What Happened with the CrowdStrike Update?

A recent CrowdStrike Falcon sensor update has caused a massive Windows Blue Screen of Death (BSOD) outage. CrowdStrike offers endpoint protection and other services that are used on a widespread scale worldwide, and this sensor update issue is causing global issues. Impact There are widespread reports of BSOD error on Windows hosts, all of which […]

How Organizations Use Upwind’s File-Based Threat Monitoring

Upwind’s threat detection capabilities give you real-time protection against cloud attacks, including malicious file activities. Upwind’s lightweight, high-performance eBPF sensor goes beyond monitoring file activities to enrich that data with information about an event’s context and provide insights into the actions taken on the file, including read, write, and truncate (delete).  You can leverage this […]

Understanding Kubernetes Identities, Part 1

When it comes to Kubernetes, managing identities is pivotal for ensuring secure and efficient cluster operations. These identities can be human users or machines, each requiring specific permissions to perform their tasks. In our latest research, we have explored what Kubernetes identities are, the default identities, the permissions they can have, how to configure these […]

Upwind & H2O.ai Take the Stage at AWS Summit Tel Aviv

Upwind Field-CTO Tomer Hadassi and H2O.ai Cloud Engineering Manager Ophir Zahavi take the stage at AWS Summit Tel Aviv to discuss how Upwind empowers H2O.ai’s cloud security with runtime protection and build-time insights for end-to-end context and prioritized risk.

Monitor & Secure Cross-Account Roles with Upwind’s Non-Human Identity Security (NHI)

Upwind’s Non-Human Identity (NHI) Security streamlines your identity management and gives you the ability to easily view cross-account roles and their associated permissions. Cross-account roles are incredibly useful for organizations with multiple AWS accounts and permissions, but they can also be difficult to monitor and secure. Upwind helps solve this problem by providing increased visibility […]

Upwind Discovers New ArgoCD CVE-2024-37152 & Takes Over a Kubernetes Cluster

The Upwind research team is constantly monitoring the evolving threat landscape for emerging threats and vulnerabilities, and we recently discovered a new Unauthenticated Access vulnerability in ArgoCD – CVE-2024-37152. While this is only a moderate CVE, our research team found it as part of a toxic combination that included internet exposure. This combination permitted unauthorized […]

Power Your Cloud Security with Software Development Lifecycle (SDLC) Context

We are excited to introduce a new capability that enables you to bring-your-own version control system to the Upwind platform – which integrates rich context from pull requests and build-time activities directly into our cloud infrastructure security platform.  Upwind offers unprecedented end-to-end visibility of your cloud infrastructure and applications, marrying intelligence from both build time and […]

Upwind CPO Joshua Burgin Takes the Stage at AWS re:Inforce

Upwind CPO Joshua Burgin takes the stage at AWS re:Inforce to discuss the need for a modern approach to cloud security, bridging the gap between runtime and build time. Burgin explored how a runtime-powered security strategy empowers you with highly accurate risk prioritization, real-time threat detection & response, and more.

Upwind Co-Founder & CEO Amiram Shachar is Featured on the CyberBytes Podcast

Upwind Co-Founder and CEO Amiram Shachar recently joined Steffen Foley on the CyberBytes podcast. In the episode, they cover Amiram’s background, learning from the success of selling Spot.io, the problem Upwind is solving, what is runtime security, the future for Upwind and future trends in the CloudSec space.