Saporo AD Hardening is a security platform that provides visibility and hardening capabilities for Active Directory environments. The tool maps Active Directory as a graph structure, covering standard and exploitable permissions, AD objects, SMB shares, and Active Directory Certificate Services (ADCS) including templates and enrollment abuse scenarios. The platform offers dual graph perspectives: an Access Graph that maps permissions across AD, ADCS, and SMB shares, and an Attack Graph that models how misconfigurations and permissions chain into compromise paths. It identifies chokepoints where single remediation steps can eliminate multiple attack paths and simulates different attack types including ransomware and DC sync. Saporo includes over 200 mapped controls aligned to ANSSI AD hardening guidelines, ISO 27001, and MITRE ATT&CK framework. The tool prioritizes misconfigurations based on propagation risk and exposure of high-value targets, providing detailed remediation recommendations with optional AI-assisted support. The platform continuously monitors AD environments for changes and drift, tracking modifications across AD, ADCS, and SMB shares. It includes 50+ custom rules to monitor suspicious changes via Active Directory and Domain Controller logs, with configurable alert thresholds for abnormal or high-risk activity. Changes are linked back to security posture scores to show real-time impact. Saporo detects excessive privileges, unused administrator accounts, dangerous delegation paths, trust relationships, weak GPOs, OUs, certificate templates, and hidden attack paths to Domain Admins and other high-value targets.