As enterprises race to integrate GenAI and AI-powered applications, security leaders are confronting a new class of threats. Traditional tools weren’t built for the dynamic, high-risk nature of AI workloads. AI workloads introduce new capabilities, along with new risks. They dramatically increase the cloud attack surface by running code that adapts in real time, often […]

Upwind now offers Data Security features and context that simplify compliance, improve visibility, and protect sensitive data across your cloud environments.  These capabilities continuously monitor and enable data security across multi-cloud storage – supporting automated discovery, visibility, and compliance from a single platform. Key capabilities include: These new capabilities mark a significant advancement for security […]

The Continuous Integration/Continuous Delivery or Deployment (CI/CD) pipeline integrates and tests code changes, often multiple times per day. And it automatically prepares code for release, sometimes automatically pushing code changes all the way to production without manual intervention. Practicing CI/CD today means faster delivery, more updates, and happier customers, all with fewer errors.  But it […]

Security posture isn’t all about misconfigurations, but can span thousands of combined moving parts across cloud workloads, identities, and SaaS applications, APIs, endpoints, and even AI pipelines.  The problem?  Everyone sees a slice of the total environment, but no one sees the whole. Most organizations plug visibility holes in their environments first with fragmented tools […]

Attackers access cloud systems through vulnerabilities like misconfigured Identity and Access Management (IAM) roles, public buckets, or exposed secrets. But they don’t stay in those initial entryways for long. The time it takes cyberattackers to “breakout” of their initial locations and move laterally across a cloud system is called “breakout time.” And it shapes cyberdefense […]

First, there were perimeters. The idea gradually gave way to endpoints, but today, identities are often the first point of entry to vast, diverse cloud systems. They’re enablers of lateral movement, pivot points in cloud and SaaS environments, that hold the keys to the rest of the environment. In other words, identities deserve attention. In […]

Big win for Upwind: We took home the overall title and earned top honors across every category at the Tamnoon Cloud Security Demo Showdown on June 5th. Upwind placed in the top three for all four categories of the people’s choice categories: Application Security, Cloud Security Posture Management (CSPM), Runtime Security, and Vulnerability Management. These […]

We are excited to announce a new enhancement to Upwind’s posture capabilities, with Upwind now providing comprehensive executive-level Configuration Reports. Users can now generate and download configuration reports, powered by live runtime data, directly from the UI. These reports deliver clear, actionable summaries of posture risk and misconfiguration findings, making it easier for security leaders […]

It’s not about how application programming interfaces (APIs) work. It’s not even about API security. It’s about what shadow or orphaned APIs are live right now — and how your teams can tell. As API use has grown substantially over the past few years, it’s become too easy to lose sight of how many APIs […]

In 2024, Crowdstrike’s faulty agent update drew attention to the risks associated with deploying and updating agents across enterprise environments. But agent-based systems producing valuable alerts correctly can also fail when those alerts are deprioritized by teams who don’t act on them in time (like the 2013 Target breach). And agentless systems come with their […]