All features
Discover every capability that powers Saporo — from graph-based attack path analysis to continuous hardening and integrations.
Graph Engine & Analysis
At the core of Saporo is a high-performance graph engine that maps every identity, permission, and relationship.
Visualize and control complexity
Saporo’s graph engine transforms sprawling identity data into a single model you can explore and analyze. It connects accounts, groups, permissions, and resources into a living map, so you can see not just what exists — but how attackers could exploit it.
Hybrid identity graph
Bring together Active Directory, Entra ID, ADCS, Okta, AWS IAM, and more in one consolidated view. No silos, no blind spots.
Attack path calculation
Graph algorithms identify chains of permissions that can be abused to move laterally or escalate privileges. This goes beyond single misconfigs to show how risks combine.
Chokepoint identification
Automatically highlight the accounts, groups, or resources that sit at the center of up to millions of attack paths. Solving these chokepoints cuts off entire classes of attacks.
Impact simulation
Preview how removing a permission or disabling an account will affect attack paths — before you touch production. This lets teams fix issues confidently without breaking workflows.
By connecting identities and permissions into one model, Saporo enables security teams to move past static lists and see the bigger picture. The graph engine makes identity risk measurable, understandable, and most importantly, fixable.
Misconfiguration & Risk
Surface the misconfigurations that create hidden openings for attackers. From dormant privileges to risky inheritance, Saporo continuously highlights the issues that weaken your identity posture.
From noise to clear priorities
Traditional tools produce long lists of technical issues with little context. Saporo analyzes accounts, groups, and policies in relation to your environment, surfacing the weaknesses that matter most and showing you how to fix them.
Comprehensive library
Aligned with ANSSI, MITRE, ISO and Microsoft best practices — continuously updated to reflect evolving attacker techniques.
Unused permissions
Identify accounts and groups holding rights they haven’t exercised for months. Removing these reduces privilege sprawl and minimizes potential entry points.
Tiering exposures
Automatically detect exposures that break Microsoft’s Tier Model, making it easier for attackers to pivot from lower-tier accounts into critical infrastructure.
Hidden privilege inheritance
Uncover shadow admins, AdminSDHolder persistence, and other stealthy privilege paths that attackers use for long-term control.
Saporo transforms misconfigurations from endless lists into a clear, prioritized roadmap for hardening. By surfacing the issues that pose the greatest risk, it enables teams to act with focus and confidence.
Monitoring & Hardening
Saporo continuously monitors your environment, tracks posture changes, and quantifies resilience with clear resistance scores — so you know when risk is growing and how hardening efforts are paying off.
Measure, monitor, and improve
Every identity change shifts your attack surface. Saporo tracks these shifts in real time, updating resistance scores that combine attack path exposure, misconfigurations, and log events into a single, easy-to-understand benchmark. Teams can spot drift immediately and demonstrate improvements over time.
Coverage
Saporo provides full coverage across the identity systems that matter most. From AD to Entra ID and companion sources like Okta and AWS, it unifies them into one model so attackers have nowhere to hide.
Comprehensive identity coverage
Identity today spans multiple worlds — legacy AD, modern cloud directories, SaaS identity providers, and cloud infrastructure. Saporo connects them all, mapping permissions, misconfigurations, and attack paths into one graph. With this unified view, you see risks that span across silos and can harden your environment end-to-end.
Active Directory, ADCS and SMB Shares
Full coverage of AD forests, trusts, ACLs, and group structures, with deep mapping of ADCS objects and templates. Surface excessive privileges, delegation paths, weak GPOs, and certificate issues that attackers exploit to escalate. Extend this visibility into SMB shares to uncover excessive access and lateral movement opportunities that expose sensitive data and critical infrastructure.
Azure, Entra ID and M365
Analyze risky app consents, admin assignments, and legacy authentication. Model how OAuth abuse or role misconfigurations can create tenant-wide compromise. Enforce 220+ mapped controls (CIS, MITRE, ANSSI, ISO) across Entra ID and Microsoft 365 for continuous hardening.
Companion sources
Extend visibility with companion identity sources like Okta and AWS IAM to complete the hybrid map. Highlight risky delegations, oversharing, and over-permissive roles. Coming soon: expanded coverage for GitHub, Kubernetes, and other critical platforms.
Saporo unifies identity risk coverage across on-prem and cloud, eliminating blind spots that attackers exploit. By combining AD, Entra ID, and companion sources into a single model, it delivers a complete picture of identity posture — and one place to harden it.
Scale & Performance
Saporo is built to scale. Whether you have thousands or millions of identities, permissions, and relationships, it delivers analysis and results without slowing down.
High performance at enterprise scale
Identity environments can quickly grow massive — spanning AD forests, Entra ID tenants, SaaS integrations, and cloud resources. Saporo’s graph engine is optimized to handle these environments at scale, processing millions of nodes and edges while keeping analysis fast and interactive.
Attack Path Chokepoints
Stop attackers at scale by finding the chokepoints — the permissions, groups, or identities that sit at the center of millions of attack paths.
One fix, massive impact
Attackers exploit chains of misconfigurations and permissions to reach high-value targets. Saporo identifies the chokepoints that appear across many of these paths, showing you where a single remediation can eliminate entire clusters of risk.
AI & Assisted Resolution
Saporo goes beyond analysis. It provides clear, prescriptive recommendations — enhanced with AI assistance — so teams can remediate with confidence.
From findings to fixes
Security teams don’t just need to know what’s wrong, they need to know how to fix it. Saporo generates tailored recommendations for every issue, enriched with AI explanations that clarify risks and propose safe remediation steps.
Advanced Exploration
Go beyond predefined views with graph exploration, custom queries, and reporting tailored to your environment.
Explore, query, and report
Every environment is unique. Saporo lets you freely explore the identity graph, run custom queries against graph data or logs, and generate reports and dashboards powered by Elastic — giving teams unmatched flexibility to analyze identity risk.
Enterprise Ready
Saporo is built for the enterprise, with the security, governance, and access controls large organizations expect.
Security and governance by design
Identity security solutions must themselves meet the highest standards. Saporo includes enterprise-grade features like role-based access, SSO, MFA, and full audit logging to ensure the platform is as secure and compliant as the environments it protects.