RSS for Slack
Product

Connect the Dots for Security Findings with Upwind’s Issue Stories

We are excited to announce the release of Upwind’s “Issue Stories” – a GenAI-based capability designed to address the challenge of connecting the dots between seemingly isolated security findings.

By providing a unified narrative that consolidates and contextualizes events Upwind has determined to be related, Issue Stories enhance the comprehensiveness of our existing Issue types (toxic combinations of threats, vulnerabilities, exposed secrets & posture misconfigurations).

Issue Stories act as incident summaries, consolidating detections, vulnerabilities, and SSH login activity. This unified perspective offers a deeper understanding of security events by detailing the sequence of events, their implications, and their impact within a single narrative. Attacks often begin with subtle reconnaissance actions that might be tagged as separate events. With Issue Stories, these events are contextualized as part of the full attack sequence, allowing for a clearer picture of how an incident unfolds. 

Issue Stories transform security investigations by addressing alert fatigue, providing context, and enabling timely responses. By consolidating relevant data points into a clear narrative, Issue Stories allow teams to focus on the bigger picture and prioritize threats more effectively. They detail the sequence of events, including vulnerabilities, detections, and login activity, giving a deeper understanding of the “why” behind an event. This comprehensive view streamlines investigations, allowing for faster and more efficient threat responses.

“Upwind Issue Stories has drastically reduced triage and investigation time by correlating runtime detections with audit logs and giving us end-to-end visibility. Understanding who did what, how, and when, at a single glance has been a major game-changer”

Dobromir Kosev, Security Engineer, Yotpo

Beneficial not only to security teams but also to developers and DevOps engineers, Issue Stories bridge the gaps between these domains, surfacing and contextualizing all relevant issues. This unified narrative enhances collaboration and strengthens the overall security posture.

To learn more about Upwind’s Issue Stories and risk prioritization, visit the Upwind Documentation Center (login required) or schedule a demo.

Read More
Company News

Upwind Achieves AWS Security Competency Status

June 10, 2024– Upwind announced today that it has achieved Amazon Web Services (AWS) Security Competency status. This designation recognizes that Upwind has successfully met AWS’s requirements for providing cyber security capabilities to AWS customers. The AWS Security Competency directly aligns common customer use cases to AWS Partner capabilities, accelerating positive security outcomes. The AWS […]

Company News

Inside Upwind: Give Us an Hour, and We’ll Show You What You’ve Been Missing

Here at Upwind, we love to hear from our customers, and one thing you’ve consistently requested is more “inside scoop” on what’s happening at Upwind and how we’re addressing emerging trends in cybersecurity. We loved this idea, so we’re launching “Inside Upwind”—a series of periodic updates from our senior executives, starting with this one from […]

Research

How Attackers Use Kubernetes for Reconnaissance

There has been a notable increase in Kubernetes-focused attacks in recent years with the growing adoption of Kubernetes in production environments. According to various reports from cybersecurity firms, Kubernetes vulnerabilities and misconfigurations have become a prime target for attackers, with a significant rise in the number of reported incidents. This highlights the importance of robust […]

Product

Automatically Identify Abnormal Resource Behavior with Upwind’s Security Baselines

We are excited to announce a powerful new capability –  the ability to view behavioral baselines for resources in your cloud environment, which we refer to as “security baselines.” The Upwind Cloud Security Platform continuously monitors your application’s behavior over hours, days and weeks to build baseline models of normal and abnormal activity. This deep, […]

Product

Proactively Protect Your Kubernetes with Upwind’s Non-Human Identity Security

We recently announced the release of Upwind’s Identity Security, designed to provide real-time protection for human and non-human identities with a comprehensive Cloud Identity Entitlement Management (CIEM) offering. In this blog post, we will dive deeper into Upwind’s protection for non-human identities (NHI), which provide machine-to-machine access and authentication within your software environment and cloud […]

Product

Prioritize & Eliminate Critical Risks with Upwind

Upwind brings a new approach that redefines the speed, visibility and actionability of cloud security, cutting 95% of alert noise to help you focus on your most critical risks.

The Upwind Cloud Security Platform gives you the ability to:

  • Instantly identify critical risks
  • Get to root causes 10x faster
  • Stop attacks in real time

Accelerate productivity and empower your Dev, Security, and DevOps teams to innovate within a secure & efficient environment.

To learn more about the Upwind Cloud Security Platform, visit the Upwind Documentation Center (login required) or schedule a demo.

Read More
Product

Detect Malicious File Activities 

We are excited to announce a significant new capability in the Upwind Cloud Security Platform – threat detections for malicious file-based activity. Upwind’s threat detection and response capabilities have always allowed customers to detect and respond to threats in real time, powered by our innovative eBPF-based sensor. With this new capability, Upwind’s threat detection capabilities […]

White Paper

Leveraging eBPF for DevSecOps

eBPF is a revolutionary technology, originating from the Linux kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring changing the kernel source code or loading kernel modules/extensions. Today, eBPF is used extensively to: eBPF-Enriched Context  eBPF is the base data layer that is needed in runtime cloud security. […]

Add the Upwind
RSS Feed to Slack

Connect the Upwind RSS Feed to your Slack.
Follow the how-to here.