For businesses, being able to study data unlocks much more than new ways to make money. The modern enterprise technology stack is incredibly complex — it uses dozens of tools that work together and break things in uniquely different ways, so being able to analyze data streams allows companies to understand when, where and why things break.
But security teams can’t wait until something breaks to fix it. To use a metaphor: You can’t trust an alarm that hasn’t gone off for a while to work. And the modern security stack is so tool-dense that a small change in one tool could have unpredictable downstream effects that can compromise detection and response capabilities.
Fig Safety, a startup from veterans of Israel’s cyber and data intelligence units 8200 and Mamram, claims to help security teams address this by monitoring the security stack to see if rules, mitigation tools, and detection and response capabilities are working or skewed by changes. The startup just came out of stealth with $38 million in seed and Series A funding, according to TechCrunch exclusively.
In a nutshell, the startup’s technology traces data flows across the security stack, from origin to sources through data pipelines and data lakes to security automation orchestration and response platforms, and then alerts security teams when changes at any point impact detection or response capabilities. The platform also allows companies to simulate how new fixes, patches or changes could affect their system before they are deployed.
“Instead of looking at the data and crawling forward and seeing where it ends up, we’re looking at your crawls because that’s the thing you have to work with,” Fig CEO and co-founder Gal Shafir (pictured above, center) explained to TechCrunch. “Detection or response is the single source of truth, and then we figure out the health and what needs to happen in the data in order to trigger detection when something happens. And then we alert [the security team] if something has real-time inconsistency.”
Shafir said Fig does this by sampling a company’s data as it flows through different tools in the infrastructure and understanding how it changes through the pipeline. This allows the company to create a “data line” that can be used to discover how any upstream changes could break downstream security tools in real time.
The startup says it’s connected to data links and Security Information and Incident Management (SIEM) systems. to do all of this, which allows its technology to be used with security tools and environments of all kinds.
Techcrunch event
San Francisco, California
|
13-15 October 2026
Fig’s release comes as businesses evolve into real-time, especially with C-suites pressed to learn how AI-powered tools can help save costs, reduce human error and improve efficiency. But the influx of so many tools has made life even more difficult for the modern security team. What kind of defenses should a CISO prioritize? What is the right security posture to take as hackers use artificial intelligence to launch increasingly sophisticated attacks?
Shafir, who led Google’s Cloud Security global architecture team before starting Fig, says he saw this uncertainty firsthand when he met with customers at Google’s AI product launches.
“Every CISO, no matter the size of the team or the security budget or the size of the company, was like, ‘Wait, I get that AI is really cool, but I don’t know if I trust my detections right now, how can I trust the AI that tells me everything is fine tomorrow if I don’t trust the data underneath?’
This led Shafir and his co-founders, Nir Loya Dahan (CPO) and Roy Haimof (CTO) to realize that they could solve security teams’ problems by understanding what’s happening on the ground.
“That was the moment we said, okay, there’s a big problem that people understand exists, but there’s no solution because there are so many vendors and complex infrastructure, almost by nature. That was the moment for us to stop what we were doing and stop and go build Fig,” Shafir said.
Shafir says that since launching eight months ago, Fig now has large enterprise customers in the “low double digits” and expects that number to grow to 50 to 100 by the end of the year.
The startup will use the fresh cash to expand in North America and triple its headcount in engineering and go-to-market functions.
Investors in the funding rounds include Team8 and Ten Eleven Ventures, as well as security professionals such as Doug Merritt (former CEO of Splunk), Rene Bonvanie (former CMO of Palo Alto Networks), and the founders of Demisto and Siemplify.
