We are excited to announce a significant enhancement to Upwind’s vulnerability management capabilities – prioritization of vulnerabilities based on highly privileged identities and sensitive data context. Upwind has always deeply prioritized vulnerabilities based on real-world context, correlating them with CI/CD and DevOps context to provide end-to-end visibility and protection.
With this latest enhancement, Upwind now also prioritizes vulnerabilities with added context regarding whether highly privileged human and non-human identities have access to the vulnerable resource or if it contains sensitive data.
Runtime-Powered Vulnerability Management
Upwind provides granular data on sensitive data and highly privileged identities in your environment, leveraging this context to proactively prioritize vulnerabilities based on real-world risk factor. For example, Upwind identifies and prioritizes:
- Resources with vulnerabilities that also contain sensitive data, including:
- PHI data: patient information, medical records & insurance information
- PII data: SSNs, IDs and emails
- PCI data: credit cards and billing information
- Highly-privileged identities that have access to resources with vulnerabilities, including:
- Cloud IAM High-Privilege Roles
- Kubernetes High-Privilege Roles
- Kubernetes Security Context
- Pivot to Cloud – K8s Resources with Cloud Permissions
Upwind then leverages the above context to intelligently prioritize your most critical vulnerabilities, pairing it with additional runtime context including:
- If a package with a vulnerability is in-use and actively loaded into memory
- If the vulnerability is on a resource that actively receives internet ingress or egress
- If there is a known exploit for the vulnerability and if there is a fix available
By using this intelligent filtering, Upwind reduces alert noise by about 95 percent, based on our benchmarking of real-world customer environments. This ensures you can focus on the vulnerabilities that pose a real risk to your business while minimizing distractions from low-priority alerts. This empowers you to:
- Prioritize Real Risk: Upwind leverages runtime insights to identify which packages are in use, internet-facing and exploitable, helping you focus on real risk.
- Unify DevSecOps: Receive built-in DevOps context with every finding, including image version details and insights into CVE diffs.
- Reduce Time to Remediation: Identify packages within your environment and their dependencies with our runtime software bill of materials (SBOM). Streamline remediation efforts and easily search for packages by framework, package manager and how many resources use each package.
- Streamline Investigations: Integrates with your CI/CD pipelines, including Jenkins, GitHub Actions, Circle CI and GitLab, to automatically receive information on developer actions that led to code changes and resulting vulnerabilities. Streamline your investigations and identify the root cause of problems with every finding.
Use Upwind’s prioritized vulnerability management to streamline your vulnerability management practice – going beyond traditional vulnerability scanning by leveraging real-time runtime insights to filter out irrelevant alerts, reduce investigation times, and accelerate remediation efforts. To learn more about how Upwind can transform your vulnerability management practice, schedule a demo.
