Launched in 2021, Saporo has just raised €2.3 million in pre-seed funding to make it easier for businesses of any and all sizes to improve their cyber resistance. The funding was co-led by Session VC and Lightbird Ventures.
The Swiss startup aims to make cyber resistance accessible. In the age of increased cyber attacks, this is a mission that is relevant to companies across sectors. The cyber security market is growing massively globally and was worth in excess of $165 billion in 2020.
Saporo’s tech allows organisations to increase cyber resistance by prioritising and reducing user access risk. By using AI and graph technologies to analyse configuration and user access data, Saporo scores organisations resistance to attacks and finds the most impactful changes to increase cyber resistance.
Co-founded by two brothers Olivier and Guillaume Eyries, and researcher Éric Blavier, the startup’s April 2021 launch came after 18 months of research and development. Through shared experiences growing previous businesses and working in cyber security, the three share a vision to make cyber security accessible to all organisations.
Olivier Eyries, Co-Founder and CEO of Saporo, explained: “Saporo does the heavy lifting so any business can rapidly improve its security. At the moment, defenders are losing the race against cyber attackers. Current methods for testing weaknesses in infrastructure are slow, labour-intensive, and take up too many resources. That’s where Saporo comes in.”
Saporo’s technology proactively stress-tests user and system access risks before attackers can exploit them. The product uses machine-learning driven analysis and graph theory to test an organisation’s attack surface, and the relationships between assets, users, and computers, against millions of threat scenarios. Saporo can also help organisations safely move to the cloud and currently supports Microsoft AD and Azure, with AWS, GCP, Okta and IaaS also integrated by the end of this year.
The technology continuously and contextually quantifies the security impact and exploitability of systems configurations. Saporo can then measure how much effort would be required for attackers to compromise resources. This allows organisations to identify and prioritise paths that attackers could take in various attacks like ransomware.
This funding boost will be used to expand the team to 12 people in 2022, with key hires being made in data science, security research and engineering development. Funding will also be used for further product development, exploring new markets and growing the customer base. Saporo is already working with healthcare, banking, and insurance businesses.
A sample of French hospitals using Saporo has shown an average attack surface reduction of 70-90% within three months.
Jean-Baptise Gard, an IT Engineer for Network Infrastructure at the Saint-Quentin Hospital Center, and a Saporo customer said, “Saporo is an indispensable solution in the fight against and prevention of next-generation cyber-attacks. The solution made us aware that our active directory (AD) design was no longer in line with current risks by auditing our AD directory differently from other tools. In particular, Saporo’s technology was able to list the various attack paths that we had no visibility of until now. All of the information provided allowed us to address the security issues related to AD.”