Cisco-Partnership-June26

Upwind Brings Realtime Intelligence to Cisco Cloud Control

SamLangrockHeadshot

By Sam Langrock

Jun 02, 2026

We are thrilled to announce that Upwind has been selected as a launch partner for Cloud Control Studio, part of Cisco Cloud Control, bringing realtime intelligence on cloud and AI security into the platform. Unveiled at Cisco Live Las Vegas on June 2, 2026, Cisco Cloud Control is the unified platform for agentic IT operations. 

Upwind is integrated with Cloud Control Studio via Model Context Protocol (MCP), enabling customers to access Upwind’s cross-platform skills and get realtime intelligence, including security findings, vulnerability data, API security telemetry, and AI visibility, within the Cisco AI Canvas. 

(Learn more about the Upwind MCP Server in our announcement blog post)

The Challenge Facing Modern Security Teams 

Modern cloud security teams don’t struggle to find vulnerabilities. They struggle to prioritize and close them fast enough.

AI has accelerated the pace of attacks, shrinking the time between exposure and exploitation. Security teams are buried in alerts, most of which point to theoretical risks that are dormant, unreachable, or low priority in practice. Meanwhile, the findings that actually matter, the ones tied to code that is actively running, services that are publicly reachable, and identities that are overprivileged and in use, get lost in the noise.

AI is also reshaping the attack surface itself. As organizations adopt AI-powered applications and agentic workflows, new risks emerge across visibility, runtime behavior, and model-to-model communication that traditional security tools were never built to handle. The challenge is no longer just identifying issues. It is understanding which ones actually matter, and resolving them safely before attackers move.

How the Integration Works

Upwind connects to Cloud Control Studio, part of Cisco Cloud Control, using Model Context Protocol (MCP). Joint customers can use Upwind’s findings and telemetry inside Cisco AI Canvas, the multiplayer workspace inside Cisco Cloud Control where IT teams and AI agents can investigate, correlate, and resolve issues. 

When an operator opens an investigation in Cisco AI Canvas, the AI agents working in that session can reason on Upwind’s context alongside everything else in the environment. No manual exports, no switching tools. The context is already there.

This fundamentally changes the quality of investigation.

Instead of treating every alert as a theoretical problem, AI agents can distinguish between static exposure and active operational risk – helping teams focus on what is actually reachable, exploitable, and worth acting on.

For joint customers, this means faster investigations, better decisions, and quicker resolution with far less manual context switching.

Why Runtime Context Changes the Investigation

Upwind is built inside-out, starting with runtime context that provides continuous, real-time visibility into workloads. That depth is what makes Upwind’s findings useful not just in our own platform, but as an input to broader agentic operations workflows.

When AI agents in Cisco AI Canvas can ground their reasoning in runtime-verified data, they produce better answers. Teams stop jumping between tools to reconstruct what happened. The investigation happens in one place, with the context that matters most already there.

Example prompts customers can use

Security teams can ask:

  • “Show me the top critical vulnerabilities currently running in production, ranked by runtime exposure, exploitability, and available remediation.”
  • “Which production workloads have the highest concentration of exploitable runtime risk?”
  • “List internet-facing API endpoints with weak or missing authentication and correlate them with runtime activity.”
  • “Show AI workloads communicating over MCP with anomalous or unexpected behavior.”
  • “Which identity-driven runtime events represent the highest active security risk right now?”

(Check out the Top 10 MCP Use Cases for Upwind in our recent blog)

What Security and IT Teams can Expect

As part of Cisco Cloud Control, Upwind’s realtime intelligence becomes a native part of how AI agents investigate and resolve issues.

  • AI agents investigate with more context. Upwind’s realtime intelligence is part of what agents reason on inside Cisco AI Canvas, alongside networking, observability, identity, and compute signals.
  • Less context-switching. Security findings surface directly in the workspace where the rest of the investigation is already happening.
  • Faster, more accurate resolution. When agents can correlate a security alert with live runtime behavior, root cause analysis that once required multiple tools and manual correlation can happen in a single session.

Upwind in the Cisco Cloud Control Platform

Upwind’s integration with Cloud Control Studio reflects a broader belief: that cloud security context belongs wherever security and IT teams are doing their work. We are proud to be part of the Cisco Cloud Control ecosystem, and to share a vision with Cisco that the future of security operations is agentic, and that it only works when AI agents have access to the runtime data that tells them what is actually happening. As organizations build and expand agentic operations on Cisco Cloud Control, runtime cloud security is a foundational input, not an afterthought.

Cisco Cloud Control is built to bring every operational domain into one environment. Upwind extends that environment with the runtime security layer it needs: continuous visibility into cloud workloads, applications, APIs, and AI agents, all correlated in realtime. Security and IT teams get a more complete picture of their environment and the context to act on it with confidence.

For more information on Cisco Cloud Control, visit the new Cloud Control Studio webpage.

If you’d like to explore how Upwind can help you prioritize and remediate risk more effectively, schedule a customized demo with us. We’ll walk through your use cases, integrations, and security goals to show how Upwind delivers actionable cloud security at scale.

Upwind Brings Realtime Intelligence to Cisco Cloud Control

Further Reading

AWS Well-Architected Framework
Product

AWS Well-Architected Framework Available in Upwind

SamLangrockHeadshot

By Sam Langrock

Jun 12, 2026

Continuous Compliance for Cloud Security Teams The AWS Well-Architected Framework is now available in Upwind. The framework helps organizations evaluate architectural decisions and align workloads with AWS best practices across 6 pillars: Operational Excellence, Security, Reliability, Performance Efficiency, Cost Optimization, and Sustainability. The Well-Architected Framework was designed by AWS as a consistent way for teams […]

Supply Chain Attack Detections
Product

Upwind Now Detects Novel Supply Chain Attacks in Real Time

Lidor Machluf Smiling person with short dark hair and a beard, wearing a black shirt with a logo that includes the letter U. The background is a plain light grey.

By Lidor Machluf & Tomer Hadassi

Jun 10, 2026

Software supply chain attacks are no longer rare events that make headlines once a quarter. In 2026, significant attacks are landing every few days, and the pace is accelerating. AI-assisted code generation is lowering the barrier for attackers to craft sophisticated, obfuscated payloads and inject them into trusted open source packages at scale. The window […]

Securing Every Pillar of AI
Product

Security for AI: Every Pillar of Cloud Security Just Got a New Job

A smiling man wearing glasses and a pink t-shirt, sitting in a lounge in front of exposed brick.

By Amiram Shachar

Jun 04, 2026

A few weeks ago, I wrote about Upwind becoming agentic, AI for Security. We put a fleet of Agents, Blue, Red, and Green, to work investigating threats, validating exposures, and remediating risk at machine speed. That was one half of the story. This is the other half. Security for AI. AI has rewired our known […]