Seamlessly Protect Infrastructure and Applications on Microsoft Azure with Upwind
The Upwind Cloud Security Platform provides comprehensive protection for infrastructure and applications across any cloud environments, including Microsoft Azure. This includes protection for Azure assets, infrastructure and applications within every capability of the Upwind platform, including: “Upwind seamlessly protects our Azure environment, making it easy to understand our most critical cloud security posture findings, automatically […]
Analyzing the Latest CUPS RCE Vulnerability: Threats and Mitigations
Remote Code Execution (RCE) in CUPS via ‘cups-browsed’ CUPS (Common Unix Printing System) is a popular printing system for Unix-like systems, with cups-browsed responsible for printer discovery and network browsing. A recent vulnerability in cups-browsed allows Remote Code Execution (RCE) through manipulated printer discovery responses. This vulnerability is caused by insufficient input validation on UDP […]
Critical 9.9 Linux Bug Exposes Containers, Hosts and Endpoints to Remote Code Execution (RCE) Exploits
Several critical Linux vulnerabilities have been declared, involving a bug in CUPS, the Common UNIX Printing System. All versions of Red Hat Enterprise Linux (RHEL) are among the Linux distributions affected, but not in default configuration. There are four vulnerabilities that have been identified and allocated the following CVEs – CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 and CVE-2024-47177. […]
Cloud Heist: How Hackers Lock Accounts and Drain Wallets
Cloud environments have changed how organizations manage their infrastructure, offering flexibility and scalability. But these benefits also bring new risks, and even small mistakes in cloud security can have serious consequences. For example, Google Cloud once accidentally deleted data from a $125 billion Australian pension fund due to a simple configuration error. Although this wasn’t […]
Intelligently Utilize Upwind Findings in Your DevSecOps Workflow
We are excited to introduce a new capability, allowing you to seamlessly export Upwind findings into your existing DevSecOps workflows. With this new capability, you can now export Upwind findings into your existing organizational workflow by using a custom webhook to integrate with third-party tooling such as an external SIEM (security information and event management) […]
Easily Identify Internet-Exposed Resources with Upwind’s External Exposure Dashboard
We are excited to announce an exciting new capability for the Upwind Platform – our External Exposure Dashboard. This new dashboard automatically highlights where you are vulnerable and at risk due to your exposure to the Internet, including via exposed assets, open management ports, serverless functions, databases, and object storage. Upwind’s External Exposure Dashboard enables […]
Upwind Named in Top CNAPP Vendors
This week, Upwind was named as the Fastest Growing AppSec Company in the IT-Harvest Cyber 150 by analyst Richard Stiennon, and also received an Innovator Spotlight in Cyber Defense Magazine. Analysts James Berthoty of Latio Tech and Francis Odum of Software Analyst Research also listed Upwind as a leading CNAPP, acknowledging the need for Upwind’s […]
Ask a CPO: Episode 1
Upwind CPO Joshua Burgin discusses how Upwind uses runtime to build a next-generation cloud security platform.
Jenkins Agents Remote Code Execution Vulnerability (CVE-2024-43044)
A critical remote code execution (RCE) vulnerability, identified as CVE-2024-43044, has been discovered in Jenkins, one of the most widely used automation servers. The vulnerability resides in the ClassLoaderProxy#fetchJar method and could allow attackers to compromise Jenkins environments by exploiting unrestricted file path requests from agents to the Jenkins controller. Understanding CVE-2024-43044 CVE-2024-43044 is a […]
Automatically Discover Resource Connections & Behaviors with Upwind’s Orbital View
We are excited to announce Upwind Orbital View – an easy, new way to visualize your most important resource information through holistic inventory mapping and dynamic network analysis, helping you rapidly understand your resources’ behavior and risks. The Upwind Orbital View can be found in the Resource Overview section of the Upwind Topology Map, giving […]