Upwind Inventory 2.0: Discover, Query, and Enforce with Runtime Context

Today, we’re introducing one of the most important upgrades we’ve ever made to the Upwind platform – designed to solve a persistent problem for security teams: connecting inventory data with real-time enforcement and meaningful policy impact. This release brings a new level of enhanced inventory management that redefines how security teams discover, query, and enforce policies. It fuses real-time data, actionable insights, and enforcement into a single, seamless experience. At Upwind, we believe inventory should do more than just tell security teams what exists. It should show teams what matters – based on live data – and help them act. With the introduction of Upwind Inventory 2.0, we are making it easier than ever for organizations to ask the right questions, automatically answer inventory queries and enforce the right rules, faster.

These new capabilities are built for how modern cloud environments operate. Legacy tools, by contrast, rely on static snapshots, siloed policy engines, and limited visibility across runtime behavior. Upwind Inventory 2.0 is designed to support how security teams want to work. It’s anchored around three major capabilities:

• Assets Tab: Cloud asset inventory, fully filterable and organized by technology
• Upwind Explorer: Query your environment with precision and turn those queries into policy
• Topology Graph: Visualize how your policies apply across your environment in real time

In the sections below, we will dive into key features of each of these new capabilities, as well as the powerful use cases they solve for security teams.

Assets Tab: Inventory That Reflects Reality

The Assets Tab offers a real-time catalog of cloud infrastructure and workloads, enriched with runtime metadata and structured to surface what’s operationally relevant.

Security teams can now drill into asset details by technology stack and exposure level, as well as by privilege scope and misconfiguration status. The tab is grouped by high-level technology domains such as:

• AI & Machine Learning
• CI/CD & DevOps
• Monitoring & Observability
• Application Frameworks
• OS & Software Packages
• Data Infrastructure

This structured view makes it easy for security teams to answer high-value questions quickly, such as:

• Which workloads are exposed to the internet and running legacy dependencies?
• Where are specific software packages deployed across cloud accounts and regions?
• Which systems are processing sensitive data without encryption or proper access controls?

Legacy CSPM rely on periodic scans for inventory updates. These scans can miss critical changes in fast-moving environments. Upwind’s runtime-powered inventory is updated continuously – ensuring teams are working with the latest high-fidelity, accurate data for their queries and security operations.

Upwind Explorer: Complex Queries, High-Fidelity Answers

While the updated Assets tab powers searches, the Upwind Explorer provides seamless queries. The Upwind Explorer is a query engine built to ask nuanced, multi-attribute questions and return answers grounded in runtime data.

Using the Upwind Explorer, teams can easily build custom queries using either a visual query builder or Rego (the open-source policy language behind OPA). The Upwind Explorer taps into Upwind’s full dataset—including CVEs, package versions, container behavior, privileges, IAM bindings, and exposure metrics, providing you with highly detailed answers to your queries.

Use cases include:

• Finding containers running Python, exposed to the internet, handling sensitive data, and operating with elevated privileges
• Tracing policy violations across multiple clouds or accounts
• Identifying assets that match risk conditions across infrastructure, identity, and runtime behavior

What if every complex query you ran could instantly become a custom misconfiguration rule? With Upwind Explorer, that’s exactly what happens. It turns powerful queries into enforceable policy, ready for action. These rules automatically integrate into the Configurations module and dashboards – allowing organizations to track and enforce their unique security posture at scale.

Upwind Topology Graph: Policy Meets Visibility

Not only are we enhancing our custom policy creation capabilities through the Upwind Explorer – we are also expanding our CSPM capabilities with the Upwind Topology Graph, a real-time visualization layer that connects assets, identities, and policies – so security teams can see how their rules actually impact their organization’s environment.

The Upwind Topology Graph is not static, topology-based architecture mapping. It’s a live, query-driven view of how infrastructure and policy enforcement intersect.

With the Topology Graph, you can:

• Query Inventory Visually: Filter resources, workloads, and users based on runtime metadata—and automatically see their associated risks and policy bindings
• Visualize Resource Policies: Understand which users and services meet your query criteria and what policies or privileges are attached to them
• Understand Policy Impact: See how a custom rule propagates through your infrastructure, and identify gaps where it may not be applied – or where it introduces unintended exposure

The Upwind Explorer and Upwind Topology Graph each play a critical role. The Explorer enables deep, customizable queries and policy creation, while the Topology Graph brings those policies to life through visual validation in real time. Together, they empower security teams to move seamlessly from defining a custom policy via an Explorer query, to seeing its real-world impact  in the Topology Graph. This tight integration closes the loop between policy definition and operational validation, giving organizations the confidence that posture intent matches cloud reality.

Inventory 2.0: Unified Architecture for Discovery, Query, and Enforcement

With this release, Upwind Inventory moves from being an asset catalog to a tightly integrated system that connects discovery, posture evaluation, and policy enforcement into a single, queryable runtime model.

While traditional cloud security tools force teams to bounce between asset lists, policy engines, and context sources, Upwind Inventory 2.0 empowers teams with:

• Upwind Assets Tab: A structured, filterable asset inventory enriched with runtime context
• Upwind Explorer: A query engine that supports both visual and Rego-based searches and supports custom policy creation
• Upwind Topology Graph: A real-time topology graph for understanding policy impact across identities and infrastructure

These tightly-integrated capabilities empower teams to define complex posture criteria in Explorer, validate them visually via the Topology Graph, and track them as persistent misconfiguration rules within the Configurations module. This architecture shortens the feedback loop between risk identification and response – eliminating context-switching, manual correlation, and the lag inherent in legacy CSPMs.

Learn More about Upwind Inventory 2.0

Security leaders don’t need more dashboards. They need tools that connect the dots between asset inventory, posture management, and real-time enforcement—just like the Assets Tab, Explorer, and Topology Graph now do together in Upwind Inventory 2.0. They need faster answers to harder questions that is grounded in data they can trust. 

This is exactly what Upwind Inventory 2.0 provides, empowering teams to:

• Identify critical risks across assets, identities, and cloud services
• Customize and operationalize security policies at scale
• Understand policy impact across federated environments
• Do all of it using live context, not static assumptions

Upwind Inventory 2.0 fuels our runtime-powered CSPM, built for the modern enterprise cloud. Explore the new Inventory in your Upwind console – or book a personalized demo today to see it in action.