For enterprises, being able to study data unlocks much more than new ways to make money. The modern enterprise tech stack is mind-bogglingly complex — it employs dozens of tools that work together and break things in uniquely different ways, which is why being able to analyze data streams lets companies understand when, where, and why things break.
But security teams can’t wait until something’s broken to fix it. To use a metaphor: an alarm that hasn’t gone off for a while cannot be trusted to be working. And the modern security stack is so dense with tools that a small change in one tool could have unpredictable downstream effects that may compromise detection and response capabilities.
Fig Security, a startup by veterans of Israel’s cyber and data intelligence units 8200 and Mamram, claims to help security teams deal with that by monitoring the security stack to see if their rules, mitigation tools, and detection and response capabilities are functioning or skewed off course by changes. The startup just came out of stealth with $38 million in seed and Series A funding, TechCrunch has exclusively learned.
In a nutshell, the startup’s tech traces data flows in the security stack, from the origin at sources through data pipelines and data lakes to security orchestration and automation response platforms, and then alerts security teams when changes at any point affect detection or response capabilities. The platform also allows companies to simulate how new fixes, patches, or changes could affect their system before they’re deployed.
“Instead of looking at the data and tracing it forward and seeing where it ends up, we look at your detections because that is the thing that you need to work,” Fig’s CEO and co-founder, Gal Shafir (pictured above, center), explained to TechCrunch. “Detection or response is the single source of truth, and then we back-trace the health and what needs to happen on the data in order for it to trigger the detection when something happens. And then we alert [the security team] if something has an inconsistency in real time.”
Shafir said Fig does this by sampling a company’s data as it flows through different tools in the infrastructure and understanding how it changes through the pipeline. This lets the company create a “data lineage” that can be used to find out how any upstream changes could break security tools downstream in real time.
A screenshot of fig’s platform. Image Credits: Fig Security
The startup says it connects with data links and Security Information and Event Management (SIEM) systems to do all of this, which lets its tech be used with security tools and environments of all sorts.
Techcrunch event Disrupt 2026: The tech ecosystem, all in one room Your next round. Your next hire. Your next breakout opportunity. Find it at TechCrunch Disrupt 2026, where 10,000+ founders, investors, and tech leaders gather for three days of 250+ tactical sessions, powerful introductions, and market-defining innovation. Register now to save up to $400. Save up to $300 or 30% to TechCrunch Founder Summit 1,000+ founders and investors come together at TechCrunch Founder Summit 2026 for a full day focused on growth, execution, and real-world scaling. Learn from founders and investors who have shaped the industry. Connect with peers navigating similar growth stages. Walk away with tactics you can apply immediately
... continue reading