Swiss cybersecurity startup Saporo has raised €7 million in Series A funding. The round was led by TIN Capital, with participation from G+D Ventures, CDP Venture Capital through its Corporate Partners I – ServiceTech fund, XAnge, Lightbird VC and Session VC.
Beyond capital, each investor will play a strategic role in Saporo’s growth. TIN Capital will support expansion in Northern Europe, G+D Ventures will facilitate market development in Germany, and CDP Venture Capital will help drive opportunities in Italy. M&A and fundraising advisory firm Trachet advised Saporo on the transaction.
Identity-based attacks are estimated to account for around 80 per cent of cyber incidents, with more than 90 per cent of successful breaches linked to weaknesses in access segmentation across systems such as Active Directory, Entra ID, AWS and Okta. Analysts suggest that approximately 85 per cent of breaches could be mitigated through stronger identity controls, yet many organisations still struggle with over-permissions, misconfigurations and shadow administrators, around 40 per cent of which may be exploitable in a single step.
Saporo, a graph-native identity security company, helps enterprises understand their environments from an attacker’s perspective. Its platform maps and analyses millions to billions of potential attack paths across hybrid identity systems, including on-premises Active Directory, cloud directories and machine identities, and identifies the relationships, misconfigurations and excessive permissions that enable lateral movement and privilege escalation.
Because attackers need only one viable route, Saporo computes all potential identity attack paths and highlights the smallest set of changes that can deliver the greatest reduction in risk. Large enterprises can face hundreds of millions of such paths, and few solutions can scan and prioritise risk effectively at this scale.
Saporo’s co-founder and CEO, Olivier Eyries, noted that the identity security market can be misleading, as ITDR tools and access graphs often provide a false sense of protection and fail to address systemic risks or reflect how attackers actually see an environment:
In large enterprises, identity graphs routinely surface over a billion attack paths; fixing them one by one is effectively a century-long project. Our customers use Saporo to remove around 80% of those paths within the first year, delivering faster risk reduction with far less remediation effort.
Using graph databases and graph theory, Saporo surfaces the most critical paths to sensitive assets and the minimal configuration changes needed to disrupt the majority of them, work that is extremely difficult to perform manually. By continuously monitoring identity and configuration changes in real time, enforcing long-term segregation of duties and supporting alignment with hardening frameworks such as ANSSI and MITRE, Saporo helps prevent environments from drifting back into unsafe states.
This approach is contributing to strong adoption in sectors such as financial services, healthcare, government, manufacturing and technology, where hybrid identity complexity and regulatory requirements are particularly high, and is reflected in customer retention above 140 per cent.
Guillaume Eyries, co-founder and Chief Product Officer at Saporo, emphasises the shift to identity-led attacks, where adversaries log in rather than break in, making the key issue what a compromised account can do next:
Saporo gives defenders the attacker’s view of their hybrid identity fabric so they can remove risky paths before an incident. This round lets us double down on automation and broaden multi-cloud and developer-ecosystem coverage to match how real-world attacks traverse Microsoft, Google, AWS, Okta and GitHub.
Saporo will use the new funding to expand its R&D, sales and marketing teams throughout 2026, supported by internal AI tools that have already significantly increased engineering productivity.
The capital will also be used to enhance one-click and assisted remediation workflows, extend hybrid identity coverage beyond Microsoft Active Directory, Entra ID and AWS to include Google Workspace/Cloud and GitHub, and strengthen the company’s presence in France, Switzerland, Benelux, Germany and Italy, alongside selective expansion in the United States.
Would you like to write the first comment?
Login to post comments