Founded by Olivier Eyries, Guillaume Eyries and Eric Blavier in 2021, Saporo was crowned the fastest-growing Swiss startup in 2025 according to the Sifted 250 - boasting 100% YoY growth since seed round with a pan-European investor syndicate that backs product automation, multi-cloud coverage, and go-to-market expansion.
Lausanne, Switzerland - [2/12/2025] – Swiss Cybersecurity startup, Saporo - the graph-native identity security company that lets defenders see enterprise environments the way attackers do - has raised €7 million in Series A funding. The round was led by TIN Capital, with participation from G+D Ventures, CDP Venture Capital through its Corporate Partners I – ServiceTech fund, XAnge, Lightbird VC and Session VC. Beyond capital, each investor will play a strategic role in Saporo’s growth: TIN Capital will support the expansion of its network and business in Northern Europe, G+D Ventures will facilitate market development in Germany, and CDP Venture Capital will drive opportunities in Italy. M&A & Fundraising advisory, Trachet, advised Saporo on the transaction.
Saporo has recorded 100% year-on-year growth since its previous round and was recently recognised as Switzerland’s fastest-growing startup in the Sifted 250. The market leader in hybrid Identity Security Posture Management (ISPM) will use the capital to expand one-click and assisted remediation workflows, extend hybrid identity coverage beyond Microsoft Active Directory, Entra ID and AWS to Google Workspace/Cloud and GitHub, and strengthen its presence in France, Switzerland, Benelux, Germany, and Italy, with selective US expansion.
The company currently employs people across Switzerland, France and the US. Saporo will scale its R&D, sales and marketing teams throughout 2026, supported by engineering productivity gains from internal AI adoption that have increased output by 30-40%.
Identity attacks and market need
Identity-based attacks now drive roughly 80% of cyber incidents, and more than 90% of successful breaches stem from gaps in access segmentation across Active Directory, Entra ID, AWS, Okta and other identity systems. Analysts estimate that 85% of breaches could be disrupted through stronger identity controls, yet most organisations still struggle with the scale of over-permissions, misconfigurations and shadow admins - 40% of which can be exploited in a single step.
Saporo gives defenders the attacker’s view of their hybrid identity landscape. The platform pinpoints the relationships, misconfigurations and excessive permissions that enable lateral movement and privilege escalation. Since attackers need only one viable route, Saporo computes all identity attack paths and prioritises the smallest set of changes that deliver the greatest risk reduction.
Large enterprises can have hundreds of millions of potential attack paths, and no other solution in the market can scan and prioritize risk at this scale. Saporo customers typically eliminate up to 80% of risky paths in the first year by addressing the highest-impact issues identified by the platform, and the value compounds over time.
By continuously monitoring identity and configuration changes in real time, enforcing long-term segregation of duties, and helping teams stay aligned with hardening frameworks such as ANSSI and MITRE, Saporo prevents environments from drifting back into unsafe states. This ongoing resilience is driving strong adoption across financial services, healthcare, government, manufacturing and technology with over 140% customer retention, where hybrid identity complexity and regulatory pressure are highest.
Powered by graph databases and graph theory, Saporo analyses paths across on-prem AD, cloud directories and machine identities. It surfaces the most dangerous paths to critical assets and the minimal configuration changes needed to break most of them - work that is effectively impossible to perform manually.
“The identity security market is deceptive. ITDR and access graphs create a false sense of security, often not fixing systemic risk and not giving the real attacker's perspective. In large enterprises, identity graphs routinely surface over a billion attack paths. Fixing them one by one is effectively a century-long project. Our customers use Saporo to remove around eighty percent of those paths within the first year, which delivers faster risk reduction and far lower remediation effort. With this pan-European investor group, we are scaling to meet demand from large enterprise and regulated sectors across Europe, while building a measured footprint in the US.”
“Attackers don’t break in - they log in. The question isn’t whether a single identity gets compromised, but what it can do next. Saporo gives defenders the attacker’s view of their hybrid identity fabric so they can remove risky paths before an incident. This round lets us double down on automation and broaden multi-cloud and developer-ecosystem coverage to match how real-world attacks traverse Microsoft, Google, AWS, Okta and GitHub”
“Saporo is redefining the future of identity security. The team’s talent, ambition, and ability to execute are simply exceptional. Their technology outperforms every competitor we’ve seen—delivering real, hard risk reduction instead of adding dashboards and complexity. This is the strongest European platform in the market, and together with CDP Venture Capital, G+D Ventures and XAnge, we’re backing Saporo to become a clear ISPM category leader.”
About Saporo - Saporo is the graph-native identity security company that helps enterprises see their environments like attackers do. Saporo maps and analyses millions to billions of potential attack paths across hybrid identity systems - spanning on-prem Active Directory, cloud directories and non-human identities - so security teams can proactively eliminate the riskiest routes to critical assets. Saporo serves customers across healthcare, financial services, manufacturing, government and technology. Learn more at saporo.com.
About TIN Capital - Founded in 1998, TIN Capital is recognized as one of Europe’s leading cybersecurity investors. Driven by the mission to build a safe, prosperous, and cyber-resilient Europe, TIN Capital began investing in cybersecurity in 2018 through its Dutch Security TechFund. In
Q4 2023, the firm launched the European Cyber Tech Fund V, focused on supporting European startups and scale-ups that strengthen national, economic, and digital security. The fund targets Series A and B rounds in best-in-class cybersecurity companies on their path to global leadership.
About Trachet - Trachet is a boutique M&A and fundraising advisory partnering with high-growth companies on capital strategy and transactions. The firm supports founders from Series A to exit with hands-on execution and communications that build long-term value. Learn more at Trachet.co.
About XAnge - XAnge is a BCorp-certified early-stage investment fund managing €700 million, with offices in Paris, Berlin, and Brussels. The fund backs European founders who aim to transform daily life through technology, investing between €500,000 and €10 million from the seed stage onwards.
XAnge’s investment focus spans deeptech, health, fintech, SaaS, and e-commerce, with a portfolio including Lydia, Welcome to the Jungle, Believe, MrSpex, and Ledger. XAnge is the innovation-driven venture capital brand of the Siparex Group.
