Fig Security, a cybersecurity startup focused on strengthening the reliability of corporate security operations, said Tuesday it has emerged from stealth with $38 million in funding across seed and Series A rounds.
The financing was led by venture firms Team8 and Ten Eleven Ventures, along with a group of security industry executives, including former Splunk CEO Doug Merritt, former Palo Alto Networks Chief Marketing Officer Rene Bonvanie and the founders of Demisto and Siemplify. The investors cited the growing complexity of corporate security environments and what they described as a widening reliability gap in security operations.
Fig said its platform is designed to identify and repair breakdowns in security operations, or SecOps, infrastructure — failures that can occur as organizations layer new tools and automation onto existing systems.
Enterprises spend billions of dollars on security operations, yet leaders often lack visibility into whether detection and response systems are functioning properly, the company said. Undetected failures can leave organizations unsure whether a lack of alerts reflects genuine security or a breakdown in underlying systems.
“The most dangerous failures in security are the ones you do not know about,” said Gal Shafir, co-founder and chief executive of Fig Security. “If a detection has not been triggered in months, teams often cannot tell whether that reflects true safety or a breakdown somewhere in the plumbing.”
Fig’s platform integrates with existing technology stacks and maps detection and response flows across an organization’s systems. It traces data from its origin through pipelines, security information and event management systems, data lakes and security orchestration, automation and response platforms, as well as AI-driven security operations tools. The company said it alerts teams when changes threaten detection or response capabilities and allows them to simulate fixes before deploying them.
The company was founded in March 2025 by Shafir, Nir Loya Dahan, its chief product officer, and Roy Haimof, its chief technology officer. All three previously served in Israel’s military technology units Unit 8200 and Mamram and later held senior roles in cybersecurity firms. Shafir previously held leadership roles at Siemplify, which was acquired by Google for $500 million, and later led global security architecture for Google Cloud Security focused on Google SecOps. Loya Dahan previously served as vice president of product at Cymulate and held product leadership roles at Siemplify, while Haimof was director of engineering at Cymulate.
2 View gallery
Fig Security founders Roy Haimof, Gal Shafir and Nir Loya Dahan
(Photo: Netanel Tobias)
Fig has offices in New York and Tel Aviv and plans to triple its headcount by the end of the year, with a focus on expanding its presence in North America. The company said it has already deployed its platform with several large enterprises, including Fortune 100 companies.
Fig is also set to participate in the RSA Conference 2026 as a Top 10 finalist in the RSA Innovation Sandbox Contest. According to conference organizers, past finalists have collectively accounted for more than 100 acquisitions and $17.8 billion in investments since the competition began.
Investors said increasing operational complexity is creating demand for tools focused on resilience in security operations.
“Security teams are under increasing pressure to move faster while managing growing operational complexity,” said Ori Barzilay, a partner at Team8. “The Fig Security team brings firsthand experience building and operating SecOps platforms at scale and is addressing a real gap in how organizations approach resilience in security operations.”
Grace Cassy, a partner at Ten Eleven Ventures, said that frequent changes in corporate technology environments can gradually erode detection and response capabilities. “This dynamic is what’s fueling the need for a new category focused on security operations resilience,” she said.