How TTMZero Uses Upwind for DevSecOps
We recently published a case study with our customer TTMZero, highlighting how their team uses Upwind for a unified DevSecOps solution, leveraging real-time network visibility, runtime risk and remediation prioritization. “Upwind has exceeded our expectations in every area of our organization and completely transformed the way we do DevSecOps. We evaluated other tools and have […]
Understanding Kubernetes Identities, Part 1
When it comes to Kubernetes, managing identities is pivotal for ensuring secure and efficient cluster operations. These identities can be human users or machines, each requiring specific permissions to perform their tasks. In our latest research, we have explored what Kubernetes identities are, the default identities, the permissions they can have, how to configure these […]
Power Your Cloud Security with Software Development Lifecycle (SDLC) Context
We are excited to introduce a new capability that enables you to bring-your-own version control system to the Upwind platform – which integrates rich context from pull requests and build-time activities directly into our cloud infrastructure security platform. Upwind offers unprecedented end-to-end visibility of your cloud infrastructure and applications, marrying intelligence from both build time and […]
GitLab Releases Critical CVEs Batch
GitLab has released crucial updates for both its Community Edition (CE) and Enterprise Edition (EE) with versions 17.1.1, 17.0.3, and 16.11.5. These updates address multiple high-severity security vulnerabilities, and all GitLab installations must be upgraded to these versions immediately. GitLab.com is already running the patched versions. Run Pipelines as Any User (CVE-2024-5655) This flaw allows […]
regreSSHion: RCE in OpenSSH’s Server on glibc-based Linux Systems (CVE-2024-6387)
OpenSSH is widely known for managing secure shell connections (SSH). However, a recently discovered vulnerability in OpenSSH’s server (sshd), known as regreSSHion, has been identified. If a client does not authenticate within the LoginGraceTime (120 seconds by default, 600 seconds in older versions), sshd’s SIGALRM handler is called asynchronously. This signal handler calls functions that […]
Bake-In Cloud Security Compliance with the Upwind Posture Framework
Security practitioners are no strangers to posture security control frameworks, such as the Center for Internet Security (CIS), the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the System and Organization Controls (SOC). Each framework is recognized as a standard for security posture compliance and serves as a structured guideline for securing information […]
Upwind CEO Amiram Shachar & H2O.ai’s Ophir Zahavi at AWS re:Inforce
Upwind Co-Founder & CEO Amiram Shachar took the stage at AWS re:Inforce alongside Ophir Zahavi, Cloud Engineering Manager at H2O.ai to highlight the need for runtime intelligence and build time context to achieve dynamic, modern cloud-native security that unifies Dev, Sec, and Ops. Watch the full video to learn how Upwind empowers H2O.ai with end-to-end […]
Upwind Named to Redpoint’s InfraRed 100
June 18, 2024 – Upwind, a leading innovator in cloud security, proudly announces its recognition on the Redpoint InfraRed 100. This prestigious list highlights the 100 up-and-coming private companies in Cloud Infrastructure, showcasing the future leaders set to revolutionize the market. Redpoint Ventures, a top-tier venture capital firm with a diverse portfolio including companies such […]
Deep Dive: CVE-2024-37902 and Potential Impact on DeepJavaLibrary Users
AWS announced today, June 17, that there is a potential security issue with archive extraction utilities in DeepJavaLibrary versions 0.1.0 through 0.27.0 that could allow an attacker to tamper with your system. What is DeepJavaLibrary? DJL is a free, open-source library by AWS used for building deep learning models in Java. It provides easy-to-use tools […]
Upwind Makes Big Waves with a Diamond Sponsorship at AWS re:Inforce
The Upwind team is on the ground at AWS re:Inforce this week in Philadelphia, Pennsylvania from June 10-12! Upwind is one of four diamond sponsors at the event, and it’s impossible to miss our beach-themed booth. Two Upwinders also spoke at re:Inforce: Our CEO Amiram Shachar was also interviewed on Security Live, talking about how […]
