Imagine a threat appears, vanishes, and then reappears two days later – same process, slightly different path. Without the right visibility, you’d treat it like a new incident each time. But with Upwind Detection Logs, you get the historical context to see the full picture. Upwind provides deep runtime visibility and security across all environments, […]

Security orchestration, automation, and response (SOAR) refers to a collection of tools and technologies that enables organizations to streamline their security operations and improve response times. Thus SOAR isn’t just a single tool — SOAR platforms integrate multiple functionalities that were once standalone tools, including: Through the integration and automation of various security tools, processes, […]

Securing a modern Google Cloud environment demands both breadth and depth: broad visibility across services, and deep insight into workload behavior. However, gaining this level of coverage without introducing operational overhead is often a challenge—especially in environments where deploying runtime agents is difficult or impractical. While there are other ways to get started quickly with […]

We are excited to announce that Upwind now supports Google Cloud Run. This addition reflects our commitment to delivering comprehensive, modern cloud security – no matter where or how your applications run. With this update, all core capabilities within the Upwind Platform are now available for workloads deployed on Google Cloud Run.  What is Google […]

As cloud workloads grow more dynamic and distributed, it becomes increasingly difficult to maintain control over data privacy and security. That’s especially true for healthcare applications deployed in containerized environments, which depend on container security measures and real-time protection to protect sensitive data. For organizations handling protected health information (PHI), ensuring compliance with HIPAA in […]

Secure coding, writing software to minimize vulnerabilities, is a shift-left development approach that can deliver applications resistant to exploitation. To actualize that promise, teams will need to do more than wave a magic “secure coding” wand — they’ll face ongoing challenges like scaling secure code across teams and balancing resource-intensive needs with development realities. Best […]

How can teams achieve infrastructure security beyond misconfigurations? Can IaC scan for compliance benchmarks? Can it distinguish between a hardcoded secret and a placeholder?  We’re going beyond the basics of infrastructure as code (IaC) scanning to break down some tangible trade-offs and deeper questions that security teams will face as they work to perfect the […]

Architectural patterns. Advanced kernel-level mitigations. Continuous integrity management. Supply chain security. There’s a lot that goes into Linux security. And all those pieces need to be coupled with strategic initiatives, like zero-trust architectures and scaling security policies.  This essential guide to Linux security topics starts with the common hardening basics, but also touches on more […]

Kubernetes audit logs are a cornerstone of cluster visibility. They capture the who, what, and when of user and service activity. But their sheer volume and complexity often create bottlenecks for security teams trying to distinguish meaningful anomalies from routine noise. We’re going deeper into the role of Kubernetes audit logs in DevSecOps workflows, exploring […]

Cybersecurity vulnerabilities have been tracked since 1999, when the Internet Category of Attack (ICAT) toolkit began compiling attack scripts and made them available to developers to look up easily. ICAT evolved into the National Vulnerability Database (NVD) of today, holding over 150,000 vulnerabilities and adding tens of thousands more annually. Beyond the basics, we’re going […]