image layers hero

Image Layers are now in the Upwind Console

dan profile Medium

By Danilo Michelucci

Feb 24, 2026

Upwind’s Image Layers capability gives you deep visibility into how container images are built—so you can assign vulnerability ownership correctly, find root cause faster, and remediate issues more effectively across teams.

Most tools only show the final image state. Upwind breaks images down layer by layer, so you can see exactly where a vulnerability was introduced during the build process.

image-layers-b-1024x605

What Image Layers delivers

With Image Layers, you can finally answer the questions that matter in seconds:

  • Which layer introduced this vulnerability?
  • Is this owned by the base image team or the application team?
  • Which Dockerfile instruction caused it?
  • Was it later fixed or overwritten in another layer?

That’s the difference between “finding CVEs” and actually fixing risk.

Layer-level vulnerability attribution

Upwind breaks container images into individual layers and pinpoints the exact layer that introduced each vulnerability—not just where it shows up in the final image.

image-layers-c-1024x601


Findings Go To The Right Team Immediately

Image Layers makes it easy to attribute ownership:

  • Base image vulnerabilities (typically Platform / DevOps owned)
  • Application vulnerabilities (typically Engineering owned)

So findings go to the right team immediately—without back-and-forth.

Build context visibility

Each layer is tied back to its Dockerfile instruction and command, giving developers concrete evidence of:

  • what was run
  • what changed
  • and where to fix it

What you can do with Image Layers today

image-layers-a-1024x598
  • Inspect images layer by layer (not just final state)

You can drill into an image and see a full layer breakdown, making it easy to understand how the image was assembled.

  • See “introduced in layer” for every vulnerability

Each finding is tied to the exact introducing layer, so you know where the risk entered the build.

  • Use per-layer SBOM visibility for better investigation

Upwind collects a layer-aware SBOM, so you can connect packages and vulnerabilities back to the layers where they appear.

  • Trust the results even when layers change things later

Upwind accurately handles real-world builds where vulnerabilities are introduced, patched, or overridden by later layers—so the attribution stays meaningful.

  • Get richer findings with supporting evidence

Vulnerability findings include more context to speed up triage and help teams remediate with confidence.

See It In Action

If you’d like to see how this feature fits into your environment – or to explore how Upwind can help you prioritize and remediate risk more effectively – schedule a customized demo with us. We’ll walk through your use cases, integrations, and security goals to show how Upwind delivers actionable cloud security at scale.

Image Layers are now in the Upwind Console

Further Reading

k8s admission controller
Product

Stop Misconfigurations Before They Ship with Upwind Kubernetes Admission Controller

dan profile Medium

By Danilo Michelucci

Feb 23, 2026

Kubernetes environments move fast. Deployments happen constantly—through CI/CD pipelines, GitOps workflows, and direct kubectl commands. And when a misconfiguration slips in (a privileged pod, a missing required label, a deprecated API version), it can become a security incident in minutes. Until now, most teams have relied on post-deployment scanning to catch these issues. The problem: […]

search-by-finding
Product

Upwind Enables a Faster, More Flexible Way to Triage Vulnerabilities with the “By Finding” View

A person wearing a dark t-shirt and a baseball cap stands with arms crossed. The background is a plain, light-colored wall.

By Chris Lentricchia

Feb 03, 2026

We’re excited to announce that the new “By Finding” view is now live in the Upwind Vulnerability Management module, enabling security teams to triage vulnerabilities faster and more flexibly across their entire cloud environment. As cloud-native infrastructure continues to scale across clusters, container images, packages, and services, security teams need vulnerability management workflows that are […]

global-search
Product

Upwind Enables a Simpler, More Efficient Way to Tame Cloud Security Complexity with Global Search

Screenshot 2025-11-21 at 6.05.00 AM

By Chas Larios

Jan 21, 2026

We’re excited to announce the general availability of Global Search, enabling a simpler, more efficient way for all Upwind users to tame cloud security complexity. A More Direct Way to Navigate the Platform Security work often involves moving between dashboards, findings, graph views, and configuration workflows. Over time, even well-designed platforms can require more clicks […]