Saporo is an identity security platform that uses graph-based analysis to map identities, permissions, and relationships across hybrid environments. The platform consolidates Active Directory, Entra ID, ADCS, Okta, AWS IAM, and other identity systems into a unified graph model. The graph engine calculates attack paths by identifying chains of permissions that can be exploited for lateral movement or privilege escalation. It automatically identifies chokepoints - accounts, groups, or resources that appear in multiple attack paths - enabling teams to remediate clusters of risk with targeted fixes. The platform detects misconfigurations aligned with ANSSI, MITRE, ISO, and Microsoft best practices. It identifies unused permissions, tiering exposures that violate Microsoft's Tier Model, and hidden privilege inheritance including shadow admins and AdminSDHolder persistence. Saporo provides continuous posture monitoring with resistance scores that quantify risk across attack paths and misconfigurations. It tracks baseline drift, collects logs from AD, domain controllers, and Azure to monitor permission changes, and provides trend dashboards for measuring hardening progress. The platform includes impact simulation capabilities that preview how permission removals or account changes affect attack paths before implementation. It supports enterprise-scale deployments processing millions of identities, permissions, and relationships with real-time responsiveness. Coverage extends across Active Directory forests, ADCS, SMB shares, Azure, Entra ID, M365, Okta, and AWS IAM. The platform provides AI-assisted remediation recommendations for addressing identified risks.