security startup funding
News

Security Startup Funding Explodes to $38M for Fig

Sean Nolan
Sean Nolan
3 March 2026 4 Min Read
1 0

Fig Security raised $38 million Tuesday. The security startup funding combined seed and Series A rounds—biggest stealth exit in enterprise security this quarter.

VCs are betting on a problem most founders ignore.

The security startup funding came from Team8 and Ten Eleven Ventures. Heavy hitters joined: Doug Merritt ran Splunk, Rene Bonvanie led marketing at Palo Alto Networks, and the founders of Demisto and Siemplify all wrote checks. When operators invest their own cash, pay attention.

Here’s the problem Fig solves: Your security stack is a mess. Dozens of tools duct-taped together. One upstream change breaks detection downstream. You don’t know until hackers already got in.

Think about it. An alarm that never goes off can’t be trusted to work. Same with security tools. The modern security stack is so dense that a small config change in one tool cascades unpredictably. Detection dies. Response capabilities vanish. Security teams find out when it’s too late.

Fig monitors the entire security stack—traces data from source through pipelines and data lakes to response platforms. When changes break detection capabilities, the platform alerts teams in real time. Before the breach happens.

“Instead of looking at the data and tracing it forward and seeing where it ends up, we look at your detections because that is the thing that you need to work,” CEO Gal Shafir told TechCrunch. “Detection or response is the single source of truth, and then we back-trace the health and what needs to happen on the data in order for it to trigger the detection when something happens.”

Shafir led Google Cloud Security’s global architecture team before starting Fig. He saw the problem firsthand pitching Google’s AI products to enterprise CISOs.

Every CISO said the same thing: “I understand that AI is really cool, but I don’t know if I trust my detections right now, how can I trust the AI that tells me that everything is fine tomorrow if I don’t trust the data underneath it?”

That’s when Shafir and co-founders Nir Loya Dahan and Roy Haimof quit their jobs. Veterans of Israel’s elite cyber units 8200 and Mamram, they built Fig to solve what CISOs actually lose sleep over—not another dashboard, but confidence their security tools work.

## How Fig Actually Works

The platform samples data as it flows through infrastructure. Understands how it changes through the pipeline. Creates what they call “data lineage”—a map of how upstream changes break downstream security tools.

Connects with SIEM systems and data links. Works with existing security environments. No rip-and-replace required.

The killer feature: Simulation mode. Companies can test how patches or config changes affect their security posture before deploying. Most breaches happen after routine updates that accidentally broke detection rules.

When I ran TaskFlow, we didn’t think about security stack monitoring. We should have. One AWS config change killed our intrusion detection for three days. We got lucky—no breach during that window. Most companies aren’t lucky.

## The Market Timing

Fig launched eight months ago. Already has “low double-digits” enterprise customers. Expects 50 to 100 by year-end. That’s fast traction in enterprise security—sales cycles usually run 6-12 months.

The security startup funding comes as enterprises drown in tools. C-suites pressure teams to adopt AI for cost savings and efficiency. But more tools mean more complexity. More ways for security to break silently.

What defenses should a CISO prioritize when hackers use AI for increasingly sophisticated attacks? Nobody knows. That uncertainty drives demand for platforms like Fig that provide visibility into what’s actually working.

## Use of Funds

Fig will expand in North America and triple headcount. Focus: Engineering and go-to-market teams. Smart allocation. Product-market fit is there—now it’s execution on sales and delivery.

Tripling headcount on $38M runway means they’re not burning crazy. Probably 50-75 employees currently, scaling to 150-225. With enterprise customers in double digits already, unit economics look sustainable.

Most security startups burn $3M+ monthly chasing logos. Fig’s approach—launch in stealth, land enterprise customers first, then announce with traction—flips the script. Raising capital when you have customers beats raising on a pitch deck. Every time.

## Why Investors Backed Fig

The security startup funding attracted operator-investors who’ve built and sold security companies. That matters. Merritt scaled Splunk to a $20B+ exit. Bonvanie built Palo Alto’s brand. Demisto and Siemplify founders sold to Palo Alto and Google.

They know enterprise security buying patterns. They know what CISOs actually pay for versus what gets demo’d at RSA Conference and ignored.

Team8 is a serious firm—they’ve built multiple Israeli security unicorns. Ten Eleven Ventures focuses on security and infrastructure. This isn’t spray-and-pray VC money. It’s strategic capital from people who understand the space.

The founder pedigree helps. Units 8200 and Mamram produce Israel’s best security talent. Check Point, Wiz, CyberArk—all trace roots to those programs. Investors bet on the team as much as the product.

## What Comes Next

Can Fig scale from low double-digit customers to 100 by year-end? That’s 5-10x growth in 8 months. Aggressive but not impossible with enterprise security traction.

Bigger question: Does the security startup funding last until they hit $20M+ ARR and raise Series B? At 50-100 customers paying $200K-500K annually, that math works. Burn rate determines everything.

Most security startups die between Series A and B. Customer acquisition costs explode. Sales cycles extend. Churn kicks in when IT budgets tighten. Fig has 18-24 months to prove they can scale efficiently.

The product thesis is sound. Security teams desperately need visibility into whether their tools actually work. If Fig executes on go-to-market and keeps burn reasonable, they’ll be fine.

If they overhire and chase growth over unit economics, they’ll join the graveyard of well-funded security startups that couldn’t cross $30M ARR profitably.

Execution beats ideas. Next milestone: 100 customers and $25M ARR by Q1 2027.

Share Article

Sean Nolan

Sean Nolan

Sean Nolan is a business journalist with a focus on startups, entrepreneurship, and innovation. With two decades of experience covering the business world, he specializes in telling the stories behind successful companies and emerging industries. Sean's writing explores growth strategies, leadership challenges, and market disruption across sectors from tech to retail. He's particularly interested in how businesses adapt to changing consumer behavior and technological advancement. In his spare time, Sean mentors aspiring entrepreneurs and enjoys craft beer tasting.

  • bitcoinBitcoin (BTC) $ 68,374.00 0.85%
  • ethereumEthereum (ETH) $ 1,983.88 2.43%
  • tetherTether (USDT) $ 0.999959 0.01%
  • bnbBNB (BNB) $ 634.32 1.25%
  • xrpXRP (XRP) $ 1.37 1.76%
  • usd-coinUSDC (USDC) $ 0.999982 0%
  • solanaSolana (SOL) $ 85.24 2.4%
  • tronTRON (TRX) $ 0.280742 0.51%
  • staked-etherLido Staked Ether (STETH) $ 2,265.05 3.46%
  • cardanoCardano (ADA) $ 0.267704 4.97%
  • avalanche-2Avalanche (AVAX) $ 9.25 0.07%
  • the-open-networkToncoin (TON) $ 1.24 1.06%