Introducing Upwind’s New Threat Dashboard: Simplifying Complexity to Drive Action

Today, we’re excited to announce the release of the enhanced Upwind Threat Dashboard, part of our ongoing commitment to continuously improving how we help security teams protect their environments. Threat landscapes are evolving rapidly, and so are we. This upgrade builds on what customers already rely on, introducing powerful new capabilities that make it easier […]
A New Standard for Serverless Security: The Upwind Serverless Framework

Today, we’re introducing the Upwind Serverless Framework, a new runtime-first compliance framework purpose-built for serverless environments. Upwind has long provided runtime visibility into serverless workloads; this framework builds on that foundation by aligning real-time behavior with compliance controls, making it easier to detect misconfigurations, enforce least privilege, and surface risks that matter. It helps security […]
MURKY PANDA and the Blind Spot in Modern Cloud Security

August 21, 2025 – CrowdStrike disclosed ongoing activity by MURKY PANDA, a state-aligned Chinese espionage group purpose-built for the cloud. Unlike many threat actors who adapt legacy tactics, MURKY PANDA designs operations around cloud-native infrastructure from the ground up. Their latest campaign combines a Linux malware strain, a Commvault zero-day exploit, and identity abuse in Microsoft […]
Proactively Reduce API Risks with Upwind’s API Vulnerability Testing

APIs are the foundation of modern software. From mobile apps to cloud-native platforms, they allow services to communicate, scale, and deliver value quickly. In fact, more than 70% of all internet traffic flows through APIs today, which makes them both essential and high-risk. But as APIs have become more critical, they’ve also become one of […]
Adjustable Vulnerability SLAs: Faster, Smarter Remediation

In the cloud, time is always against you. Every moment a critical vulnerability lingers unpatched is an opening for attackers. Security scans often surface hundreds, or even thousands, of findings at once, assigning SLAs (Service Level Agreements) based on outdated or irrelevant information. For most teams, this means hours lost triaging findings instead of closing […]
Upwind Delivers Faster Time-To-Value for CIS AKS

We’re excited to announce that Upwind now supports the Center for Internet Security (CIS) benchmark for Azure Kubernetes Service (AKS), helping security and compliance teams move faster with ongoing posture checks, active threat detection, and automated enforcement. With this release, customers can apply the same runtime-aware compliance capabilities already used across frameworks such as HIPAA, […]
Consolidate Cloud Security Tools with API and Infrastructure Protection

Most cloud security platforms are built on static assumptions – scanning code, configs, and assets to guess where risk might exist. At Upwind, we took a fundamentally different approach: we built our platform on runtime. By capturing real-time signals directly from the kernel, Upwind delivers deep, continuous visibility into how workloads, APIs, identities, and data actually […]
Runtime Security in Minutes: Upwind’s New Sensor Installation Experience

One of Upwind’s core advantages begins the moment runtime data is collected. That’s the moment teams stop guessing and start securing based on what’s actually happening in their clusters. From there, they gain meaningful visibility into workload behavior, identify real risks, and apply security policies based on observed activity rather than assumptions. To help teams […]
Visibility That Drives Action: Evolving the Upwind Home Dashboard

In cloud security, visibility without prioritization creates noise – and that’s why ever aspect of our product is designed to bring actionable value. For this reason, we are excited to announce enhancements to the the Upwind Home Dashboard, making it even easier to immediately understand the state of an environment and which security findings should […]
Secure Data in Rest and Transit with Upwind’s Runtime-Powered Data Security Posture Framework

Sensitive data is the crown jewel of every organization and the primary target for attackers. But in modern cloud environments, it’s increasingly difficult to answer key questions, like, “Where is our data? How is it used? What’s putting it at risk?” Consider the example shown below – an organization has security tooling in place, but […]