Lausanne, Switzerland. Saporo has announced a $2.7M pre-seed round co-led by Session VC and Lightbird Ventures to make it easier for businesses of any size to increase their cyber resistance. Saporo’s technology enables any organisation to model and measure its resistance to anticipate attacks and make better-informed decisions about managing its risk without the need to think like an attacker.
The Swiss cyber security startup launched in April 2021 after 18 months of research and development. Saporo was co-founded by the two brothers Olivier and Guillaume Eyries, and researcher Éric Blavier. Through shared experiences growing previous businesses and working in cyber security, the three share a vision to make cyber security accessible to all organisations.
“Saporo does the heavy lifting so any business can rapidly improve its security,” says Olivier Eyries, Co-Founder and CEO of Saporo. “At the moment, defenders are losing the race against cyber attackers. Current methods for testing weaknesses in infrastructure are slow, labour-intensive, and take up too many resources. That’s where Saporo comes in.”
Saporo’s technology proactively stress-tests user and system access risks before attackers can exploit them. The product uses machine-learning driven analysis and graph theory to test an organisation's attack surface, and the relationships between assets, users, and computers, against millions of threat scenarios. Saporo can also help organisations safely move to the cloud and currently supports Microsoft AD and Azure, with AWS, GCP, Okta and IaaS also integrated by the end of this year.
The technology continuously and contextually quantifies the security impact and exploitability of systems configurations. Saporo can then measure how much effort would be required for attackers to compromise resources. This allows organisations to identify and prioritise paths that attackers could take in various attacks like ransomware.
The pre-seed funding will be used to expand the team to 12 people in 2022, with key hires being made in data science, security research and engineering development. Funding will also be used for further product development, exploring new markets and growing the customer base. Saporo is already working with healthcare, banking, and insurance businesses.
Jean-Baptise Gard, an IT Engineer for Network Infrastructure at the Saint-Quentin Hospital Center, and a Saporo customer said, "Saporo is an indispensable solution in the fight against and prevention of next-generation cyber-attacks. The solution made us aware that our active directory (AD) design was no longer in line with current risks by auditing our AD directory differently from other tools. In particular, Saporo’s technology was able to list the various attack paths that we had no visibility on, until now. All of the information provided allowed us to address the security issues related to AD."
A sample of French hospitals using Saporo has shown an average attack surface reduction of 70-90 per cent within three months.
Benjamin Solenthaler, the Managing Partner at Lightbird, added, “We’re already seeing a considerable impact being made on the businesses using Saporo’s solution - with some customers seeing an 80 percent improvement in one single day! With Saporo, all organisations can get ahead of any future cyber problem and be better equipped against attacks. We’re excited to back the team and see the company grow in 2022 and beyond.”
Globally, the cyber security market was worth $167.13Bn in 2020. Saporo sits between two fast-growing markets within cyber security: the Privilege Access Management Market is forecast to be worth $1Bn by 2025, and the Threat Intelligence Market is predicted at $12.6Bn by 2025.
Martin Altorfer, Founding Partner of Session VC, concluded, “Today, for most organisations, too many issues seem to make the shortlist of priorities. However, strengthening the defence is imperative, especially when situations and technology change daily. Saporo takes the hardest part of the job away; giving customers the data and recommendations to act now by prioritising the risk. This is an incredibly powerful solution and one we believe will make a profound change in assessing risks.”