OpenAEV is industry’s first open-source, threat-informed exposure validation platform.
Simulate real-life attack scenarios, validate exploitable paths, and assess team readiness to prove cyber resilience – for tools, people, and processes!
Continuously assess, prioritize, validate and remediate exposures across your attack surface – at a human and technical level – with open-source, threat-led Adversarial Exposure Validation (AEV).
Simulate real-life attack scenarios based on prioritized Threat Intelligence and MITRE ATT&CK to validate an organization’s specific attack surface vulnerabilities.
Open and transparent by design, OpenAEV is extensible and customizable to your environment with broad integrations, bring-your-own EDR approach, and a community-led ecosystem. You have the control.
Complement technical control validation with hyper-realistic tabletop exercises to rehearse crisis escalation and evaluate how your teams and processes perform under pressure.
Operationalize your CTEM approach: scope what matters, discover exposures, prioritize with threat intelligence, validate with attack simulations, and mobilize guided remediation.
Explore full OpenAEV Enterprise Edition features such as the use of your existing EDR agents, automated scenario generation, and AI-powered remediation guidance.
We have conducted numerous crisis exercises. It is easy to use, very intuitive, allows for an unlimited number of players and exercise catalog, while creating a completely realistic environment for the players. The platform takes into account the needs of the users and the customer support is excellent.
I’m impressed with Filigran’s pragmatic, execution-focused approach to CTEM. Rather than adding more tools or operational overhead, their model focuses on measurable outcomes. That’s what practical CTEM should look like — outcome-driven, integrated, and scalable
From a technical standpoint, It’s open-source, meaning that you have the possibility to contribute to it easily. Then, the number of connectors for enrichers, external sources are very varied, meaning that a lot of external sources are easy to integrate.
Filigran handles threat intelligence better than many of market’s biggest players. (…) Having opted for an Enterprise account, we have very regular discussions with their highly qualified CSM team. The support team is very responsive and assists us on many issues.
The realism of [OpenAEV] injects (emails and SMS as they would happen in real life) creates a real sense of urgency and stress, which is exactly what we aim for in our exercises.
OpenAEV pulls live intelligence directly from OpenCTI to build attack simulations tailored to your real threat landscape.
Proactively detect and remediate vulnerabilities before they can be exploited.
Build realistic simulations to continuously test your security posture from prioritized threats by connecting with OpenCTI (or any intel source) and mapping scenarios to MITRE ATT&CK. Create and schedule your own scenarios or deploy pre-built versions from a curated library.
Reduce MTTD and MTTR with AI-powered scenario generation and remediation. Quickly build contextual scenarios to detect real threats to prioritize and deploy fixes based on risk and observed gaps with actionable AI-driven “how to improve” recommendations.
Analyze attack surface exposures and simulation results from customizable dashboards: high-level scores, performance trackers, trends, domain-based security controls, kill-chain mapping, and granular drill-downs per scenario and ATT&CK technique.
Evaluate team readiness with hyper-realistic crisis tabletop exercises. Run structured scenarios, set expectations, challenge players, and review outcomes to improve escalation, coordination, and response.
Deploy and run simulations without adding an endpoint agent (hybrid options available). Integrate easily using injectors, executors, and collectors, Bring-Your-Own EDR, and adapt the platform to your environment – thanks to OpenAEV’s open, extensible architecture.
Connect with the Filigran fellow community members, focused on threat intelligence analysis and adversary simulations.
Your gateway to exploring, contributing, and shaping the future of exposure validation.
Discover a list of all resources available to complete your OpenAEV journey.
Find all documents to get started, release notes and presentations about the platform.
Stay informed about platform developments and engage in broader discussions.
Leverage the power of fully integrated OpenCTI and OpenAEV to support your journey towards continuous threat exposure management.
Install OpenAEV Community Edition (CE) on-premise using the open-source releases and get help by subscribing to Filigran support packages.
Deploy OpenAEV Enterprise Edition (EE) on-premise or SaaS to access advanced integrations, AI-powered recommendations and scenario generation, along with our comprehensive support package.
Deploy a fully managed OpenAEV enterprise instance hosted by Filigran with self service provisioning and support included, with Bring-Your-Own-Cloud-options available.
Discover our eXtended Threat Management (XTM) platform tailored to help organizations understand threat environments, anticipate and detect incidents, and conduct attack simulations.
OpenCTI is Filigran’s open-source Cyber Threat Intelligence platform, enabling organizations to manage and operationalize their cyber threat intelligence knowledge and observables.
The central, collaborative platform for users to access valuable resources and tradecraft for XTM products.
Read more about key use cases and customer stories to see how OpenAEV can operationalize your threat intelligences.
To streamline simulations and reduce workload, the Swiss FDFA chose OpenAEV by Filigran, enhancing operational readiness across 170 global sites, including embassies and consulates.
Implement DORA TLPT requirements and discover how you can turn regulatory testing into continuous resilience and meet ECB expectations.
These UK retail attacks in May 2025 were a sharp reminder that even well-defended organizations remain exposed to tactics that bypass technical controls entirely. A resilient security posture must assess both technical controls and human readiness.
Try the live demo for free or book a personalized demo to discover how our solutions can streamline your cybersecurity operations.
