Upwind Field-CTO Tomer Hadassi and H2O.ai Cloud Engineering Manager Ophir Zahavi take the stage at AWS Summit Tel Aviv to discuss how Upwind empowers H2O.ai’s cloud security with runtime protection and build-time insights for end-to-end context and prioritized risk.

Upwind & H2O.ai Take the Stage at AWS Summit Tel Aviv
Contents
Further Reading

No npm Token Required: Inside the AsyncAPI Supply Chain Attack
Executive Summary Upwind identified a critical supply chain compromise across five npm packages in the @asyncapi scope, published on July 14, 2026 via two separate branch compromises in two GitHub repositories. The attacker never touched an npm token. They abused each project's own CI pipeline through GitHub Actions OIDC to publish the malicious packages. The…

AI Proves the Real Bottleneck Was Never Finding Vulnerabilities
Let this sink in: finding security vulnerabilities was never the bottleneck, vulnerability prioritization was. AI-scale discovery is about to make that impossible to ignore, and the teams that see it coming will pull ahead of the rest. Here's what kept me up this week. Anthropic ran a frontier model against some of the world's most…

Upwind gives you SBOM coverage across every cloud workload
Software supply chain risk doesn't stop at the container boundary. Most organizations still run a meaningful share of production workloads on virtual machines across legacy services, data pipelines, and infrastructure that was never containerized. The Upwind Platform creates SBOMs at runtime, delivering greater accuracy than build-time tools by continuously monitoring your live environment. Format adds…