Filigran and Doppel Partner to Enhance Threat Intelligence Operations Through OpenCTI Integration

We’re excited to announce a new partnership between Filigran and Doppel. The aim is to bring advanced social engineering defense capabilities directly into OpenCTI workflows. This integration enables security teams to seamlessly ingest Doppel’s real-time threat intelligence on phishing, impersonation, and brand-based attacks into their centralized OpenCTI environments.

TL;DR

• Filigran and Doppel partner to integrate real-time social engineering threat intelligence into OpenCTI.
• Integration enables automated ingestion, enhanced analysis, and unified visibility of social engineering and cyber threats.
• Joint customers use the integration to transform multi-channel threat data into actionable intelligence.
• The Doppel connector is now available in the OpenCTI Ecosystem marketplace, helping organizations improve threat detection and response.

Addressing Enterprise Demand for Unified Threat Intelligence

The partnership emerged from a clear market need. Fortune 500 organizations across industries—from aviation to financial services—were seeking ways to operationalize Doppel’s valuable threat data within their existing threat intelligence infrastructure. These enterprises needed more than isolated alerts. They required the ability to correlate, analyze, visualize, and act on social engineering threats as part of their broader threat intelligence operations.

Several of these joint customers have already deployed the integration. They leverage it to transform Doppel’s comprehensive threat detection across domains, social media, paid ads, messaging apps, and the dark web into actionable intelligence within OpenCTI, where it can be enriched, correlated, visualized and operationalized alongside other threat intelligence sources.

Technical Integration That Empowers Analysts

The Doppel connector for OpenCTI transforms how security analysts work with social engineering threat data:

• Automated Intelligence Ingestion: Doppel alerts are automatically translated into OpenCTI indicators, maintaining real-time synchronization between platforms
• Enhanced Investigation Capabilities: Analysts can leverage OpenCTI’s powerful graph analysis and relationship mapping to uncover connections between threats and understand attack patterns
• Unified Threat Picture: Social engineering threats are now visible alongside traditional cyber threats, providing a broader more comprehensive situational awareness
• Custom Reporting and Visualization: Teams can generate tailored reports and export annotated threat graphs for stakeholder communication and incident documentation

Strengthening the OpenCTI Ecosystem

This partnership reinforces our commitment to building a robust ecosystem around OpenCTI. By integrating Doppel’s AI-native social engineering defense capabilities, we’re expanding the types of threat intelligence that organizations can operationalize within our platform, into digital risk protection and Social Engineering Defense.

“Modern threats don’t operate in silos, and neither should threat intelligence,” said Jan Johansen, Filigran SVP of Global Alliances. “The integration with Doppel enables our joint customers to break down barriers between different threat categories and build a more comprehensive defense against sophisticated attacks that blend traditional cyber tactics with social engineering.”

Available Now in the OpenCTI Ecosystem

The Doppel connector is now available in the OpenCTI Ecosystem marketplace. It enables existing customers to immediately begin ingesting Doppel threat intelligence. The integration supports:

• Proactive threat intelligence ingestion with automatic updates
• Seamless mapping of Doppel alerts to OpenCTI indicators
• Full utilization of OpenCTI’s analysis, correlation, visualization and reporting capabilities

Organizations already using both platforms can leverage this integration to reduce manual effort, improve threat visibility, and strengthen their overall security posture.

Looking Forward

As cyber threats continue to evolve, the convergence of traditional threat intelligence with social engineering defense becomes increasingly critical. This partnership with Doppel represents an important step in helping organizations build more resilient defenses against the full spectrum of modern threats.

For more information about implementing the Doppel connector in your OpenCTI environment, visit our Github page or contact our team.

About Doppel

Doppel is the AI-native platform for Social Engineering Defense. Purpose-built to stop modern digital deception, Doppel dismantles the infrastructure behind impersonation, fraud, and brand abuse. The Doppel platform maps and disrupts multi-channel attacks across domains, social media, paid ads, messaging apps, the dark web and more—automating takedowns with agentic AI and a real-time threat graph. Doppel helps leading organizations reduce risk, protect executives, employees, and customers, and stay ahead of the evolving multi-channel threat landscape. Learn more at doppel.com.