Filigran Redefines Proactive Security: OpenBAS Refreshed to "OpenAEV," Announces AI-Powered Enterprise Edition

*This release is a translated summary of the release announced in France on October 29, 2025.

Filigran is deploying OpenAEV (Adversarial Exposure Validation), a new solution evolved from OpenBAS, extending it beyond traditional control validation to a platform that manages the entire threat exposure. Concurrently, Filigran announces "OpenAEV Enterprise Edition," a paid version equipped with advanced automation and AI capabilities to help security teams validate and reduce cyber risks.

Filigran, a European cybertech company providing open-source cybersecurity solutions (Headquarters: Paris, France, hereinafter "Filigran"), has announced a significant milestone in its leadership in the exposure management field, supporting Continuous Threat Exposure Management (CTEM) initiatives. The company's Breach and Attack Simulation (BAS) platform has been rebranded as "OpenAEV (Adversarial Exposure Validation)," and a new Enterprise Edition (EE) designed for advanced security teams is also being launched.

This name change reflects the evolution of the solution, moving beyond mere simulation to address the new paradigm of Adversarial Exposure Validation (AEV). OpenAEV provides a broader, more adaptable, and threat intelligence-driven defense approach, enabling continuous validation of the entire security posture, including human factors.

Samuel Hassine, CEO of Filigran, states: "The concept of Breach and Attack Simulation (BAS) alone no longer fully expresses the value offered by modern risk assessment platforms. OpenAEV provides integrated capabilities for continuously and proactively evaluating cyber defenses. It is crucial not only to simulate attacks but also to understand what risks are high priority and critical for one's business, and to actually mitigate those risks. We achieve risk-based validation through the integration of threat intelligence via OpenCTI. Our goal is to help CISOs significantly enhance their AEV capabilities in both technical and human aspects."

Many organizations face an overwhelming amount of threat data and vulnerability information but lack the context to translate it into actual actions. In 2024, over 40,000 new software vulnerabilities were disclosed. Each can be a potential risk, but prioritizing them is extremely difficult without understanding their exploitability in one's own environment. As a result, even critical vulnerabilities take an average of 45 days to be addressed.

OpenAEV: Prioritize, Validate, Remediate

OpenAEV is the market's first open-source, threat intelligence-driven AEV platform. It provides organizations with a proactive approach to exposure assessment, helping them predict and respond to cyber threats before they materialize.

By combining threat intelligence and vulnerability information obtained from OpenCTI with real-world attack scenario emulation based on the MITRE ATT&CK framework, OpenAEV enables the following:

- Prioritize: Validate defenses against high-priority vulnerabilities and related threats. - Validate: Reproduce actual attacks and evaluate the effectiveness of existing security measures such as EDR and firewalls. - Test human readiness: Validate team response capabilities through tabletop exercises. - Accelerate remediation: Access actionable security remediation guidance.

### Launch of Enterprise Edition: AI at the Core of Validation

OpenAEV Community Edition (CE) continues to be provided as free open-source, featuring integration with OpenCTI, the XTM Hub scenario library, and custom dashboards.

In contrast, the newly offered OpenAEV Enterprise Edition (EE) significantly enhances automation and efficiency for large organizations and mature security teams.

Key features include:

- AI-powered scenario generation to accelerate the processing of threat intelligence and CERT reports. - Multiple remediation proposals considering risk-based prioritization and response order. - Validation leveraging existing EDR agents, minimizing additional load and seamlessly applying to resource-constrained endpoints. - SaaS environment provided by Filigran. - Dedicated customer support from a specialized team.

Through OpenAEV, Filigran reaffirms its mission: to transform threat and exposure data into verifiable and actionable security outcomes. The company achieves this through the industry's first open-source, threat intelligence-based AEV platform.

---

About Filigran

Filigran was established in October 2022, promoting innovation and practical application of threat intelligence in the cybersecurity domain. The company focuses on developing open-source solutions that address complex challenges to help organizations proactively understand cyber risks and threats.

The company's solutions are utilized by over 6,000 public institutions and private enterprises worldwide.