Process Fast, Act Faster.
XTM One is the agentic AI layer that consolidates and orchestrates all assistive and agentic AI capabilities across the entire XTM platform and supercharges threat-informed exposure management – so you can move from threat signal to validated action at machine speed.
A proactive, threat-informed approach to security where your teams can detect, prioritize, validate and even respond to threats with minimal intervention but with human-in-the-loop to keep you in control of decision making.
Autonomous security operations is no longer a productivity gain, it’s a survival requirement. XTM One is how security teams meet AI-powered threats with AI-powered defense.
50% faster threat hunting and remediation.
Less ramp up time, more expert output – reduce knowledge gaps in the team and deliver consistent, senior level output from day 01 – across OpenCTI and OpenAEV.
70% faster threat detection and response.
XTM One is a programmable orchestration layer, not a closed system. It fits your AI strategy & planning, not the other way around.
Build your own agents, bring your own LLMs.
Spotted a threat? Get security coverage, immediately. CTEM Assistant is the primary entry point of the XTM Platform. It has direct assess to both OpenCTI and OpenAEV, and orchestrates between different agents to process threat intelligence within OpenCTI and build & run scenarios in OpenAEV, with human-in-the-loop to keep you in charge.
Creating and maintaining dashboards can be complex but not anymore! Use the new Dashboard Creator to design your specific dashboard in one-shot with up to 18 different widgets – completely customizable.
Build actionable threat hunting packages in OpenCTI, in minutes. Threat Hunting agent searches for high-value indicators, converts them to platform-native detection rules, and assembles everything into an OpenCTI grouping. Reduce your threat hunting time by more than 50%.
Build your customized dashboard in minutes. Focus on threats and vulnerabilities that matter to you, do deeper analysis, build reports and share across your security teams, with minimal human effort.
Orchestrates the creation of complete adversary emulation scenarios in OpenAEV. As all agents are connected, you can automatically translates threat intelligence from OpenCTI into adversary-aligned attack scenarios in OpenAEV.
Runs scenarios against live environments, identifies control gaps, and surfaces prioritized remediation guidance. Works with other agents to determine optimal detection rule types, severity, and field configurations for specific EDR tools including Splunk and CrowdStrike.
As the scale of threats outpaces human capacity to respond to alerts, security teams are hitting a wall when they need to optimize remediation to mitigate security risk. The shift toward an agentic AI orchestration layer is needed for CTEM to help security teams scale.
By leveraging an open-source foundation to automate utilizing needed context for threat intelligence and remediation, Filigran is enabling the speed, transparency, and evidence-based risk reduction required to scale defenses at the pace of the adversary.
Talk to our team to see how you can also benefit from XTM One.
XTM One is a dedicated agentic AI orchestration layer. Learn how it enables Continuous Threat Exposure Management (CTEM) using pre-packaged agents that close the loop between intelligence, validation and cyber risk reduction.
Autonomous Threat Management – this is the future!
Here are the general principals we abide by when it comes to AI. All Filigran’s AI features can easily disabled, through admin console.
We don’t collect any user data for training or validation purposes.
The only information collected is through logs for debugging purposes (with 1 month of retention time, only on our SaaS deployment model).
Customers have ability to deploy the whole solution on-premise, within their own infrastructure, instead of relying on a fully managed SaaS model.
We give the user full power to define how they want their agent to process information, through deep agent customization. They can choose which models to use, including their own models if they have them, as well as the models we provide.
