After a year of deploying Saporo, Geneva's state has experienced notable transformations in its IT (Active Directory) security posture.
OCSIN, responsible for delivering IT services across Geneva's state departments, holds a paramount responsibility: securing the data of its citizens. Their Active Directory (AD) was seen as a complex entity — a "black box" with limited visibility, massive data sets, and inherent vulnerabilities. The first sign of danger was a penetration test that discovered attack pathways from an exchange server to their AD. While they had tools that showed potential risks, they lacked continuous, comprehensive visibility and actionable insights.
The introduction to Saporo came through a recommendation. OCSIN was already exploring solutions to visualize and understand attack pathways in their AD. While an initial audit with Microsoft didn't yield significant results, Saporo showcased real risks and gave a clear picture of the challenges within their extensive AD setup.
"Saporo has been a transformative solution for OCSIN. It has filled gaps in our AD security strategy, offering comprehensive, continuous insights", summed up OCSIN's manager. "For entities with a mature AD setup, OCSIN highly recommends Saporo for its exhaustive capabilities and exceptional value for money".
Before Saporo, OCSIN faced challenges in understanding their AD's complexities and vulnerabilities. Now, they have a clearer picture, actionable insights, and a robust strategy for securing their IT infrastructure. Special thanks to OCSIN for sharing insights into their journey.