Fig Security raises $30 million Series A to strengthen cyber resilience infrastructure
The Israeli startup founded by former Siemplify executives targets operational gaps in SOC infrastructure.
Cybersecurity startup Fig Security has raised $30 million in a funding round led by Ten Eleven Ventures, with participation from Team8, which previously led the company’s $8 million Seed round.
Additional investors include Doug Merritt (former CEO of Splunk), Rene Bonvanie (former CMO of Palo Alto Networks), and the founders of Demisto and Siemplify.
Fig was founded in 2025 by Gal Shafir (CEO), Nir Loya Dahan (CPO), and Roy Haimof (CTO), veterans of Unit 8200 and Mamram. Shafir held leadership roles at Siemplify through its growth and $500 million acquisition by Google, later leading global security architecture for Google Cloud Security with a focus on Google SecOps. Loya Dahan previously served as VP of Product at Cymulate and held product leadership roles at Siemplify, while Haimof, who started his cybersecurity career at the age of 16, was Director of Engineering at Cymulate.
“We look at the resilience of operational data security infrastructure and identify gaps,” he said. “These are the systems on which the SOC operates, the organization’s cybersecurity backbone. We detect weaknesses and fix them to ensure the security system remains operational at all times.”
He added that Fig focuses on ensuring different parts of an organization’s security architecture function cohesively. “We look at the organization holistically and make sure the components work together so that the security operation remains continuously functional.”
The company currently employs 25 people, most of whom are based in Israel and work remotely. Despite the ongoing war, Loya Dahan said employees have adapted to the situation.
Addressing the impact of generative AI tools such as Claude, he said their influence is primarily felt in code-generation environments, an area outside Fig’s core focus.
“AI tools like Claude mainly affect companies operating in software development,” he said. “Our focus is not on writing code but on connecting and optimizing security products and processes. Our domain is about workflows and operational resilience, not code vulnerabilities.”
He stressed that AI alone cannot compensate for weak infrastructure. “Innovation in the SOC world is critical, but if you apply AI to broken data infrastructure, it won’t deliver value. Organizations need a complete and reliable infrastructure before they can effectively adopt AI.”
