Fig Security raises $38 million to map and fix silent SecOps failures

Fig Security emerged from stealth and announced $38 million across Seed and Series A financing to launch a platform that maps and fixes "silent failures" in enterprise security operations. The Israeli startup said its software autonomously discovers and traces complete detection-and-response flows across an organization, alerting teams when changes or drift threaten detection and response capabilities.

Founded in 2025 by veterans of Unit 8200 and Mamram, Fig is led by CEO Gal Shafir, CPO Nir Loya Dahan, and CTO Roy Haimof. Shafir’s resume includes leadership at Siemplify through its $500 million acquisition by Google and later stewardship of global security architecture for Google Cloud Security. The round was backed by Team8 and Ten Eleven Ventures, with participation from prominent security leaders including Doug Merritt, former CEO of Splunk, Rene Bonvanie, former CMO of Palo Alto Networks, and founders of Demisto and Siemplify.

Fig’s product addresses what the company calls a growing reliability gap as enterprise environments become more complex and incorporate AI-driven tooling. The platform traces data lineage end-to-end from data sources through pipelines, SIEMs, and data lakes to SOAR platforms and SOC AI agents. Rather than forward-tracing raw telemetry, Fig adopts a detection-first approach: it treats detections as the single source of truth and back-traces upstream dependencies to confirm that the plumbing needed to trigger those detections is healthy.

"The most dangerous failures in security are the ones you do not know about," Shafir said. He added that the company was built to restore confidence in security operations: "If a detection has not been triggered in months, teams often cannot tell whether that reflects true safety or a breakdown somewhere in the plumbing. We built Fig to give security teams their confidence back, so they can modernize their SOC, adopt AI, and move fast without shipping blind spots to production."

Fig’s platform performs root-cause analysis, estimates potential impact and enables teams to evaluate and simulate fixes before pushing changes to production. It also issues real-time alerts when it detects inconsistencies or capability drift in rules, mitigation tools, or detection logic. "Security teams are under increasing pressure to move faster while managing growing operational complexity," said Ori Barzilay, partner at Team8. "The Fig Security team brings firsthand experience building and operating SecOps platforms at scale and is addressing a real gap in how organizations approach resilience in security operations."

Since beginning operations eight months ago, Fig says it has signed large enterprise customers in the low double-digits and expects that number to grow to between 50 and 100 by year-end. The company plans to use the fresh capital to expand in North America and triple headcount across engineering and go-to-market teams, signaling a near-term hiring push and increased spending on product development and sales.

For enterprises, Fig’s pitch targets a clear operational pain point: as organizations stitch together SIEMs, SOARs and AI agents, undetected breakdowns can create false confidence and increase systemic cyber risk. For investors, the $38 million bet reflects a market appetite for tools that boost resilience in SecOps at a time when many companies are scaling AI-enabled security functions but lack visibility into whether those functions will work when needed. The company was founded in 2025 and will deploy the new funding as it seeks to broaden customer deployment and deepen integrations across security stacks.