Fig Security launches with $38M funding to help security teams manage rapid infrastructure change

For enterprises, the ability to analyse data does far more than create new revenue opportunities. Today’s enterprise technology stack is extraordinarily complex, comprising dozens of interconnected tools that can work together or fail in very different ways. That is why being able to examine data streams has become so important: it helps companies understand when systems fail, where those failures happen, and why they occur in the first place.

Security teams, however, do not have the luxury of waiting until something is already broken before stepping in. To put it another way, an alarm that has remained silent for a long time cannot be assumed to be still working. At the same time, the modern security stack is packed with so many tools that even a minor adjustment in one system can create unexpected downstream consequences, potentially weakening detection and response capabilities without anyone realising it immediately.

Fig Security, a startup founded by veterans of Israel’s cyber and data intelligence units 8200 and Mamram, says it is built to help security teams handle exactly that problem. The company monitors the security stack to determine whether rules, mitigation tools, and detection and response systems are functioning correctly or being pushed off course by infrastructure changes. The startup has now emerged from stealth with $38 million in seed and Series A funding.

At a high level, Fig’s technology maps how data moves through the security stack, from its source through data pipelines and data lakes, to security orchestration and automation response platforms. From there, it alerts security teams when any change along that path affects their ability to detect threats or respond effectively. The platform also lets companies simulate how fixes, patches, or other planned changes might affect their environment before deployment.

“Instead of looking at the data and tracing it forward and seeing where it ends up, we look at your detections because that is the thing that you need to work on”, Fig CEO and co-founder Gal Shafir said. “Detection or response is the single source of truth, and then we back-trace the health and what needs to happen on the data for it to trigger the detection when something happens. And then we alert [the security team] if something has an inconsistency in real time.”

Shafir said the company accomplishes this by sampling a customer’s data as it moves through different tools in the infrastructure and analysing how it changes as it passes through the pipeline. That process allows Fig to build what it calls a “data lineage,” which can then be used to identify how upstream changes may break downstream security tools in real time.

According to the startup, its system connects with data links and Security Information and Event Management, or SIEM, systems to do this work, allowing the technology to function across a wide variety of security tools and operating environments.

Fig is launching at a time when enterprises are changing rapidly, particularly as corporate leadership teams are under pressure to determine how AI-powered tools can reduce costs, reduce human error, and improve efficiency. But the arrival of so many new tools has also made life considerably harder for modern security teams. CISOs are being forced to answer difficult questions: which defences deserve priority, what security posture makes sense, and how companies should respond as attackers themselves begin using AI to launch increasingly sophisticated threats.

Shafir, who previously led Google Cloud Security’s global architecture team before founding Fig, said he witnessed that uncertainty directly while meeting with customers and discussing Google’s AI offerings.

“All of the CISOs, regardless of the team size or the security budget or the company size, were saying, ‘Wait, I understand that AI is really cool, but I don’t know if I trust my detections right now, how can I trust the AI that tells me that everything is fine tomorrow if I don’t trust the data underneath it?’”

That experience led Shafir and his co-founders, Nir Loya Dahan, the company’s chief product officer, and Roy Haimof, its chief technology officer, to conclude that they had an opportunity to solve a major problem for security teams trying to understand what is actually happening inside their environments.

“That was the moment that we said, okay, there’s a big problem that people understand that exists, but there is no solution because there are so many vendors and complex infrastructure, almost by nature. That was the moment for us to stop what we did and quit and go to build Fig,” Shafir said.

Shafir said that since launching eight months ago, Fig has already signed large enterprise customers in the “low double-digits,” and expects that total to rise to somewhere between 50 and 100 by the end of the year.

The company plans to use the new funding to expand its presence in North America and to triple its headcount across both engineering and go-to-market teams.

Investors in the rounds include Team8 and Ten Eleven Ventures, along with several well-known security industry figures, including Doug Merritt, the former CEO of Splunk, Rene Bonvanie, the former chief marketing officer of Palo Alto Networks, and the founders of Demisto and Siemplify.