Upwind in Action: Rivery

Industry: Data Management


  • Rivery’s previous static threat detection tools did not give real-time visibility.

  • Noisy tools overwhelmed Rivery with too many vulnerability and misconfiguration alerts without clear prioritization insights.

  • Rivery needed to find a unified solution that would give them 24/7 service and reduce the load on their security team.


  • Upwind’s runtime threat detection allows Rivery to meet compliance requirements and respond to malicious actors in real time.
  • Upwind’s prioritized vulnerability management filters vulnerabilities based on criticality with runtime insights, allowing Rivery to understand what they need 
to fix first.
  • Upwind’s MDR service gives Rivery 24/7 protection, allowing them to focus on the things that matter most to their organization while remaining secure.

Rivery is a data integration platform for modern data teams. Rivery leverages Upwind’s CNAPP for a number of use cases including real-time threat detection and response, network visibility and vulnerability management.

Ensure Compliance with Real-Time Network Visibility

Prior to using Upwind, Rivery relied on a log-based cloud security approach, which required them to send logs to their SOC provider. Rivery’s infra spans across multiple regions internationally, and they needed to have a solution that could provide runtime data for compliance purposes. 

Rivery also uses a multi-architecture approach, including Kubernetes clusters and traditional scaling groups, and their security team needed a tool that would help their visibility expand beyond their team size. Utilizing Upwind’s runtime insights and topology map, Rivery has been able to expand their security team’s capabilities with increased network visibility and access controls, real-time Internet exposure and potential risks including malwares running in their environment. This increased real-time visibility allows them to remain GDPR compliant and ensure that their assets aren’t communicating with noncompliant entities.

“The entire process using Upwind was incredibly simple. Within minutes of deployment, we already had 24/7 eyes on our infra with Upwind’s MDR service.”

Moving from Static to Real-Time Threat Detection

In addition to seeing network traffic in real time, Upwind’s topology map allows Rivery to proactively hunt for threats and view malicious processes that are running in their environment as they occur. This ability to instantaneously view threats and respond to them is crucial for Rivery and allows them to ensure that their data and assets remain safe, in real time.

Upwind gives Rivery the ability to detect and respond to threats in real time across their entire infrastructure, including AWS EC2 and EKS, as well as proactively monitor for any suspicious activity. Upwind’s real-time network topology map gives Rivery the ability to monitor traffic end-to-end, including across AWS services such as ElastiCache, S3 and DynamoDB, and helps their team to identify any potential threats and proactively address them. By using both AWS and Upwind, Rivery is able to remain agile – building and scaling quickly in EC2 and EKS, while monitoring traffic in real-time across AWS infrastructure and services with Upwind. 

Managed Detection and Response in Minutes

Rivery’s data privacy and compliance protocols require 24/7 threat detection capabilities. Hiring an internal team to fulfill these requirements would have required Rivery to invest heavily in training a team and getting operations running. With Upwind, they were able to use Upwind’s MDR within minutes of deploying the platform. This allowed them to rapidly utilize an experienced MDR team and save their organization time and money, along with receiving additional DevOps context and a full lens view of their infrastructure.

“Upwind’s detailed threat detections provide us with all the context we need from our CI/CD pipeline, process trees and network topology- allowing us to increase our time to resolution 
by 7x.”

Improved Time to Resolution with CI/CD Context

In addition to real-time threat detection and response, Upwind’s ability to provide detailed context with every detection allows Rivery to immediately understand the root cause of threats and vulnerabilities, going as far as identifying the developer who introduced the vulnerability. Upwind’s leverages eBPF-powered runtime context, as well as data from CloudTrail, IAM, and Identity Center, pairing it with CI/CD pipeline context, process trees and network topology to enable Rivery to rapidly understand the cause of detections and cut their time to resolution by 7x.

Make Cloud Security Simple.