and welcome to the February newsletter.

This month, we caught up with Samuel Hassine, Co-founder and CEO of French cybersecurity startup Filigran, to talk about the journey so far, their Series A raise, and the power of open source threat intelligence.


Mattias and the Moonfire team


The Snapshot

Here’s a quick roundup of interesting stuff we saw this month:

Portfolio Updates

Filigran & Pento

Filigran raises €15m Series A

Filigran, the threat intelligence management platform, announced its €15m Series A today, led by Accel, and joined by us and Motier Ventures.

They plan to use the funding to open offices in the US and Australia, further develop their eXtended Threat Management suite, and grow the team to 70 people by the end of this year.

Read more below.

Pento acquired by HiBob

Pento, the Copenhagen-born, London-based payroll automation platform, has been acquired by HR and benefits solution platform HiBob.

‘We are incredibly proud of what the Pento team has achieved over the years, and this milestone is no different. We have built the best-in-class payroll offering that modern businesses deserve, and can’t wait to see the opportunities it will unlock when we pair this with the best HRIS on the market.’
– Jonas Bøgh Larsen, co-founder and CEO of Pento.

Read more here.

What's Up at Moonfire?

Filigran and the future of open source cybersecurity

The Filigran team

‘At the beginning, it was really about two guys that would like to solve a problem faced by cybersecurity practitioners,’ says Samuel Hassine, Co-founder and CEO of Filigran.

The problem? How to build open source tooling capable of handling all kinds of cybersecurity threats at a strategic level within an organisation, whatever your size and level, whether CISO or analyst.

Then Head of Cyber Threat Intelligence at the French Cybersecurity Agency (ANSSI), Samuel knew there were plenty of tools to help businesses detect and combat threats – but there were none to manage and properly handle your overall threat landscape. He saw the need for infrastructure that allowed for better understanding and more efficient sharing of security threat data.

In part, it was a personal challenge: to prove you could create a great open source cybersecurity platform. But it was also from a desire to democratise threat intelligence, bringing transparency and interoperability to an industry where it’s sorely needed. By allowing everyone to see and work with the source code, Filigran could foster a more robust ecosystem where each user helps improve the product and the strength of the network.

‘Five years ago, the threat intelligence field was still young with too few mature teams and organisations, and we thought we could really add to it by bringing something to the table that could help people to learn, share and raise the maturity level of the whole community,’ says Samuel.

Building in the open

Samuel brought his long-time friend Julien Richard (Co-founder and CTO of Filigran) onboard – and they started building. ‘We’ve known each other for more than 12 years,’ recalls Samuel. ‘We met while building another side project, and we just never stopped creating. So when I was thinking about creating new platforms for threat intelligence and adversary simulation, I knew we had to create this together.’

Together, they developed the two open source threat intelligence tools that would become Filigran: OpenCTI, designed to help cybersecurity teams organise, store and operationalise threat intelligence information at a technical and strategic level; and OpenEx (now OpenBAS), which uses the intelligence gathered in OpenCTI to simulate relevant and realistic attacks against and stress test the resilience of critical infrastructure.

This is what sets Filigran apart – what they call “eXtended Threat Management” (XTM). It takes a threat-driven approach to security, with a database of threat intelligence at the centre that can be leveraged to create new data-driven security tools. Customers can integrate various data sources – internal, external, feed providers, threat intelligence providers – into their platform, and create and consume public feeds. It promotes a robust, open-source network of threat intelligence, sharing data and best practices.

They both had full-time jobs – Samuel at ANSSI then Tanium, and Julien VP of Engineering at data and AI SaaS platform Yooi – so they worked on it in their spare time, moonlighting as open source cybersecurity pioneers over evenings, weekends, and long nights.

They needed that grit to build the early open source community around it. ‘The secret to building that kind of community is quite simple. You have to be there 24/7. If you let one person wait for six hours on an answer to a question when they’re trying to deploy or use your product, you will never build that community.’

But they loved it, and still do. ‘Even right now with 40 people and a company to run, we’re still working until late in the evening because we think it’s essential to be hands-on and committed in bringing game changing features, content or help to the table. It’s really part of who we are.’

And it shows. Launched in September 2022, in 18 months Filigran’s grown from two to 40 people and has more than 4,200 customers globally using their product, including Marriott, Hermès, Airbus, Novartis, the FBI, and the European Commission.

Open season

When Samuel and Julien first released OpenCTI and OpenBAS as open source products, the community exploded.

‘We didn’t expect this huge traction at the beginning as our products were not mature yet. We knew the community was pretty large, but we didn’t realise the willingness and scale of the community. We had a few big accounts that asked us desperately to create a company, because they need to put it into a product, they need insurance, they need SaaS – all that.’

It was a nice problem to have.

All startups look for early user data to nail product market fit – ‘Open-source is a way to shorten that path, but it was not the original intention,’ says Samuel. ‘People give you feedback, telling you about their problems on a daily basis on all channels.’

They leveraged the demand to launch enterprise versions of their products and expand their presence internationally. Filigran was born. ‘From day one, we knew we could make something important and that actually solves multiple challenges in our industry,’ says Samuel.

Human + machine

We at Moonfire thought so too.

Filigran first appeared on our radar in October 2022, soon after its founding. Our data-driven sourcing pipeline picked up the opportunity, matching Filigran with the parts of our thesis talking about the importance of open source and cybersecurity tools, and automatically bringing it to our attention. At the same time, Akshat heard about the founders through our network, adding a valuable human perspective.

But it wasn’t just this combination of machine intelligence and human insight that made it clear we needed to double down. It was the strength of Samuel and Julien as founders, their pace of execution, and the comprehensiveness of what they were building. This was a young, raw company – but one with outstanding performance.

Continue reading...

– Mattias, Akshat and Mike 🌓🔥

Podcast of the Month

Gamecraft: Distribution (Ep. 14)

Mitch and Blake discuss the importance of distribution in the gaming industry – not just moving atoms or bits, but the myriad systems that exist between the developer of the game and ultimate end user, and how they affect value creation. They also cover why customer acquisition is almost always arbitrage, and what happens when a distribution system breaks.

Also recommend listening to their episode on gaming going global, where they go through the new business models, payments systems, and demographics in the emerging gaming markets of the Middle East, Southeast Asia, Sub-Saharan Africa, and India.

Good Read of the Month

'The Last Kings of Shanghai: The Rival Jewish Dynasties That Helped Create Modern China' by Jonathan Kaufman

Really interesting read, telling the story of the rivalry between two Jewish families – the Sassoons and the Kadoories – originally from Baghdad, who influenced Chinese business and politics for more than 175 years, profiting from the Opium Wars, surviving Japanese occupation, and nearly losing everything as the Communists came into power.

That’s all for this month.

Until next time, all the best,

Mattias and the Moonfire team