For enterprises, the ability to study data unlocks far more than new revenue streams. The modern technology stack is incredibly complex, employing dozens of tools that interact in ways that can break systems uniquely. Analyzing data streams allows companies to pinpoint precisely when, where, and why these failures occur.
However, security teams cannot afford to wait for something to break before they act. Consider an alarm that has not sounded in a long time; its functionality cannot be trusted. The security stack itself is now so dense with tools that a minor change in one area can create unpredictable downstream effects, potentially compromising critical detection and response capabilities.
Fig Security, a startup founded by veterans of Israel’s elite cyber and data intelligence units, aims to help security teams address this challenge. The company monitors the entire security stack to ensure that rules, mitigation tools, and detection systems are functioning correctly and have not been skewed by changes. Fig has just emerged from stealth mode with $38 million in seed and Series A funding.
The core technology traces data flows throughout the security infrastructure. It follows data from its origin, through pipelines and data lakes, to security orchestration and automation platforms. The system then alerts teams whenever a change at any point affects detection or response capabilities. Additionally, the platform allows companies to simulate the potential impact of new fixes, patches, or changes before deployment.
As explained by Fig’s CEO and co-founder, Gal Shafir, the approach is detection-centric. Instead of merely tracing data forward, the system starts with the detections themselves—the crucial elements that must work. It treats detection and response as the single source of truth, then back-traces to understand the health and requirements of the underlying data needed to trigger those detections. Any inconsistency is flagged in real time.
Fig accomplishes this by sampling a company’s data as it moves through different tools, understanding how it transforms along the pipeline. This process creates a detailed “data lineage,” enabling the identification of how upstream changes could break downstream security tools in real time.
The startup connects with data lakes and Security Information and Event Management systems, allowing its technology to work with a wide variety of security tools and environments.
Fig’s launch coincides with a period of rapid evolution for enterprises, where leadership faces pressure to adopt AI tools for cost savings and efficiency. Yet the influx of new tools has complicated the security landscape. CISOs are left questioning which defenses to prioritize and how to establish the right security posture as hackers employ increasingly sophisticated AI-powered attacks.
Shafir, who previously led Google Cloud Security’s global architecture team, observed this uncertainty firsthand. In meetings with customers, CISOs consistently expressed a fundamental doubt: if they could not trust their current detections and data, how could they trust AI-driven security promises?
This insight led Shafir and his co-founders, Nir Loya Dahan and Roy Haimof, to build Fig. They identified a widespread problem with understanding ground-level operations in complex security infrastructures, a problem for which no dedicated solution existed.
Since its launch eight months ago, Fig has secured large enterprise customers in the low double-digits and expects to grow that number to between 50 and 100 by year’s end. The new funding will support expansion in North America and a tripling of headcount across engineering and go-to-market teams.
Investors in the funding rounds include Team8 and Ten Eleven Ventures, along with security professionals such as Doug Merritt, Rene Bonvanie, and the founders of Demisto and Siemplify.