The contemporary enterprise landscape is characterized by an ever-expanding, intricate technological infrastructure, where the ability to accurately analyze data streams transcends mere financial gains. This analytical prowess is becoming increasingly critical for understanding the "when, where, and why" of system failures within a tech stack that often comprises dozens, if not hundreds, of interconnected tools. These tools, while designed to enhance operations, can inadvertently create unique vulnerabilities and points of failure, making robust data analysis indispensable for maintaining operational integrity and security posture.
However, the imperative for security teams extends beyond merely reacting to breaches or system breakdowns. A proactive stance is paramount in an environment where the absence of an alarm doesn’t necessarily signify safety; rather, it can indicate a malfunctioning detection system. The sheer density of modern security stacks means that even a minor configuration change in one tool can ripple through the ecosystem, leading to unforeseen downstream effects that could severely compromise detection and response capabilities. This "silent failure" scenario represents a profound challenge for Chief Information Security Officers (CISOs) and their teams, who must grapple with ensuring the continuous efficacy of their defenses in a rapidly evolving threat landscape.
Addressing the Silent Security Threat: Fig Security’s Innovative Approach
It is against this backdrop that Fig Security, a nascent startup founded by veterans of Israel’s highly regarded cyber and data intelligence units 8200 and Mamram, has emerged from stealth with a significant $38 million in seed and Series A funding. This substantial capital injection, exclusively reported by TechCrunch, underscores investor confidence in Fig’s mission to tackle one of the most pressing, yet often overlooked, issues in enterprise cybersecurity: the assurance that security tools are consistently functioning as intended.
Fig Security’s core offering is a sophisticated platform designed to monitor the entire security stack. It aims to provide security teams with real-time insights into whether their meticulously crafted rules, mitigation tools, and detection and response mechanisms are operating effectively or have veered off course due to internal or external changes. This proactive monitoring capability is a paradigm shift from traditional reactive security models, which often only identify problems after a breach has occurred or a system has visibly failed.
The startup’s technology operates by meticulously tracing data flows throughout the security stack. This intricate journey begins at the data’s origin points, traverses through complex data pipelines and vast data lakes, and culminates in sophisticated security orchestration and automation response (SOAR) platforms. By mapping this entire data lineage, Fig Security can identify and alert security teams to inconsistencies or failures when changes at any point in this chain impact detection or response capabilities. Furthermore, the platform offers a crucial simulation feature, allowing companies to model the potential effects of new fixes, patches, or configuration changes on their systems before they are deployed. This "what-if" analysis capability is vital for preventing unintended consequences and maintaining a robust security posture.
Gal Shafir (pictured above, center), CEO and co-founder of Fig Security, articulated the company’s unique methodological approach to TechCrunch. "Instead of looking at the data and tracing it forward and seeing where it ends up, we look at your detections because that is the thing that you need to work," Shafir explained. He emphasized that "Detection or response is the single source of truth." Fig’s platform then "back-traces the health and what needs to happen on the data in order for it to trigger the detection when something happens." This inverted approach ensures that the focus remains squarely on the efficacy of the ultimate security controls, providing real-time alerts if any inconsistencies are detected.
Shafir further elaborated on the technical underpinnings, stating that Fig achieves this by sampling a company’s data as it flows through various tools within the infrastructure. By understanding how this data transforms and is processed at each stage, the platform constructs a comprehensive "data lineage." This lineage serves as a critical map, enabling the system to instantaneously identify how any upstream changes – be they intentional updates, accidental misconfigurations, or malicious alterations – could potentially disrupt or "break" security tools downstream. This real-time visibility is crucial for mitigating risks before they can be exploited.
The flexibility and broad applicability of Fig’s solution are further enhanced by its ability to connect seamlessly with existing data links and Security Information and Event Management (SIEM) systems. This interoperability ensures that Fig’s technology can be integrated into a wide array of security tools and environments, from legacy systems to the most modern cloud-native architectures, without requiring a complete overhaul of an enterprise’s existing security investments.
The Genesis of a Solution: From Google Cloud to Fig Security
Fig Security’s emergence arrives at a pivotal moment for enterprises, which are undergoing continuous, real-time evolution. C-suites globally are under immense pressure to leverage AI-powered tools not just for innovation but also for tangible benefits like cost reduction, minimization of human error, and improved operational efficiency. However, this rapid adoption of new technologies, particularly in the realm of artificial intelligence, has paradoxically made the life of modern security teams significantly more challenging. CISOs are confronted with complex strategic decisions: prioritizing defenses in an increasingly sophisticated threat landscape, establishing the optimal security posture against AI-powered attacks, and, fundamentally, ensuring that their existing security infrastructure can even cope with these new demands.
Shafir, who previously led Google Cloud Security’s global architecture team, gained firsthand insight into this pervasive uncertainty during his interactions with customers while pitching Google’s AI products. He recounted a recurring sentiment among security leaders: "All of the CISOs, regardless of the team size or the security budget or the company size, were saying, ‘Wait, I understand that AI is really cool, but I don’t know if I trust my detections right now, how can I trust the AI that tells me that everything is fine tomorrow if I don’t trust the data underneath it?’"
