product

Protect your critical assets, uncover your blind spots

Saporo helps you understand your environment from the perspective of an attacker. Identify and address attack paths, misconfigurations and other vulnerabilities by continuously mapping assets, discovering risks, and prioritizing remediation efforts for IT and security teams.

ORder in chaos

Simple to install, simple to use.

Saporo is built to be fast and scalable. Results are available in as little as one hour. Our solution is agentless and only requires read access. We understand that some industries and companies have different constraints or preferences. Saporo can be fully installed on-premises or in the cloud.

Know where you start and track your progress

Saporo resistance score will give you a clear and simple way of understanding how well your organization can resist attacks. The higher your score, the more difficult and time consuming it will be for attackers to progress through your organization.

Saporo's resistance score is normalized which ensures that you can easily compare your organization with other organizations in the same industry, segment or group.

See your environment like an attacker

By uncovering hidden attack paths across your hybrid environment, Saporo reduces your risk of exposure. Eradicate millions of paths with minimal effort by focusing on key chokepoints and specific types of attacks, like ransomware.
‍
Saporo will find, score and present to you only what matters most to your organization.

Context is everything!

Discover how misconfigurations and vulnerabilities impact your security posture. Saporo adds context so you can focus on what is most critical.
‍
As opposed to other solutions on the market, each control issue is prioritized in the context of what can be accessed by an attacker. This helps organizations define a roadmap of what to work on in order of importance.

Detailed view per node

Saporo helps you prioritize what to focus on but that does not mean you can't zoom in and investigate specific nodes yourself.

Whether you want to monitor closely an important node (CEO, CFO, etc.) or simply make sure a node that was flagged in another system does not have attack paths to critical assets, you can do it easily in Saporo. Each node can be zoomed-in and drilled down into.

Available and upcoming data sources

ORder in chaos

Attackers love complexity. Defenders need clarity.

Attackers need to find only one attack path, defenders need to find all of them.
Identifying all potential attack paths in large and dynamic environments is impossible using manual methods.

modelize

Modelize attacker behaviors

User access to resources is evaluated against adversarial use case scenarios to provide a deterministic model of attack paths.

prioritize

Scores based on impact

Saporo leverages graph theory to prioritize the most egregious attack paths so you can prioritize your resources, time and risk.

mitigate

Actionable recommendations

Saporo recommends changes to improve the resilience of your organization and close attack paths by level of risk and exposure.

Testimonials

They trust us

Saporo is an indispensable defense tool for all organizations that want to be one step ahead in controlling risks within their increasingly complex infrastructures.

Christophe Bouillard

CISO at Bank Mirabaud & Cie

Saporo addresses strategic cybersecurity priorities in a super-fast, simple, cost effective and understandable way. Our main interest is that Saporo anticipates fragilities with calculation of priorities related to access rights and access paths. Beyond the optimization of defenses, it is a tool for minimizing the business consequences of attacks.

Ludovic Chouet

CISO at Centre Hospitalier Dôle, Louis Pasteur

Saporo is an indispensable solution to prevent and fight against next-generation cyber-attacks. The solution made us aware that our Active Directory design was no longer in line with current risks. It audits directories in a way that is different from other tools, in particular by listing the various attack paths that we had no visibility into until now. All of the information provided allowed us to address the security issues related to AD.

Jean-Baptiste Gard

CISO at Saint-Quentin Hospital Center

We are thrilled to count Saporo as the winner of the 2022 Tech4Trust Award. Startups in our Tech4Trust Swiss Program powered by Trust Valley are dedicated to digital trust and cybersecurity. Reducing cyber-risk by eliminating excessive access on directories is a great solution in the current race between attackers and defenders.

Lennig Pedron

Directrice at Trust Valley (EPFL Innovation Park)

key benefits

Stay ahead of attackers.

By predicting where attackers might go next, Saporo allows organizations to prioritize their resources
providing the time and context they need to stay ahead of attackers.

Reduce your attack surface by eliminating attack paths.

By leveraging machine learning to simulate a multitude of potential attack scenarios, Saporo can identify common choke points and suggest changes to organizations. These change suggestions are computed to present the most beneficial improvements with the least amount of business disruption.

This approach considers that any node, user, host or token in the environment could be compromised at any moment and identifies the most risky potential compromise. In some cases the optimal choice is to accept the risk. In others, change to groups or accounts rights might be sufficient to mitigate attack paths.

Eliminate the shortest and most dangerous attack paths first.

Prioritizing where to focus efforts first when attack scenarios are almost endless is a complex task. There are hundreds to thousands of potential attack paths, yet most security and networking teams do not know what those paths are much less which ones offer the shortest viable paths that allow an adversary to efficiently reach their target.

Saporo will query attack paths and quantify risk based on the number of paths and sensitivity of resources that may be exposed. Getting a complete picture of how many connections are possible and how to reduce those numbers reduces risk.

Evaluate risks coming from compromised assets.

When organizations have identified a number of hosts, accounts or tokens that might have been compromised, Saporo can help evaluate the potential impact of the breach in the context of current environment policies and configurations.

Full attack paths can be displayed to the user, including the type of resource that might end up being accessed given the current set of compromised assets. This helps prioritize response not only from a threat point of view but also by impact and risk.

Prescribe mitigation to eliminate attack paths during a breach.

Adversaries go for the shortest attack path. Don’t give them shortcuts to compromise your data.

Saporo prescribes recommendations on the best intersection between an adversary's current location and potential targeted high value assets. Increasing the complexity of an attack slows adversaries down and provides the security team more time to respond.

Quantify the security impact of access control configuration.

Saporo provides a side-by-side comparative analysis of current state user access configuration models to a baseline configuration. Changes to attack paths will be visualized with additional focus on impact of changes to the overall surface.

Configuration changes are compared including environmental impact and exploitability of assets due to new potential attack paths. While a configuration change might include more attack paths than a previous configuration, their length and complexity will also be taken into account to determine if the change is an improvement.

Track progress and changes with a timeline of events and impact

Not all risks can be mitigated, and often many risks need to be accepted. By exposing existing attack paths and offering them for review, organizations can track and report on accepted risks.

Also, in order to build configuration systems, organizations need to track changes between versions of configurations over time. This gives organizations an overall timeline not currently available to security personnel. Saporo helps report on the impact of changes over time.

Innovation is key to better resist attacks

Attackers need to find only one path to your critical assets. Defenders like you need to find all of them. Doing this in large and dynamic environments is impossible using manual methods. Saporo uses graph theory to automate this process, protect your critical assets and uncover your blind spots.

REQUEST DEMO