Lausanne, Switzerland-based Saporo, not to be confused Japan’s tasty beverage brewer Sapporo, has raised $2.7 million in a pre-seed funding round. The startup helps clients improve cyber security defences by prioritising and reducing user and system access risks. The pre-seed money will enable the firm to expand its product lineup and team numbers as well as push forward with client acquisitions.
Based on shared experiences of growing businesses and working in the cyber security sector, after an 18 month research and development period, Saporo was launched by brothers Olivier and Guillaume Eyries, and researcher Éric Blavier.
Explaining Saporo’s raison d'être, co-founder and CEO Olivier Eyries explains, “Saporo does the heavy lifting so any business can rapidly improve its security. At the moment, defenders are losing the race against cyber attackers. Current methods for testing weaknesses in infrastructure are slow, labour-intensive, and take up too many resources. That’s where Saporo comes in.”
Uses ML-driven analysis and graph theory, Saporo’s technology stress-tests user and system access risks, continuously and contextually quantifying the security impact and exploitability of systems configurations. Through this analysis, Saporo is then able to define the relationships between assets, users, and computers, against millions of threat scenarios.
To put that in perhaps more understandable terms, Saporo finds all the weak points in a clients’ security configuration, measures how much effort would be required to breach these defences, and then provides information on just how an attacker might do so.
Saporo is already working with clients in the healthcare, banking, and insurance sectors, and is currently supports Microsoft AD and Azure, with AWS, GCP, Okta, and IaaS integrations planned by years’ end.
And it would seem as though the proof behind Saporo’s thinking is in the pudding, as a sample of 10 clients demonstrated an average attack surface reduction of 70-90 percent within three months.
"The solution made us aware that our active directory (AD) design was no longer in line with current risks by auditing our AD directory differently from other tools,” commented Saint-Quentin Hospital Center IT Engineer for Network Infrastructure Jean-Baptiste Gard. “In particular, Saporo’s technology was able to list the various attack paths that we had no visibility of until now. All of the information provided allowed us to address the security issues related to AD."
“We’re already seeing a considerable impact being made on the businesses using Saporo’s solution - with some customers seeing an 80 percent improvement in one single day,” concluded Lightbird’s Benjamin Solenthaler.