Back to all posts
Illustration of a simplified windsurfer icon, featuring a person on a board with a sail riding stylized waves. The background boasts a soft blue gradient, while the phrase What Is SOAR? gracefully appears in the top right corner.

What Is SOAR?

Security orchestration, automation, and response (SOAR) refers to a collection of tools and technologies that enables organizations to streamline their security operations and improve response times. Thus SOAR isn’t just a single tool — SOAR platforms integrate multiple functionalities that were once standalone tools, including: Through the integration and automation of various security tools, processes, […]

A pattern of hexagons in pastel colors with a cloud symbol inside a central blue hexagon. The word Upwind appears in black text in the top left corner.
Product

Seamlessly Protect Google Cloud Infrastructure with Upwind’s Agentless Cloud Scanners

Securing a modern Google Cloud environment demands both breadth and depth: broad visibility across services, and deep insight into workload behavior. However, gaining this level of coverage without introducing operational overhead is often a challenge—especially in environments where deploying runtime agents is difficult or impractical. While there are other ways to get started quickly with […]

A white cloud with a green medical cross inside, set against a light blue background, embodies the essence of HIPAA Cloud Security Compliance. In the top right corner, the word Upwind elegantly floats.

 What is HIPAA Cloud Security Compliance?

As cloud workloads grow more dynamic and distributed, it becomes increasingly difficult to maintain control over data privacy and security. That’s especially true for healthcare applications deployed in containerized environments, which depend on container security measures and real-time protection to protect sensitive data. For organizations handling protected health information (PHI), ensuring compliance with HIPAA in […]

A padlock icon entwined with a code symbol signifies secure coding practices. The phrase What is Secure Coding? hovers in the top right corner against a backdrop that gently shifts from light to dark blue, offering a visual journey into the world of protected programming.

What is Secure Coding? Best Practices Explained

Secure coding, writing software to minimize vulnerabilities, is a shift-left development approach that can deliver applications resistant to exploitation. To actualize that promise, teams will need to do more than wave a magic “secure coding” wand — they’ll face ongoing challenges like scaling secure code across teams and balancing resource-intensive needs with development realities. Best […]

A diagram illustrates a central rectangular element linked to four outer rectangles by dashed lines, all set against a light blue background. The word upwind graces the top right corner, inviting the viewer to ponder, What is IaC Scanning?.

What is IaC Scanning?

How can teams achieve infrastructure security beyond misconfigurations? Can IaC scan for compliance benchmarks? Can it distinguish between a hardcoded secret and a placeholder?  We’re going beyond the basics of infrastructure as code (IaC) scanning to break down some tangible trade-offs and deeper questions that security teams will face as they work to perfect the […]

A cartoon penguin, resembling the Linux mascot, sits on an ice floe clutching a padlock. Upwind: Your Essential Linux Security Guide graces the top right corner. The backdrop is a soothing light blue gradient.

Essential Linux Security Guide

Architectural patterns. Advanced kernel-level mitigations. Continuous integrity management. Supply chain security. There’s a lot that goes into Linux security. And all those pieces need to be coupled with strategic initiatives, like zero-trust architectures and scaling security policies.  This essential guide to Linux security topics starts with the common hardening basics, but also touches on more […]

Illustration of a magnifying glass hovering over a Kubernetes logo, set against a blue gradient background. The word upwind appears in the top right corner, subtly hinting at using Kubernetes audit logs for enhanced DevSecOps strategies.

Using Kubernetes Audit Logs for DevSecOps

Kubernetes audit logs are a cornerstone of cluster visibility. They capture the who, what, and when of user and service activity. But their sheer volume and complexity often create bottlenecks for security teams trying to distinguish meaningful anomalies from routine noise. We’re going deeper into the role of Kubernetes audit logs in DevSecOps workflows, exploring […]

Illustration of three stylized red and pink geometric shapes resembling hearts, aligned horizontally on a pink background. The word upwind is in white text in the upper right corner. Much like exploring the National Vulnerability Database, this art seeks to uncover hidden layers of meaning.

NVD: What is the National Vulnerability Database?

Cybersecurity vulnerabilities have been tracked since 1999, when the Internet Category of Attack (ICAT) toolkit began compiling attack scripts and made them available to developers to look up easily. ICAT evolved into the National Vulnerability Database (NVD) of today, holding over 150,000 vulnerabilities and adding tens of thousands more annually. Beyond the basics, we’re going […]

Add the Upwind RSS Feed to Slack

Connect the Upwind RSS Feed to your Slack.
Follow the how-to here.