Executive Summary On March 19-20, 2026, the Trivy supply chain incident impacted the trivy project and the GitHub Actions many teams rely on to install and run Trivy in CI/CD pipelines. Late Thursday night, Upwind’s MDR team observed observed anomalous Trivy activity inside a customer environment that deviated from established runtime baselines. The team identified […]

Amazon Bedrock is AWS’s managed platform for building generative AI applications using foundation models, agents, and Retrieval-Augmented Generation (RAG). It allows organizations to integrate powerful language models directly into their AWS environments, connecting probabilistic AI systems with deterministic cloud services such as IAM, S3, and Lambda. But for cloud security teams, this integration creates a […]

What started as a visibility problem has become something much more dynamic and urgent: understanding what is actually happening inside modern cloud environments, in real time. As infrastructure becomes more distributed, ephemeral, and increasingly shaped by AI, security teams need more than snapshots. They need context. They need precision. And they need answers that move […]

Executive Summary CrackArmor is a group of vulnerabilities affecting the Linux kernel AppArmor security module that allow local attackers to interfere with how AppArmor security profiles are managed and enforced. By abusing weaknesses in policy management and kernel profile parsing logic, an attacker with limited system access may weaken AppArmor protections or escalate privileges to […]

Cloud Security has changed Teams are moving faster, architectures are getting more dynamic, and the old way of securing cloud environments with disconnected tools and static findings is no longer enough. Security leaders need more than posture snapshots. They need real-time context, runtime intelligence, and the ability to focus on what is actually exploitable. That […]

As cloud environments expand, so does the volume of sensitive data stored within them. For security teams, it is no longer enough to know whether a bucket is public or a workload is vulnerable. They also need visibility into a more fundamental question: what sensitive data exists across their cloud assets, and how does its […]

Cloud security teams are being asked to do more than ever. They need to prove compliance against growing regulatory demands, reduce configuration risk, and keep cloud environments lean, secure, and aligned with how they were actually designed to operate. That is why we are excited to introduce several new frameworks now available in Upwind’s Configurations […]

When something changes in your cloud security platform, the first question is almost always the same: What happened and who did it? Upwind Audit Logs gives security and platform teams a centralized, searchable record of user-driven actions across the Upwind platform, including activity performed through the UI or Public API. The result is clearer accountability, […]

Cloud teams are moving fast on Azure PaaS to reduce operational overhead—serverless containers with Azure Container Apps and managed web apps with Azure App Services. But that speed often comes with a tradeoff: security visibility and detection can lag behind because you don’t have the same host access or deployment patterns you’d expect in Kubernetes […]

Personalize your view—without compromising RBAC, ownership, or auditability. We’re excited to share that Custom Dashboards are now available to all customers. This is an important step in Upwind’s Enterprise readiness, giving teams the ability to tailor how they consume insights based on role, responsibility, and priority—turning existing widgets into personalized, actionable dashboards. Overview Upwind’s Custom […]