This profound observation became the catalyst for Shafir and his co-founders, Nir Loya Dahan (CPO) and Roy Haimof (CTO), who collectively recognized a critical void in the market. They realized that while the problem of understanding the true operational status of security controls was widely acknowledged, a viable solution remained elusive due to the inherent complexity of multi-vendor security infrastructures. "That was the moment that we said, okay, there’s a big problem that people understand that exists, but there is no solution because there’s so many vendors and complex infrastructure, almost by nature. That was the moment for us to stop what we did and quit and go to build Fig," Shafir recalled. This decisive moment marked the transition from identifying a problem to actively building a groundbreaking solution.
Chronology of Growth and Strategic Expansion
Since its inception roughly eight months prior to this announcement, Fig Security has rapidly gained traction within the enterprise sector. The company currently boasts a clientele of "low double-digits" large enterprise customers, a testament to the immediate relevance and effectiveness of its platform. Looking ahead, Fig projects an aggressive growth trajectory, aiming to expand its customer base to between 50 and 100 by the end of the year. This ambitious target underscores the perceived market demand for reliable security stack assurance.
The substantial $38 million in fresh capital will be strategically deployed to fuel this expansion. A primary focus will be on penetrating the North American market, a crucial region for cybersecurity innovation and adoption. Concurrently, Fig plans a significant increase in its human capital, aiming to triple its headcount across critical functions, particularly in engineering and go-to-market teams. This investment in talent and market reach is designed to solidify Fig’s position as a leader in security posture management and operational resilience.
The investor syndicate behind Fig Security’s funding rounds includes prominent names in the venture capital and cybersecurity investment landscape, such as Team8 and Ten Eleven Ventures. These firms are renowned for their deep expertise and successful track records in identifying and nurturing disruptive technologies. Beyond institutional investors, the rounds also saw participation from highly respected security professionals, including Doug Merritt (former CEO of Splunk), Rene Bonvanie (former CMO of Palo Alto Networks), and the founders of Demisto and Siemplify. Their involvement not only brings financial backing but also invaluable strategic guidance and industry validation, signifying a strong belief in Fig’s potential to address a critical market need. The presence of such seasoned industry veterans on the investor roster provides a strong signal of confidence in the company’s technology and leadership team.
Broader Implications for Enterprise Cybersecurity
The launch of Fig Security and its innovative platform carries significant implications for the broader enterprise cybersecurity landscape. Firstly, it directly addresses the "trust gap" that CISOs articulate concerning their existing security controls, especially as new technologies like AI are integrated. By providing verifiable assurance that detection and response mechanisms are working, Fig empowers security teams to make more informed decisions and to deploy advanced tools with greater confidence. This newfound transparency can significantly enhance a company’s overall security posture, moving from a state of hopeful compliance to one of demonstrable effectiveness.
Secondly, Fig’s proactive monitoring and simulation capabilities are poised to reduce the human error factor, a common vulnerability in complex systems. By identifying potential issues before they manifest as failures or breaches, the platform minimizes the risk associated with manual configurations and the unpredictable interactions between disparate security tools. This reduction in error translates directly into improved operational efficiency and, critically, a lower total cost of ownership for security operations by preventing costly outages or breaches.
Thirdly, in an era where cybersecurity breaches are not only increasing in frequency but also in financial impact—with the average cost of a data breach exceeding several million dollars annually, according to various industry reports—solutions that can prevent these occurrences are invaluable. Fig Security’s ability to ensure the continuous functioning of defenses means a potentially dramatic reduction in the likelihood of successful attacks and the associated financial and reputational damage. The global cybersecurity market, projected to reach hundreds of billions of dollars by the mid-2020s, is ripe for solutions that offer concrete, verifiable improvements in security efficacy. Fig’s entry suggests a growing specialization within this market, focusing on the operational health of the security stack itself, rather than solely on threat detection or incident response.
Finally, the company’s roots in elite Israeli cyber intelligence units lend it significant credibility. Unit 8200, often dubbed "Israel’s NSA," is globally recognized for its prowess in signals intelligence and cybersecurity innovation, producing a disproportionate number of successful tech entrepreneurs. Mamram, another prestigious technological unit, contributes further to the founders’ deep technical expertise. This background instills confidence in Fig’s technical capabilities and its understanding of sophisticated cyber threats and defenses.
As enterprises continue to navigate the complexities of digital transformation, cloud adoption, and the integration of artificial intelligence, the challenge of maintaining an effective and resilient security posture will only grow. Fig Security’s emergence offers a timely and powerful solution to a fundamental problem: ensuring that the intricate web of security tools an organization employs is not just present, but consistently operational and effective. By providing clarity and control over the health of the security stack, Fig Security is poised to play a pivotal role in strengthening enterprise defenses against the ever-evolving landscape of cyber threats, transforming uncertainty into actionable assurance for security teams worldwide. The forthcoming TechCrunch event in San Francisco in October 2026 will undoubtedly serve as another platform for Fig Security to showcase its advancements and further engage with the industry.
About the Author
