For enterprises, being able to analyze data provides more than just new revenue opportunities. The modern enterprise tech stack is incredibly complex, comprising numerous tools that collaborate and malfunction in various ways. This complexity makes data analysis essential for companies to pinpoint when, where, and why failures occur.
Security teams, however, can’t wait for breakdowns to respond. Think of it this way: an alarm that hasn’t sounded in a while may not be reliable. The complexity of the modern security stack means that even minor changes in one tool can unpredictably impact other tools, potentially affecting detection and response capabilities.
Fig Security, a startup launched by alumni of Israel’s cyber and data intelligence units 8200 and Mamram, assists security teams in this area by monitoring the security stack to ensure rules, mitigation tools, and detection and response capabilities are functioning correctly and not disrupted by changes. The startup recently emerged from stealth with $38 million in seed and Series A funding, TechCrunch has learned.
Essentially, Fig tracks data flows within the security stack, from their origins through data pipelines and lakes to security orchestration and automation response platforms, alerting security teams if changes impact detection or response capabilities. Additionally, the platform simulates the potential effects of new fixes, patches, or changes before they are implemented.
Gal Shafir, Fig’s CEO and co-founder, told TechCrunch, “Instead of progressing data forward to see its endpoint, we focus on detections as they are vital. Detection or response serves as the ultimate truth source, allowing us to back-trace what data adjustments are necessary for triggering detections. If inconsistencies arise, we alert the security team in real time.”
Fig accomplishes this by sampling data as it traverses the infrastructure, observing its transformations through the pipeline, thereby creating a “data lineage” to identify how upstream modifications could disrupt downstream security tools in real time.
The startup connects with data links and Security Information and Event Management (SIEM) systems to integrate its technology with diverse security tools and environments.
Fig’s launch is timely as companies rapidly evolve, with C-suites seeking AI tools to save costs, minimize human errors, and boost productivity. However, the proliferation of tools complicates security teams’ tasks. CISOs face strategic choices on prioritizing defenses and determining the optimal security posture as AI-driven attacks become more sophisticated.
Shafir, formerly head of Google Cloud Security’s global architecture team, encountered such uncertainties firsthand while presenting Google’s AI products to customers.
“All CISOs, irrespective of their team’s size, security budget, or company size, questioned their trust in AI-driven detections if they doubted their existing data,” Shafir explained.
This realization led Shafir, Nir Loya Dahan (CPO), and Roy Haimof (CTO) to solve the issue plaguing security teams regarding real-time system understanding.
“That was when we realized a significant, acknowledged problem lacked a solution due to vendor diversity and complex infrastructure. It was the right time to quit our jobs and create Fig,” Shafir noted.
Since its launch 8 months ago, Fig has gained a customer base of large enterprises in the “low double-digits,” with expectations to reach 50 to 100 by year’s end.
The newly acquired funds will allow the startup to expand in North America and triple its staff across engineering and market functions.
Investors include Team8 and Ten Eleven Ventures, along with security experts like Doug Merritt (former CEO of Splunk), Rene Bonvanie (former CMO of Palo Alto Networks), and Demisto and Siemplify founders.