From an idea in stealth to acquisition — the journey of NYX and the future with Upwind Fourteen months ago, my partner Gili Yankovitch and I started working on a bold idea: what if we could help security & appsec teams with better prioritization of their risks and detect not just what code should run, […]

Cloud-native infrastructure has become more dynamic and distributed, but application behavior at runtime remains one of the most overlooked aspects of cloud security. Attackers increasingly exploit logic flaws and runtime gaps that static analysis can’t catch. Following our acquisition of Nyx in April 2025, we’ve now fully integrated its technology into the Upwind platform. This […]

As enterprises race to integrate GenAI and AI-powered applications, security leaders are confronting a new class of threats. Traditional tools weren’t built for the dynamic, high-risk nature of AI workloads. AI workloads introduce new capabilities, along with new risks. They dramatically increase the cloud attack surface by running code that adapts in real time, often […]

Modern cloud-native environments offer unprecedented speed, scalability, and developer agility – but they also introduce complexity that traditional security tools struggle to manage. Containers spin up and down in seconds, microservices multiply rapidly, and infrastructure changes dynamically. Static logs and agent-based security solutions simply can’t keep up. That’s where eBPF comes in –  and why […]

At Upwind Security, we’re excited to bring a new kind of CNAPP to life – one that puts APIs and applications at the center of cloud defense. APIs have become the backbone of modern cloud-native architectures, yet they remain one of the most overlooked and exploited entry points. It’s not just a future concern; it’s […]

Overview: CVE-2025-23266 is a container‑escape vulnerability (CVSS 9.0) affecting the NVIDIA Container Toolkit and GPU Operator. While this vulnerability requires multiple specific conditions, it has the potential to allow a malicious container image to escape its sandbox and execute code as root on the host. NVIDIA has released patched versions of both components. Upgrading to Toolkit v1.17.8  and  GPU Operator 25.3.1 […]

As organizations continue to scale their cloud-native applications across multi-cloud and hybrid-cloud environments, the complexity of threat detection has reached a new high. Traditional, signature-based approaches are no longer sufficient – they often fail to catch modern attacks that unfold subtly across layers of infrastructure and identity. Upwind introduces a powerful new approach to cloud […]

Kubernetes, often called K8s, is revolutionizing how organizations deploy and manage containerized applications. Originally developed by Google and now open-source, Kubernetes has become a standard for orchestrating containers across on-premises, hybrid-cloud, and public cloud environments. But with this increased flexibility and scalability comes a new range of security challenges that require thoughtful, proactive solutions. In […]

As software delivery accelerates with cloud-native architectures and AI-driven development, security must evolve to match the speed and complexity of modern engineering. That’s why Upwind, the runtime-first CNAPP, and Legit Security, a leader in Application Security Posture Management (ASPM), are partnering to provide end-to-end, code-to-cloud protection that combines deep runtime context with secure software development. […]

Keeping open source container images up to date and secure is hard. Teams face long, noisy lists of available updates and often can’t tell which are relevant or risky. Upwind helps by showing what’s actually running in your environment and giving clear, context-based recommendations. The Open Source Security Challenge Most containerized environments rely heavily on […]