Modern cloud-native environments offer unprecedented speed, scalability, and developer agility – but they also introduce complexity that traditional security tools struggle to manage. Containers spin up and down in seconds, microservices multiply rapidly, and infrastructure changes dynamically. Static logs and agent-based security solutions simply can’t keep up. That’s where eBPF comes in –  and why […]

At Upwind Security, we’re excited to bring a new kind of CNAPP to life – one that puts APIs and applications at the center of cloud defense. APIs have become the backbone of modern cloud-native architectures, yet they remain one of the most overlooked and exploited entry points. It’s not just a future concern; it’s […]

Overview: CVE-2025-23266 is a container‑escape vulnerability (CVSS 9.0) affecting the NVIDIA Container Toolkit and GPU Operator. While this vulnerability requires multiple specific conditions, it has the potential to allow a malicious container image to escape its sandbox and execute code as root on the host. NVIDIA has released patched versions of both components. Upgrading to Toolkit v1.17.8  and  GPU Operator 25.3.1 […]

As organizations continue to scale their cloud-native applications across multi-cloud and hybrid-cloud environments, the complexity of threat detection has reached a new high. Traditional, signature-based approaches are no longer sufficient – they often fail to catch modern attacks that unfold subtly across layers of infrastructure and identity. Upwind introduces a powerful new approach to cloud […]

Kubernetes, often called K8s, is revolutionizing how organizations deploy and manage containerized applications. Originally developed by Google and now open-source, Kubernetes has become a standard for orchestrating containers across on-premises, hybrid-cloud, and public cloud environments. But with this increased flexibility and scalability comes a new range of security challenges that require thoughtful, proactive solutions. In […]

As software delivery accelerates with cloud-native architectures and AI-driven development, security must evolve to match the speed and complexity of modern engineering. That’s why Upwind, the runtime-first CNAPP, and Legit Security, a leader in Application Security Posture Management (ASPM), are partnering to provide end-to-end, code-to-cloud protection that combines deep runtime context with secure software development. […]

Keeping open source container images up to date and secure is hard. Teams face long, noisy lists of available updates and often can’t tell which are relevant or risky. Upwind helps by showing what’s actually running in your environment and giving clear, context-based recommendations. The Open Source Security Challenge Most containerized environments rely heavily on […]

Upwind now offers Data Security features and context that simplify compliance, improve visibility, and protect sensitive data across your cloud environments.  These capabilities continuously monitor and enable data security across multi-cloud storage – supporting automated discovery, visibility, and compliance from a single platform. Key capabilities include: These new capabilities mark a significant advancement for security […]

A critical vulnerability in sudo (Changelog v1.9.14–1.9.17) allows local users to gain root access via the –chroot (-R) option. This flaw carries a CVSS 3.1 score of 9.3 (Critical). Affected Versions Platform Coverage Why This Matters This flaw originates from a change introduced in sudo 1.9.14. Path resolution began occurring within the chroot environment before the […]

This year at AWS re:Inforce, Upwind CSO Rinki Sethi and Alteryx CISO Lucas Moody explored how leading CISOs approach cloud security strategically. This talk highlights key considerations, common pitfalls, and proven practices for securing cloud environments, helping CISOs walk away with actionable insights from industry veterans to elevate their organization’s security posture