Today, we’re excited to announce expanded configuration override settings, a new set of capabilities that give teams greater control over how configuration risk is prioritized. With support for rule-level severity overrides and in-platform commenting, teams can now apply context and collaborate directly where risk decisions are made. Earlier this year, we introduced Upwind’s Open Source Security model, along […]

Today, we’re excited to announce the general availability of Upwind’s new End of Life (EOL)  and End of Support (EOS) Visibility, now accessible to all customers and POCs. This feature brings clarity to lifecycle risk across cloud environments and represents a meaningful advancement in strengthening operational resilience. Importantly, this capability was shaped directly by customer […]

Today, we’re excited to introduce GitLab Automated Repository Scanning, a major upgrade to Upwind’s Shift-Left security capabilities that brings automatic, real-time scanning directly into the GitLab merge request workflows. With this new capability, every merge request across all your GitLab repositories is scanned the moment it’s opened, without requiring developers to modify CI/CD pipelines or […]

We’re excited to share that EPSS (Exploit Prediction Scoring System) scoring is now available in Upwind’s Vulnerability Management module. This brings data-driven exploit likelihood insights directly into your vulnerability workflows, helping teams prioritize remediation based on real-world risk rather than theoretical severity alone. What Is EPSS? Security teams face thousands of vulnerabilities each week. The […]

Today, we’re excited to announce the private preview release of The Upwind Tracer for AWS Lambda Functions, bringing serverless-native runtime security and observability to your Lambda workloads. As teams continue to adopt and evaluate AWS Lambda for event-driven application architectures, it remains important to verify that its benefits – such as automatic scaling, minimal infrastructure […]

We’re excited to announce a major expansion of the Upwind Platform: API Security is now fully available for AWS Fargate workloads. With this update, customers gain the same deep API discovery, behavioral insight, and layer 7 visibility for Fargate that Upwind already delivers across Kubernetes, VMs, and other cloud compute environments. As organizations shift toward […]

We are excited to announce a major expansion of the Upwind Runtime Attack Surface Management. This release extends support for GCP and Azure resources, bringing true multi-cloud parity while deepening AWS support with expanded support for AWS Lambda, SNS, Elasticache, and Redis. Beyond coverage, we are introducing Deep Data Scanning – a new ASM playbook […]

Cloud risks arise across multiple layers and dimensions: (1) infrastructure such as compute, networks, storage, and identities; (2) applications and their API or service-to-service communications; and (3) the dependencies that link them together, including vulnerabilities, secrets, and sensitive data flows.  Upwind’s Graph Inventory overlays cloud assets, configurations, SBOMs, runtime sensor & cloud activity logs signals, […]

Artificial intelligence is rapidly transforming the enterprise landscape, powering everything from autonomous agents to large-scale LLM applications. However, as organizations adopt AI infrastructure at scale, they face an urgent challenge: ensuring the integrity, safety, and trustworthiness of their AI operations in the face of increasingly sophisticated cyber threats. Moreover, a new set of threats comes […]

Today, we’re expanding the Upwind CNAPP with Upwind AI, a set of tightly integrated capabilities that take AI security far beyond configuration checks or endpoint monitoring. As AI becomes embedded in every layer of cloud infrastructure, security teams need a way to understand not just where AI is running, but how it behaves, what it […]