Decoration PressNEWSROOM

HarfangLab & Filigran join forces for better incident response

5 min

Filigran and HarfangLab, two innovative companies in the field of cybersecurity, are proud to announce today their new strategic partnership. This collaboration is illustrated in particular by the provision of a connector between OpenCTI, the threat knowledge management platform developed by Filigran, and HarfangLab, renowned for its advanced EDR (Endpoint Detection and Response) solution. The aim of this partnership is to build a technological bridge between the two solutions, enhancing the effectiveness of cybersecurity through better detection of threats and faster response to incidents and attacks.

This connector is designed specifically for CTI teams, cyber analysts, CERTs and SOCs in organisations of all sizes, from SMEs to large public institutions and multinational corporations. It is perfectly suited to the needs of teams looking to integrate and automate threat data management in order to accelerate their response to cyber attacks.

Through this partnership, the two companies are committed to providing ever more effective and efficient solutions for cyber teams. The first step in this partnership is the development of an innovative connector to improve threat detection and accelerate incident response. This connector facilitates the exchange of critical threat information between OpenCTI and HarfangLab, strengthening organisations’ overall security posture in the face of complex cyber attacks.

The connector between OpenCTI and other systems significantly improves the interoperability of cybersecurity tools. Thanks to the connector, the CTI knowledge base is continually updated and data can be exported to other applications. It operates in real time, filtering and processing events as they occur to ensure accurate dissemination of indicators of compromise and detection rules. This two-way communication enhances threat response capabilities and supports proactive management of security incidents, facilitating coordinated and effective responses.

In short, the connector enables: 

  • to integrate OpenCTI’s IOC in HarfangLab’s EDR
  • to retrieve Threats and Security Events from HarfangLab’s EDR to integrate them in OpenCTI

In practice, the IOC are integrated in OpenCTI and can then be integrated in the EDR, enriching them with necessary information for categorization, decryption, and lifecycle management, etc.   

Key benefits of this partnership include:

  • Improved detection capabilities thanks to a rich and varied repository of OpenCTI indicators.
  • Increased automation and efficiency, with automatic transmission of indicators between OpenCTI and HarfangLab enabling faster reaction and more effective incident management.
  • Data-enhanced incident response with the support of alerts based on Security Events and Threats, enabling the analysts concerned to better understand and manage the threat.
  • Integration and ease of use thanks to interoperability between OpenCTI and HarfangLab, simplifying operational processes for cybersecurity teams.

 Grégoire Germain, co-founder and CEO of HarfangLab said:

“At HarfangLab, we are proud of providing our endpoints security expertise, to serve a common goal of fighting against cyberthreats. We are convinced that the best cybersecurity approach is made of multiple layers, and interoperability and this is why we’ve built our products so they can connect with the best-in-class technologies. We are particularly proud of this connection with Filigran’s Open CTI platform. Indeed, this connector isn’t just a tool, but a step forward in our conception of cybersecurity. It offers organizations the ability to anticipate, detect, and respond to security incidents with a seamless speed. The benefits for our users are clear: better protection, increased reactivity and improved security to face more and more sophisticated threats”. 

 Samuel Hassine, co-founder and CEO of Filigran, adds:

“This partnership with HarfangLab significantly strengthens the capability of operational cybersecurity teams to better understand, anticipate, and respond to cyber threats. The integration of the two platforms greatly enhances detection coverage, allowing for more comprehensive identification of current threats. Moreover, thanks to the interoperability between OpenCTI and HarfangLab, analysts can contextualize the criticality of alerts, thus improving the time to qualify and address a security incident.”

The connector is available since the beginning of 2024, and it can be found here

For more information about the connector, please visit HarfangLab’s blog and Filigran’s blog

About HarfangLab

HarfangLab is a French cybersecurity company specializing in endpoint protection. HarfangLab publishes technologies that anticipate and neutralize cyber-attacks on computers and servers, as well as providing a better understanding of your IT infrastructure for improved security.  HarfangLab was the first EDR to be certified by ANSSI, and today boasts a large number of customers, including administrations, companies and international organizations operating in highly sensitive sectors. HarfangLab’s solutions are distinguished by: their openness, with solutions that integrate natively with all other security bricks; their transparency, as the data collected by the tools remains accessible; and the strategic autonomy they offer, as its customers are free to choose their hosting mode: cloud, public, private, or SecNumCloud, or their own infrastructure.

About Filigran

Filigran, founded in October 2022, stands out in the cybertech ecosystem for its commitment to revolutionizing threat intelligence and its use within cybersecurity teams. Its mission is to develop innovative open source solutions, designed specifically to address the complex challenges organizations face in anticipating cyber risks and threats. Filigran solutions are used by over 4,200 public and private organizations worldwide.