Upwind Pursues FedRAMP Certification to Power Trusted Federal Cloud Solutions
Upwind is advancing federal cloud security with the pursuit of FedRAMP Moderate Equivalency, in partnership with Coalfire, the leading FedRAMP advisor and assessor. This milestone clears the way for the enterprises, integrators, and software vendors that serve government agencies to deliver live runtime protection with the compliance assurances their customers demand. By working with Coalfire […]
Upwind Accelerates Time-to-Value for NIST Compliance
We’re excited to announce that Upwind now supports the NIST Cybersecurity Framework, giving organizations a faster and more effective path to achieving compliance across their environments. With this release, all Upwind customers can map their entire cloud and containerized infrastructure to NIST controls in a single day, gaining instant visibility into alignment, gaps, and risk. […]
Upwind Named to Fortune’s Cyber 60 for 2025-26
We’re thrilled to announce that Upwind has once again earned a spot on the prestigious Cyber 60 list, the definitive ranking of the 60 fastest-growing cybersecurity companies worldwide, compiled by Lightspeed Venture Partners in partnership with Fortune and AWS. This list recognizes the 60 fastest-growing cybersecurity startups, highlighting our commitment to innovation and delivering an […]
Reinventing CSPM with Dynamic Testing of Security Risks
In modern cloud environments, risk moves between developers pushing new code, operations managing infrastructure, and security teams overseeing the broader threat landscape. In addition to the shared risk and collaboration challenges, teams are also often inundated with thousands of configuration alerts on a daily basis, making it difficult to prioritize truly critical risks with evidence […]
Accelerate Vulnerability Investigations with Visual Contextualized Queries
Modern cloud environments generate a constant stream of vulnerability information across thousands of assets, frameworks, and packages. While filters are essential to navigate this data, they can quickly become overwhelming as environments grow. Upwind’s new Investigate tab introduces a more efficient and guided way to explore vulnerabilities. Instead of relying on long lists of filters, […]
Upwind Recognized as a Cloud Security & CADR Leader in the 2025 Latio Cloud Security Market Report
We are excited to announce that Upwind has been recognized by Latio as a leader in both Cloud Security and Cloud Application Detection and Response (CADR) in the newly released 2025 Latio Cloud Security Market Report. In this report, analyst James Berthoty highlights how the cloud security landscape is rapidly evolving beyond traditional CNAPP models, […]
Redis, Lua, and the Dangers In-Between
On October 3rd, Redis published an advisory for a critical vulnerability in its Lua engine that could lead from a memory leak to remote code execution. It was initially, and surprisingly, assigned a CVSS 3.1 score of 10.0. While the score has since been debated and adjusted, the core issue remains: an attacker with privileges […]
The Cloud Security Maturity Journey
Cloud adoption has redefined how organizations innovate and scale. But with agility comes complexity, and with complexity, risk. Security leaders are tasked not only with defending modern architectures but also with proving that security enables innovation rather than slowing it down. The Cloud Security Journey frames cloud security maturity as a progression through three stages: […]
Securing the Full Application Lifecycle with Upwind and OX Security
In today’s fast-paced development environments, the speed of software delivery has outpaced traditional security workflows. APIs are often published before they’re reviewed, cloud resources are deployed via automation, and new vulnerabilities emerge in runtime that never existed in dev or staging. It’s estimated that over 50% of data breaches by 2025 will originate from unprotected […]
npm Supply Chain Attack: Massive Compromise of debug, chalk, and 16 Other Packages
On September 8, 2025, one of the largest npm supply chain incidents in recent history unfolded. Popular libraries like debug and chalk along with 16 other utilities were hijacked and pushed to npm with malicious code targeting cryptocurrency wallets and blockchain transactions. These packages collectively have billions of weekly downloads, making this compromise both widespread […]
