Filigran Launches XTM One: A Game Changer in Continuous Threat Exposure Management
In an era where cybersecurity threats are evolving rapidly, Filigran has taken a significant step by unveiling XTM One, an innovative orchestration layer powered by artificial intelligence (AI). This new tool is designed to “automate Continuous Threat Exposure Management” (CTEM) workflows, addressing a critical need among organizations striving to manage the ever-increasing volume of threat intelligence, vulnerabilities, and attack data.
The Challenge at Hand
The introduction of XTM One comes as a response to a pressing challenge faced by security teams across various sectors. Despite substantial investments in threat intelligence systems, attack surface management, and security validation tools, many organizations struggle to transform this wealth of information into actionable insights. Security professionals often find themselves manually navigating between multiple platforms, trying to determine which threats are the most concerning, their potential exploitability, and the necessary prioritization for remediation steps.
This disconnect between data accumulation and actionable intelligence can severely hinder an organization’s ability to respond to cyber threats in a timely manner.
Understanding Continuous Threat Exposure Management (CTEM)
As a suitable framework to address these gaps, CTEM has emerged within the cybersecurity landscape. Unlike traditional approaches that rely on periodic assessments, CTEM is designed to establish an ongoing cycle of discovery, prioritization, validation, and remediation. This methodology adjusts to the evolving nature of threats, thereby allowing organizations to remain agile and responsive.
Filigran has been advocating its OpenCTI and OpenAEV platforms as integral components of this new framework. The company argues that organizations must transcend beyond merely identifying vulnerabilities; they should also comprehend which exposures pose genuine risks to their business operations.
The Role of XTM One
Positioned as an orchestration layer above Filigran’s existing platforms, XTM One coordinates multiple AI agents throughout the CTEM lifecycle. This orchestration facilitates the automation of various crucial tasks, including intelligence enrichment, threat reporting, attack scenario generation, and remediation planning. By streamlining these processes, XTM One aims to minimize the disruptive need for security teams to toggle between different tools.
Julien Richard, a co-founder of Filigran, emphasizes the urgency of this technological advancement. “The volume of CVEs, threat actors, and attack campaigns has reached a scale no human team can process manually,” he states. “XTM One is not AI as a feature; it is AI as the operating system for threat management. Security teams deserve automation that aligns with their workflows.”
A Shift Towards Autonomous Systems
The announcement of XTM One underscores a broader trend in the cybersecurity industry. Vendors are increasingly evolving beyond AI tools that merely assist analysts with individual tasks. Instead, there is a growing focus on autonomous agent-based systems that can manage entire workflows across various products and data sources.
Early adopters of Filigran’s XTM Platform have reportedly achieved impressive results, including up to a 70% increase in the speed of threat detection and response cycles. Additionally, preparation time for offensive security testing has been reduced by as much as 80%.
Industry analysts suggest that as organizations scale their CTEM initiatives, the need for such types of automation will only heighten. Melinda Marks, the Cybersecurity Practice Director at Omdia, highlights this sentiment: “As the scale of threats outpaces human capacity to respond to alerts, security teams are hitting a wall when they need to optimize remediation to mitigate security risk. The shift toward an agentic AI orchestration layer is essential for CTEM to help security teams scale.”
Flexibility and Usability
Another vital aspect of XTM One is its flexibility regarding AI deployment. Organizations can opt to utilize Filigran’s own AI models or implement their own large language models, facilitated through a BYOLLM (Bring Your Own Large Language Model) feature. Additionally, on-premises deployment options are available to address data sovereignty requirements, especially in regulated industries and governmental environments.
Filigran recognizes that one of the longstanding barriers to widespread adoption of threat intelligence is complexity. "The biggest barrier to threat intelligence adoption has always been complexity,” says Jean-Philippe Salles, VP of Product Management at Filigran. “XTM One makes advanced threat management accessible to more teams through natural language interaction. Junior analysts can become productive faster, while seasoned professionals benefit from automation that eliminates repetitive tasks.”
Looking Ahead
As investments in CTEM and threat exposure management continue to grow, industry experts believe that solutions like XTM One could become pivotal in determining how organizations prioritize and manage cyber risk. Karine Peters, Managing Director at T.Capital, reinforces this notion, stating that Filigran is “redefining how organizations operationalize threat intelligence at scale.”
In conclusion, while the efficacy of agentic AI in making CTEM a viable solution for overwhelmed security teams remains to be fully realized, it’s evident that as the volume of threats escalates, organizations will increasingly seek avenues to automate their cybersecurity strategies effectively. The journey from gathering intelligence to executing validated defensive actions, instead of merely collecting more data, is becoming an imperative for modern cybersecurity efforts.