RSS for Slack
PCI DSS
Product

Upwind Modernizes PCI-DSS for Cloud-Native Security

We’re introducing the Upwind Framework for PCI-DSS to help organizations meet one of the most widely adopted security standards. This release is part of Upwind’s broader mission to make compliance continuous and directly tied to runtime environments. In this blog, we will explain what PCI-DSS is and why it matters, highlight the growing challenges of […]

Configurations Dashboard
Product

Streamline Compliance & Auditing with Upwind’s Configurations Dashboard

If you’re responsible for cloud security and compliance, you know the drill. Misconfigurations pile up across environments, frameworks keep updating, and leadership wants to see progress – all while your team is already stretched thin. The stakes are high. A single overlooked configuration can lead to major gaps in compliance, or worse, leave sensitive data […]

Cloud_Migration_Journey-PTA
White Paper

The Cloud Security Maturity Journey

Cloud adoption has redefined how organizations innovate and scale. But with agility comes complexity, and with complexity, risk. Security leaders are tasked not only with defending modern architectures but also with proving that security enables innovation rather than slowing it down. The Cloud Security Journey frames cloud security maturity as a progression through three stages: […]

Threat Dashboard
Product

Introducing Upwind’s New Threat Dashboard: Simplifying Complexity to Drive Action

Today, we’re excited to announce the release of the enhanced Upwind Threat Dashboard, part of our ongoing commitment to continuously improving how we help security teams protect their environments. Threat landscapes are evolving rapidly, and so are we. This upgrade builds on what customers already rely on, introducing powerful new capabilities that make it easier […]

npm shai hulud worm escalation
Research

npm Supply Chain Attack: Shai Hulud Worm Escalates August Nx Compromise

On September 16, 2025, a large-scale npm supply chain attack was discovered, which seems to be linked to the same threat actors behind the August 27 Nx compromise (under ongoing investigation). Dubbed Shai Hulud, this self-propagating worm has infected nearly 40 npm packages, including several from CrowdStrike, by harvesting secrets from CI/CD pipelines and cloud […]

Severless framework
Product

A New Standard for Serverless Security: The Upwind Serverless Framework

Today, we’re introducing the Upwind Serverless Framework, a new runtime-first compliance framework purpose-built for serverless environments. Upwind has long provided runtime visibility into serverless workloads; this framework builds on that foundation by aligning real-time behavior with compliance controls, making it easier to detect misconfigurations, enforce least privilege, and surface risks that matter. It helps security […]

murky-panda
Product, Research

MURKY PANDA and the Blind Spot in Modern Cloud Security

August 21, 2025 – CrowdStrike disclosed ongoing activity by MURKY PANDA, a state-aligned Chinese espionage group purpose-built for the cloud. Unlike many threat actors who adapt legacy tactics, MURKY PANDA designs operations around cloud-native infrastructure from the ground up. Their latest campaign combines a Linux malware strain, a Commvault zero-day exploit, and identity abuse in Microsoft […]

Upwind-OX
Product

Securing the Full Application Lifecycle with Upwind and OX Security

In today’s fast-paced development environments, the speed of software delivery has outpaced traditional security workflows. APIs are often published before they’re reviewed, cloud resources are deployed via automation, and new vulnerabilities emerge in runtime that never existed in dev or staging. It’s estimated that over 50% of data breaches by 2025 will originate from unprotected […]

Add the Upwind RSS Feed to Slack

Connect the Upwind RSS Feed to your Slack.
Follow the how-to here.