Key Takeaways A few weeks ago, Mira Murati’s lab, Thinking Machines, put out a research preview of something they’re calling interaction models. If you haven’t seen it, it’s worth your time. This is a serious effort from serious people, the…

Key Takeaways Most organizations believe they have AI governance because they have policies, risk classifications, even responsible AI principles documented and approved. What they do not have, in most cases, is the ability to answer a basic question: what is…

As a design team, we spend a lot of time watching where users slow down, where they hesitate, and where the product makes them work harder than it should. In cloud security, one pattern shows up again and again: A…

Today, we are excited to announce the Upwind AI Sensor for Endpoints! In the world we’ve known until now, the threat model was familiar. A developer accidentally commits a secret to a repository. A DevOps engineer exposes sensitive data to…

Cloud security teams do not have a visibility problem anymore. They have a context problem. Modern cloud environments generate endless findings across vulnerabilities, identities, APIs, data, configurations, threats, workloads, and exposure. The challenge is not just knowing what exists. It…

It’s probably no shocker that most of the code shipping into production this year wasn’t written by a person. The real question isn’t whether it’s any good, but who’s watching what it does once it’s running, because no human ever…

We’re excited to announce Upwind Attack Surface Management (ASM), a new way for security teams to discover unknown attack surfaces, understand risk exposure, and prioritize the issues that matter most. Security teams have spent years improving visibility across their environments….

The moment an attacker initiates access to your network, evidence starts to appear, and in that moment, detections start to fire. That’s the moment you just start the hard part of investigating and discovering the true attack chain. Our goal…

Executive Summary On June 17 2026, a coordinated supply chain attack pushed a malicious easy-day-js package into the dependency tree of the entire @mastra/* npm organization. Any npm install for a compromised @mastra/* package pulls [email protected], which runs a postinstall…

In surfing, the lineup is where it all starts. It’s the place where surfers seize the next big wave, together! It’s where experience meets timing. Where trust, respect, and awareness matter as much as skill. That idea is exactly what…