Collect, correlate and leverage.

Organize your cyber threat intelligence knowledge to enhance and disseminate actionable insights.

GitHub stars

Collect, correlate and leverage

Get a holistic view of your threat environment, and enhance decision-making for faster incident response

Knowledge management

Access consolidated view of threat data from multiple sources.

Data Contextualization

Transform raw data into actionable insights.


Enhances sharing and actionable insights dissemination across teams and tools.

Incident Response

Streamline incident response with powerful case management capabilities.

Cyber Threat Intelligence Platform

Manage and operationalize your cyber threat intelligence knowledge and observables.

Knowledge Hypergraph

A sophisticated database for threat intelligence with an enhanced schema for deep context and relations, fully compliant with STIX standards. This integrated knowledge allows seamless sharing and includes investigation modules supporting correlation and responses.

Data Visualization

Provide comprehensive visualization and analytics, facilitating comparison and investigation within the knowledge graph. Enhance usage and operations through reasoning and dynamic feeds within user-friendly interfaces.

Context and Automation

Integrate both technical and non-technical information into a unified system, linking each piece to its original source for a complete analytical perspective. Based on this information, take actions through automation.

Case Management

Enhances incident response by centralizing incident-related data, fostering real-time collaboration, and improving efficiency through automated workflows.

Join the OpenCTI community

Connect with the Filigran fellow community members, focused on threat intelligence analysis and adversary simulations.


Your gateway to exploring, contributing, and shaping the future of threat intelligence.


Discover a list of all resources available to complete your OpenCTI journey.


Find all documents to get started, release notes and presentations about the platform.


Stay informed about platform developments and engage in broader discussions.

Choose the deployment that works for you

Unsure which deployment method suits you best? Explore our options below:

Open Source

Deploy OpenCTI Community Edition on-premise using the open source releases and get help by subscribing to a Filigran support packages.


Enjoy a fully managed OpenCTI Enterprise Edition hosted by Filigran with self service provisioning and support included.

Enterprise Edition

Deploy OpenCTI Enterprise Edition on-premise to access advanced automation and AI features, along with our comprehensive support package.

Want to go further?

Discover our eXtended Threat Management (XTM) suite tailored to help organizations understand threat environments, anticipate and detect incidents, and conduct attack simulations.

Breach and Attack Simulation platform allowing organizations to create attack simulations, stress tests, and crisis management exercises.

Explore OpenCTI possibilities

Discover our diverse range of use cases to see how OpenCTI can revolutionize your approach to threat intelligence.

Use case

Intelligence-driven SOC

OpenCTI empowers SOC teams to conduct security operations driven by intelligence from internal and external sources, enabling them to save valuable time. By streamlining automation and offering …

Use case

Incident response and investigations

OpenCTI’s case management is designed to streamline threat investigations. By seamlessly centralizing incident-related information, organizations improve their overall incident response efficien…

Ready to see OpenCTI in action?

Try our free live demo or book a personalized demo to discover how our solutions can streamline your cybersecurity operations.