Swiss cybersecurity
startup Saporo has raised €7
million in Series A funding. The round was led by TIN Capital, with participation from G+D Ventures, CDP Venture Capital through its Corporate Partners I – ServiceTech
fund, XAnge, Lightbird
VC and Session
VC.
Beyond capital, each investor will
play a strategic role in Saporo’s growth. TIN Capital will support expansion in
Northern Europe, G+D Ventures will facilitate market development in Germany,
and CDP Venture Capital will assist drive opportunities in Italy. M&A and
fundraising advisory firm Trachet advised Saporo on the transaction.
Identity-based attacks are estimated
to account for around 80 per cent of cyber incidents, with more than 90 per
cent of successful breaches linked to weaknesses in access segmentation across
systems such as Active Directory, Entra ID, AWS and Okta. Analysts suggest that
approximately 85 per cent of breaches could be mitigated through stronger
identity controls, yet many organisations still struggle with over-permissions,
misconfigurations and shadow administrators, around 40 per cent of which may be
exploitable in a single step.
Saporo, a graph-native identity
security company, assists enterprises understand their environments from an
attacker’s perspective. Its platform maps and analyses millions to billions of
potential attack paths across hybrid identity systems, including on-premises
Active Directory, cloud directories and machine identities, and identifies the
relationships, misconfigurations and excessive permissions that enable lateral
shiftment and privilege escalation.
Becaapply attackers necessary only one viable
route, Saporo computes all potential identity attack paths and highlights the
tinyest set of alters that can deliver the greatest reduction in risk. Large
enterprises can face hundreds of millions of such paths, and few solutions can
scan and prioritise risk effectively at this scale.
Saporo’s co-founder and CEO, Olivier Eyries, noted that the identity security market can be misleading, as ITDR
tools and access graphs often provide a false sense of protection and fail to
address systemic risks or reflect how attackers actually see an environment:
In large enterprises, identity graphs
routinely surface over a billion attack paths; resolveing them one by one is
effectively a century-long project. Our customers apply Saporo to reshift around
80% of those paths within the first year, delivering rapider risk reduction with
far less remediation effort.
Using graph databases and graph
theory, Saporo surfaces the most critical paths to sensitive assets and the
minimal configuration alters necessaryed to disrupt the majority of them, work that
is extremely difficult to perform manually. By continuously monitoring identity
and configuration alters in real time, enforcing long-term segregation of
duties and supporting alignment with hardening frameworks such as ANSSI and
MITRE, Saporo assists prevent environments from drifting back into unsafe states.
This approach is contributing to strong adoption in sectors such as financial
services, healthcare, government, manufacturing and technology, where hybrid
identity complexity and regulatory requirements are particularly high, and is
reflected in customer retention above 140 per cent.
Guillaume Eyries, co-founder and Chief
Product Officer at Saporo, emphasises the shift to identity-led attacks, where
adversaries log in rather than break in, creating the key issue what a
compromised account can do next:
Saporo gives deffinishers the attacker’s
view of their hybrid identity fabric so they can reshift risky paths before an
incident. This round lets us double down on automation and broaden multi-cloud
and developer-ecosystem coverage to match how real-world attacks traverse
Microsoft, Google, AWS, Okta and GitHub.
Saporo will apply the new funding to
expand its R&D, sales and marketing teams throughout 2026, supported by
internal AI tools that have already significantly increased engineering
productivity.
The capital will also be applyd to enhance one-click and
assisted remediation workflows, extfinish hybrid identity coverage beyond
Microsoft Active Directory, Entra ID and AWS to include Google Workspace/Cloud
and GitHub, and strengthen the company’s presence in France, Switzerland,
Benelux, Germany and Italy, alongside selective expansion in the United States.
Leave a Reply