Fig Security came out of nowhere with $38 million to help security teams deal with change

For companies, the ability to study data opens up much more than just new ways to make money. The modern enterprise technology stack is amazingly complex – it uses dozens of tools that work together and break things in different and unique ways, which is why the ability to analyze data streams allows companies to understand when, where and why things break.

But security teams can’t wait until something breaks to fix it. To use a metaphor: An alarm clock that has not gone off for a while cannot be trusted. The modern security stack is so full of tools that even a simple change in a single tool can have unforeseen effects that weaken detection and response capabilities.

fig security, A startup by veterans of Israeli cyber and data intelligence units 8200 and Mamram, claims to help security teams deal with this by monitoring the security stack to see if their rules, mitigations, and detection and response capabilities are working or getting thrown off course by changes. The startup just came out of the dark with $38 million in seed and Series A funding, TechCrunch has learned exclusively.

In short, the startup’s technology tracks data flows in a security stack, from origin at sources through data pipelines and data lakes to security orchestration and automated response platforms, then alerts security teams when changes at any point affect detection or response capabilities. The platform also allows companies to simulate how new fixes, patches, or changes will affect their system before they are deployed.

“Instead of looking at data and tracking it forward and seeing where it ends up, we look at your discoveries because that’s the thing you need to work on,” Gal Shaffer, CEO and co-founder of Fig, explained to TechCrunch. “The detection or response is the single source of truth, and then we track the validity of the data and what needs to happen on the data in order to trigger detection when something happens. We then alert (the security team) if something is inconsistent in real time.”

Vig does this by sampling a company’s data as it flows through different tools in the infrastructure and understanding how it changes throughout the pipeline, Shaffer said. This allows the company to create a “data lineage” that can be used to see how any changes upstream could break security tools in real time.

The startup says it connects to data links and Security Information Systems and Event Management (SIEM). To do all this, allowing its technology to be used with security tools and environments of all kinds.

Fig’s launch comes as real-time organizations evolve, especially with the pressure on executives to figure out how AI-powered tools can help save costs, reduce human error and improve efficiency. But the influx of so many tools has made the life of a modern security team more difficult. What type of defenses should CISOs prioritize? What is the appropriate security posture to take when hackers use AI to launch increasingly sophisticated attacks?

Shaffer, who led the global engineering team for Google Cloud Security before starting Fig, says he saw this uncertainty firsthand when he met customers while demonstrating Google’s AI products.

“Every CISO, regardless of team size, security budget, or company size, was saying, ‘Wait, I understand that AI is really cool, but I don’t know if I trust my discoveries now, so how can I trust AI that tells me everything is OK tomorrow if I don’t trust the data underneath it?’”

This led Shafir and his co-founders, Nir Loya Dahan (CPO) and Roy Heimov (CTO), to realize that they could solve the problem of security teams by understanding what was happening on the ground.

“That was the moment where we said, ‘OK, there’s a big problem that people understand exists, but there’s no solution because there are so many vendors and infrastructure that is complex, almost inherently. That was the moment for us to stop what we were doing and stop and go build the format,’” Shaffer said.

Since launching 8 months ago, Fig now has a significant number of enterprise customers “in the low double digits,” Shaffer says, and he expects that number to grow to 50 to 100 by the end of the year.

The startup will use the new funds to expand into North America and triple its headcount across engineering and go-to-market functions.

Investors in the funding rounds include Team8 and Ten Eleven Ventures, as well as security professionals including Doug Merritt (former CEO of Splunk), Rene Bonfani (former CMO of Palo Alto Networks), and the founders of Demisto and Siemplify.