Saporo Raises €7 Million To Tackle Identity-Based Cyber Attacks

The round was led by TIN Capital, with G+D Ventures, CDP Venture Capital (through its Corporate Partners I – ServiceTech fund), XAnge, Lightbird VC and Session VC also participating.

Each investor will support Saporo beyond funding: TIN Capital will help expand in Northern Europe, G+D Ventures will focus on Germany and CDP Venture Capital will drive growth in Italy.

Olivier Eyries, co-founder and CEO, Saporo says: “The identity security market is deceptive. ITDR and access graphs create a false sense of security, often not fixing systemic risk and not giving the real attacker’s perspective. In large enterprises, identity graphs routinely surface over a billion attack paths. Fixing them one by one is effectively a century-long project.”

In 2025 EU-Startups reported only a few funding rounds in areas similar to Saporo’s graph-native identity security focus.

Read Also - Searchable Raises €4.5 Million To Help Brands In The AI Era

These included WiseBee, a US-Bulgarian autonomous cyber-defense startup, which raised €2.1 million for its agentic defense platform, and Bsure from Norway which secured €1.8 million to help organizations identify risky or inactive Microsoft accounts.

With a combined total of about €3.9 million for these startups, Saporo’s €7 million Series A stands out as one of the largest identity-focused funding events of 2025.

The smaller rounds for WiseBee and Bsure suggest that the sector is still early-stage, while Saporo’s larger raise reflects growing investor confidence in identity-focused security and gives the company more resources to expand across Europe and into the US.

“Our customers use Saporo to remove around eighty percent of those paths within the first year, which delivers faster risk reduction and far lower remediation effort. With this pan-European investor group, we are scaling to meet demand from large enterprise and regulated sectors across Europe, while building a measured footprint in the US,” adds Eyries.

Founded in 2021, Saporo helps security teams find and fix the riskiest paths to critical assets by mapping and analyzing millions to billions of potential attack routes across hybrid identity systems, including on-prem Active Directory, cloud directories and non-human identities.

The company has achieved 100% year-on-year growth since its last funding round and plans to use the new capital to expand one-click and assisted remediation workflows, extend hybrid identity coverage to include Google Workspace/Cloud and GitHub (beyond Microsoft Active Directory, Entra ID, and AWS), and grow its presence in France, Switzerland, Benelux, Germany, Italy, with selective expansion in the US.

The company currently employs people across Switzerland, France and the US. Saporo will scale its R&D, sales and marketing teams throughout 2026, supported by engineering productivity gains from internal AI adoption that have reportedly increased output by 30-40%.

Guillaume Eyries, co-founder and CEO, Saporo explains: “Attackers don’t break in – they log in. The question isn’t whether a single identity gets compromised, but what it can do next. Saporo gives defenders the attacker’s view of their hybrid identity fabric so they can remove risky paths before an incident. This round lets us double down on automation and broaden multi-cloud and developer-ecosystem coverage to match how real-world attacks traverse Microsoft, Google, AWS, Okta and GitHub.”

According to Saporo, identity-based attacks now account for about 80% of cyber incidents, and over 90% of successful breaches come from gaps in access across Active Directory, Entra ID, AWS, Okta, and other identity systems.

Analysts estimate that 85% of breaches could be prevented with stronger identity controls, but many organizations still struggle with over-permissions, misconfigurations, and shadow admins around 40% of which can be exploited in a single step.

Roel Reijnen, Lead Investor, TIN Capital says: “Saporo is redefining the future of identity security. The team’s talent, ambition, and ability to execute are simply exceptional. Their technology outperforms every competitor we’ve seen – delivering real, hard risk reduction instead of adding dashboards and complexity. This is the strongest European platform in the market, and together with CDP Venture Capital, G+D Ventures and XAnge, we’re backing Saporo to become a clear ISPM category leader.”

Saporo’s approach is driving strong adoption in financial services, healthcare, government, manufacturing, and technology, with over 140% customer retention, especially in areas with complex hybrid identities and heavy regulatory pressure.

Using graph databases and graph theory, Saporo analyzes paths across on-prem Active Directory, cloud directories, and machine identities. It identifies the most dangerous paths to critical assets and recommends the smallest configuration changes needed to block them – work that would be impossible to do manually.

About Saporo

Saporo helps organizations resist cyberattacks by identifying and reducing excessive user and system access. By analyzing configuration weaknesses and permissions, it anticipates how attackers could exploit them and recommends the most effective actions to strengthen security, improve cyber resilience and protect critical assets across hybrid identity systems.