Saporo

Saporo delivers an Identity Security Posture Management (ISPM) platform, fortifying organizational defenses. Its core product analyzes identity exposure, resilience, and access risks across Active Directory, Azure AD, and hybrid environments. Utilizing deep path analysis, Saporo identifies and mitigates vulnerabilities, safeguarding user identities and tightening access controls, preventing attacks and reducing systemic risk.

The company emerged from Lausanne, Switzerland, becoming a key innovator in hybrid Identity Security Posture Management. Founded on the insight that robust identity protection is crucial, Saporo focused on addressing intricate identity-related cyber threats. This foundation allowed them to develop precise solutions for managing permissions-based attack surfaces.

Saporo assists security leaders in maintaining resilience against evolving cyber threats. Its vision empowers enterprises by identifying, prioritizing, and remediating specific identity risks attackers leverage for lateral movement. The company continually enhances its platform, improving remediation workflows and ensuring comprehensive protection for its clientele.

Saporo is a Swiss cybersecurity company that builds a graph-native Identity Security Posture Management (ISPM) platform that maps identity attack paths across hybrid environments and helps security teams prioritize and remediate the exposures that enable lateral movement and privilege escalation[2][5].

High-Level Overview

• Mission: Saporo’s mission is to “bring order to identity chaos” by giving defenders graph-based visibility into identity relationships, misconfigurations and log events so they can anticipate and block attack paths before attackers can exploit them[2][5].
  - Investment philosophy / Key sectors / Impact on the startup ecosystem: Saporo is a startup (not an investment firm); it targets large enterprises in sectors requiring strong identity controls such as financial services, healthcare, government and manufacturing, and its technology contributes to the cybersecurity ecosystem by advancing identity-first defensive tooling and driving adoption of Identity Security Posture Management (ISPM)[1][3].
  - For a portfolio-company style summary (product, customers, problem, growth): Saporo builds an ISPM product that models identities and access as a graph to uncover and prioritize attack paths across Active Directory, Entra ID, M365, Okta, AWS and other sources[5][2]. It serves enterprise security teams and CISOs in regulated or high-risk industries who need to reduce systemic identity risk and enforce least privilege[1][5]. The product solves the problem of hidden lateral movement and privilege escalation risks that traditional point tools miss by surfacing high-impact remediation actions and a “resistance” view of how hard it is for attackers to reach critical assets[1][2]. Saporo reported strong customer traction and retention—customers remove around 80% of attack paths in the first year and Saporo cites retention above 140%; the company closed a €7M Series A in late 2025 to scale product and geographic expansion[3][5].

Origin Story

• Founding year and location: Saporo was founded in 2021 and is based in Lausanne, Switzerland[2][5].
  - Founders and background / How the idea emerged: The company was founded to address a shift toward identity-led attacks by applying graph theory and attacker-perspective simulations to identity data; the public messaging stresses that defenders think in lists while attackers think in graphs, which motivated a graph-native approach to identity security[2][3].
  - Early traction / pivotal moments: Early product traction emerged from addressing hybrid identity complexity in enterprises; pivotal developments include customer wins in regulated sectors, high retention metrics, and a €7M Series A led by TIN Capital in 2025 that brought strategic investors to accelerate regional expansion and broader identity coverage[3][5].

Core Differentiators

• Graph-native analysis: Saporo uses an in-memory graph engine to map billions of possible identity attack paths and simulate lateral movement, enabling systemic analysis rather than isolated findings[5][3].
  - Hybrid identity coverage: The platform is agentless and integrates on-prem Active Directory, Entra ID/Microsoft 365, AWS, Okta and other identity sources to provide unified visibility across cloud and legacy environments[5][2].
  - Prioritization and remediation focus: Saporo emphasizes high-impact prioritization (customers commonly remove ~80% of attack paths in year one) and is investing in one‑click and assisted remediation workflows to reduce remediation effort[3][5].
  - Resistance scoring and impact analysis: The product provides a “resistance” score and impact simulations so teams can choose remediation actions that maximally reduce attacker reach with minimal changes[1][5].
  - Sector and regulatory fit: Strong traction in finance, healthcare, government and other regulated industries that face hybrid identity complexity and compliance requirements[1][3].

Role in the Broader Tech Landscape

• Trend alignment: Saporo rides the trend of identity becoming the primary attack vector (identity-first attacks) and the broader shift from perimeter security to identity- and privilege-centric defenses[3][2].
  - Why timing matters: As enterprises adopt hybrid and multi-cloud identity stacks, legacy tools fail to capture cross-environment attack paths; graph-native ISPM addresses this gap and is timely given rising ransomware and account compromise incidents[3][1].
  - Market forces in their favor: Regulatory pressure, rising cyber insurance scrutiny, increasing cloud adoption, and the operational difficulty of manually remediating identity sprawl all create demand for scalable identity posture solutions[3][5].
  - Ecosystem influence: By formalizing ISPM and demonstrating measurable remediation velocity and retention, Saporo is helping define a category (identity attack path management) and pushing other security vendors to integrate graph-based identity analysis or partner with ISPM providers[2][3].

Quick Take & Future Outlook

• What’s next: Saporo plans to use its Series A funding to expand regional coverage (Europe and selective U.S. expansion), extend hybrid identity integrations beyond AD, Entra ID and AWS (adding Google Workspace/Cloud, GitHub and more), and enhance remediation workflows and operational integrations[3][5].
  - Trends that will shape their journey: Continued proliferation of cloud-native and machine identities, increased emphasis on least-privilege and zero-trust architectures, and the need for automated remediation and risk-based prioritization will drive demand for ISPM platforms[3][2].
  - How influence might evolve: If Saporo continues to deliver high retention and measurable risk reduction, it could become a standard component of enterprise security stacks (complementing IAM, PAM and XDR tooling) and help operationalize identity-based zero trust across regulated industries[3][5].

Quick take: Saporo has positioned itself as a focused ISPM challenger by combining graph-native modeling, hybrid coverage and remediation-centered workflows; its recent Series A and customer metrics suggest genuine product-market fit in identity-heavy enterprise segments, and the company’s near-term growth will hinge on scaling integrations, automating remediation, and expanding into additional geographies and identity platforms[3][5].