Upwind Recognized as a Cloud Security & CADR Leader in the 2025 Latio Cloud Security Market Report
We are excited to announce that Upwind has been recognized by Latio as a leader in both Cloud Security and Cloud Application Detection and Response (CADR) in the newly released 2025 Latio Cloud Security Market Report. In this report, analyst James Berthoty highlights how the cloud security landscape is rapidly evolving beyond traditional CNAPP models, naming Upwind among the select vendors defining the next generation of runtime-powered protection.
The Cloud Security Journey: From CNAPP to CADR
The report outlines the evolution of cloud security through three major generations, demonstrating how the industry matured from early container security and agentless vulnerability management to application security testing and runtime defense.
The report lists these phases as the following:
- CNAPP Gen 1: Agentless Discovery & Misconfiguration Management (2010–2022)
Early solutions focused on visibility by scanning assets, mapping misconfigurations, and building posture graphs. This era was defined by agentless scanning and visual asset relationship graphs. - CNAPP Gen 2: Runtime Insights & Toxic Combinations (2023–2025)
This second wave of CNAPP introduced code-to-cloud visibility and runtime context. Vendors began correlating vulnerabilities and posture findings into prioritized alerts called “toxic combinations.” Runtime protection emerged as the differentiator. - The Future: Hybrid Vulnerability Management & Advanced Workload Protection (2025–)
Latio’s report positions CADR (Cloud Application Detection and Response) as the future of cloud security, saying it will combine application, network, and runtime telemetry for real-time detection and automated response across hybrid environments.
Upwind is recognized as a leader in building the future of cloud security, combining runtime, application, and AI-driven detection into one unified CNAPP platform that redefines how modern organizations secure code, cloud, and workloads.
The Next Chapter of Cloud Security
In the report, Latio highlights how the cloud security landscape has entered a new era that goes beyond visibility to include runtime context, hybrid coverage, and actionable intelligence.
The report outlines six key insights shaping this transformation
- From visibility to runtime insight: Cloud security has evolved from static discovery to real-time detection, where context drives prioritization and risk reduction.
- Converged asset context: Vulnerabilities and misconfigurations are no longer treated separately; they’re analyzed within shared asset relationships to reveal true threat vectors.
- Code-to-cloud remediation: Mapping alerts back to the code that generated them enables more efficient, developer-led fixes.
- Beyond the cloud: Vendors are extending visibility into hybrid environments, unifying vulnerability management and reporting across on-prem and multicloud architectures.
- Application-layer visibility: Security operations teams now require insights into live application behavior to understand real exploitability.
- Integrated workflows: Teams are routing runtime alerts to SOCs and vulnerability alerts directly into developer pipelines, accelerating mean time to remediation.
Together, these insights mark a decisive shift from collecting findings to understanding which issues truly matter in production.
Upwind’s runtime-first CNAPP embodies this new model. Upwind is powered by eBPF-based sensors and continuous telemetry, correlating exploitability, exposure, and runtime behavior to surface only the highest-impact risks. Not only does Upwind’s approach match Latio’s conclusion that teams are moving from visibility to runtime to reduce real risk – it actively helps organizations evolve from cloud visibility to prioritized action through context-rich, continuous protection.
Leading the Runtime Revolution: Upwind as a Cloud Security & CADR Leader
Latio’s CADR category captures runtime visibility across containers, APIs, and applications. The report defines CADR as “the best cloud workload security capabilities you can get,” emphasizing advanced detection, application context, and the ability to take real-time response actions.
Upwind stands out as one of the few vendors delivering mature runtime visibility at the application function level, a capability the report calls “incredibly rare.” Using eBPF-powered sensors, Upwind observes process-level activity, file changes, and network flows in real time, then correlates that data with vulnerability and posture context for deep risk prioritization.
This positions Upwind as both a runtime innovator and a CADR market leader, highlighting how Upwind is pioneering the future of cloud security.
How Upwind Aligns with Key Market Findings
| Latio Finding | Upwind Capability |
| Runtime insights define real risk reduction | Upwind links vulnerabilities to exploitability in production via continuous runtime telemetry |
| AI visibility and ADR are top-requested features | Upwind includes AI workload visibility and runtime behavioral baselining |
| Cloud security is evolving into hybrid environments | Upwind supports multicloud, on-prem, and containerized workloads with unified risk scoring |
| Application-layer visibility is critical | Upwind extends runtime monitoring to APIs, app functions, and data flows |
| Managed runtime detection and response are growing | Upwind MDR provides 24/7 monitoring and zero-day response capabilities |
Read the Full Report
The Latio 2025 Cloud Security Market Report provides one of the most comprehensive views of where the industry is heading, and shows why Upwind is defining the new standard for runtime-powered cloud security. To learn more about how Latio sees the future of Cloud Security and Upwind’s role in it, read the full report here.
