Road to Gold – with Champion Windsurfer Tom Reuveny
Olympic Gold medalist Tom Reuveny was joined by our CEO Amiram Shachar at the beach for an inspiring conversation just before they headed out to surf – or as we like to say, go Upwind. Tom shared the story behind his journey to gold: the discipline, resilience, and relentless drive it took to reach the […]

A New Era of Cloud Risk Detection: Custom Posture Rules & Frameworks in Upwind
Cloud environments continue to grow in complexity—and with them, the risk surface expands. CISOs and security leaders are now contending with an increasing volume of posture alerts, many of which fail to account for real-world exploitability. Traditional posture frameworks, while rooted in best practices, often fail to prioritize real risks. They evaluate risk by individual […]

Upwind Inventory 2.0: Discover, Query, and Enforce with Runtime Context
Today, we’re introducing one of the most important upgrades we’ve ever made to the Upwind platform – designed to solve a persistent problem for security teams: connecting inventory data with real-time enforcement and meaningful policy impact. This release brings a new level of enhanced inventory management that redefines how security teams discover, query, and enforce […]

io_uring: Linux Performance Boost or Security Headache?
The Linux kernel is constantly evolving, and one of the significant additions in recent years is io_uring. Introduced in kernel 5.1 (2019), it’s designed to dramatically speed up input/output (I/O) operations. But as with many powerful tools, it brings new security considerations. Let’s break down what io_uring is, the risks it presents, and how to […]

Upwind Acquires Nyx to Redefine Application Runtime Security
Today, I’m excited to announce that Upwind has acquired Nyx Security, a breakthrough startup specializing in real-time application-layer threat detection. This marks Upwind’s first acquisition – and a major leap forward in delivering end-to-end cloud security across both the infrastructure and the applications running on top of it. Application-Layer Runtime Changes Everything Runtime threats are […]

Upwind Integrates with your Existing DevSecOps Workflow – Here’s How
Too many security tools create friction – forcing you to choose between speed and safety, or bolting on yet another dashboard. Integrating security tools shouldn’t slow you down; it should make your pipeline smarter, faster, and safer. Upwind is designed to seamlessly integrate into your existing DevSecOps workflow, enhancing visibility and control without disrupting your […]

Upwind Delivers Faster Time-To-Value for CIS GKE
Upwind helps you achieve faster time-to-value on Google Kubernetes Engine (GKE) by continuously monitoring workloads, detecting threats in real time, and enforcing posture and compliance through frameworks such as Center for Internet Security Google Kubernetes Engine benchmarks (CIS GKE). Our support enables you to achieve faster time-to-value with the CIS GKE benchmark by utilizing the […]

Unpacking the Security Risks of Model Context Protocol (MCP) Servers
Modern AI systems, especially large language models (LLMs), are no longer isolated engines responding to static inputs. They’re evolving into intelligent agents, copilots, and autonomous systems that interact with their environment, reason over external data, and adapt in real time. But there’s a fundamental problem: LLMs are powerful, but they don’t know anything outside of […]

CVE-2025-32433: Critical Erlang/OTP SSH Vulnerability (CVSS 10)
On April 16, 2025, a critical remote code execution (RCE) vulnerability in Erlang’s SSH library was publicly disclosed. Tracked as CVE-2025-32433, this vulnerability received the maximum possible CVSS score of 10.0, signaling how severe and exploitable it is, especially in environments relying on Erlang/OTP for SSH access. Overview What is CVE-2025-32433? Discovered by researchers at […]

Achieve Deeper Runtime Threat Investigation with Upwind Detection Logs
Imagine a threat appears, vanishes, and then reappears two days later – same process, slightly different path. Without the right visibility, you’d treat it like a new incident each time. But with Upwind Detection Logs, you get the historical context to see the full picture. Upwind provides deep runtime visibility and security across all environments, […]