Founded by former Google SecOps leaders with firsthand experience of securityโs silent failures, Fig is backed by Team8, Ten Eleven Ventures, and industry veteransย
Fig Security, a new platform that finds and fixes broken security flows across your entire SecOps infrastructure, has launched from stealth with $38 million across Seed and Series A rounds. It addresses one of the least visible challenges yet most consequential in enterprise security: the quiet breakdown of security operations as environments grow more complex. The round is backed by Team8 and Ten Eleven Ventures, alongside a group of prominent security leaders, including Doug Merritt (former CEO of Splunk), Rene Bonvanie (former CMO of Palo Alto Networks), and the founders of Demisto and Siemplify. Together, these investors bring deep experience building and operating large-scale security operations, backing Fig as it addresses a growing reliability gap in modern security environments.
Also Read:ย CIO Influence Interview With Jake Mosey, Chief Product Officer at Recast
Enterprises pour billions into Security Operations (SecOps), yet the leaders running these teams often operate in the dark. Because the underlying infrastructure is too sensitive to change, defenses often break without warning. This forces SecOps leaders to ask the most terrifying question in cybersecurity: ‘If the alarms are silent, are we actually safe, or just blind?โ.
โThe most dangerous failures in security are the ones you do not know about,โ said Gal Shafir, Co-Founder and CEO of Fig Security. โIf a detection has not been triggered in months, teams often cannot tell whether that reflects true safety or a breakdown somewhere in the plumbing. We built Fig to give security teams their confidence back, so they can modernize their SOC, adopt AI, and move fast without shipping blind spots to productionโ.
Figโs platform is designed to enable teams to continuously ensure the reliability and efficacy of their security operations across the stack. With a frictionless integration that works on any tech stack, Fig autonomously discovers and maps the organizationโs complete detection and response flows. The platform traces the entire data lineage end-to-end from its origin at data sources, through data pipelines, SIEMs, and data lakes, all the way to SOAR platforms and SOC AI agents. Fig alerts teams when changes begin to threaten detection or response capabilities, helping them understand the root cause and potential impact, and allowing them to evaluate and simulate fixes before changes are pushed to production.
Fig Security was founded in 2025 by Gal Shafir (CEO), Nir Loya Dahan (CPO), and Roy Haimof (CTO), veterans of Unit 8200 and Mamram, who went on to help modernize the worldโs largest and most complex security operations centers. Shafir held leadership roles at Siemplify through its growth and $500 million acquisition by Google, later leading global security architecture for Google Cloud Security with a focus on Google SecOps. Loya Dahan previously served as VP of Product at Cymulate and held product leadership roles at Siemplify, while Haimof, who started his cybersecurity career at the age of 16, was Director of Engineering at Cymulate.
The company currently has offices in New York and Tel Aviv and plans to triple headcount by theย end of the year, with a focus on expanding its go-to-market presence in North America. The company was founded in March 2025 and has already deployed its platform with multiple large enterprises, including Fortune 100 companies. It is attending RSAC 2026 in March as a Top 10 Finalist in the elite RSAC Innovation Sandbox Contest.ย Per RSAC,ย since the start of the contest, the Top 10 Finalists have collectively seen over 100 acquisitions and over $17.8 billion in investments.
โSecurity teams are under increasing pressure to move faster while managing growing operational complexity,โ said Ori Barzilay, Partner at Team8. โThe Fig Security team brings firsthand experience building and operating SecOps platforms at scale and is addressing a real gap in how organizations approach resilience in security operations.โ
โSecurity teams are constantly making changes to their environments, often without a clear understanding of how they interact,โ said Grace Cassy, Partner at Ten Eleven Ventures. โOver time, those changes begin to undermine detection and response, even as teams assume their defenses remain intact. This dynamic is whatโs fueling the need for a new category focused on security operations resilience.โ
Fig leads Security Operations Resilience – keeping detection and response working through constant change. Fig finds and fixes broken security flows across the SecOps stack, and lets you quickly design, simulate and deploy planned initiatives. With Fig, change powers the SOC instead of breaking it.
Catch more CIO Insights:ย Why CIOs are becoming chief risk orchestrators?
[To share your insights with us, please write toย psen@itechseries.comย ]
