How Organizations Use Upwind’s File-Based Threat Monitoring
Upwind’s threat detection capabilities give you real-time protection against cloud attacks, including malicious file activities. Upwind’s lightweight, high-performance eBPF sensor goes beyond monitoring file activities to enrich that data with information about an event’s context and provide insights into the actions taken on the file, including read, write, and truncate (delete). You can leverage this […]
Power Your Cloud Security with Software Development Lifecycle (SDLC) Context
We are excited to introduce a new capability that enables you to bring-your-own version control system to the Upwind platform – which integrates rich context from pull requests and build-time activities directly into our cloud infrastructure security platform. Upwind offers unprecedented end-to-end visibility of your cloud infrastructure and applications, marrying intelligence from both build time and […]
Connect the Dots for Security Findings with Upwind’s Issue Stories
We are excited to announce the release of Upwind’s “Issue Stories” – a GenAI-based capability designed to address the challenge of connecting the dots between seemingly isolated security findings. By providing a unified narrative that consolidates and contextualizes events Upwind has determined to be related, Issue Stories enhance the comprehensiveness of our existing Issue types […]
Prioritize & Eliminate Critical Risks with Upwind
Upwind brings a new approach that redefines the speed, visibility and actionability of cloud security, cutting 95% of alert noise to help you focus on your most critical risks. The Upwind Cloud Security Platform gives you the ability to: Accelerate productivity and empower your Dev, Security, and DevOps teams to innovate within a secure & […]
Detect Malicious File Activities
We are excited to announce a significant new capability in the Upwind Cloud Security Platform – threat detections for malicious file-based activity. Upwind’s threat detection and response capabilities have always allowed customers to detect and respond to threats in real time, powered by our innovative eBPF-based sensor. With this new capability, Upwind’s threat detection capabilities […]
Detect Suspicious Communication with a Public DNS Resolver
We are excited to announce a new capability to detect unusual DNS resolver activity. This detection notifies you of unusual behavior by a virtual machine or container in your cloud environment, which is communicating with a public DNS resolver that it hasn’t communicated with recently. DNS Resolvers Trusting your DNS resolvers is a critical part […]
Detect Malicious Port Sweep Activities
We are excited to announce support for a new detection type – the identification of malicious port sweeps. Port sweeps can occur when compromised hosts or containers within your environment probe a port on a large number of publicly routable IP addresses or a large number of internal IP addresses. This type of activity is […]
Detect Unusual DoT Communications
We are excited to announce a new detection type, identifying unusual DoT activity. This detection notifies you of unusual DNS over TLS (Transport Layer Security) communication, often referred to as DoT, which could indicate attempts to blend malicious communications with regular encrypted web traffic to evade detection. DNS over TLS (DoT) DNS is a crucial […]
Detect Exposed Kubernetes Dashboards
We are excited to announce a new threat detection, with the ability to identify an exposed Kubernetes Dashboard. This threat detection will inform you when the Kubernetes dashboard for your cluster is exposed to the internet by a Load Balancer. Exposing your dashboard to the internet makes the management interface of your cluster vulnerable to […]
How We Impersonated Cloud Code by Google Cloud and Took Over GCP Accounts
The Upwind security research team is constantly examining threat landscapes and potential attack paths. In one of our recent searches, we discovered an anomaly in the authentication behavior of Google Developer tools that security practitioners should be aware of. We discovered this threat landscape by running scans on GCP Cloud Code, during which we found […]
