As businesses continue to become hybrid-cloud or cloud-native, runtime detection and response is moving to the forefront as one of the most pressing challenges security leaders face today. With the growing sprawl of cloud attack surfaces, prioritizing vulnerabilities is a priority for security leaders, especially since the severity of risks and vulnerabilities are most accurately understood within the context of runtime environments. Gartner’s recent emerging technology report further emphasized that runtime visibility and detection are critical aspects of understanding threats and vulnerabilities, and that security leaders must adopt cloud technologies that address these demands for more data and analysis.
For that reason, we are very excited to announce that today, we are launching our Runtime Vulnerability Management Feature that will help security teams detect and prioritize exploitable vulnerabilities in their cloud runtime environments.
For security teams, the expanding attack surfaces across cloud environments make identifying and remediating runtime vulnerabilities an incredibly labor-intensive, time-consuming task that takes teams hours or days to get to the root cause of vulnerabilities. With economic cutbacks and the need for highly trained security professionals, this time spent hunting down vulnerabilities not only overtaxes teams that are already working at full capacity, it also leaves organizations open to threats looking to exploit their most critical vulnerabilities.
Our Vulnerability Management Feature solves this problem by cutting through the noise and sending you only the most critical alerts, which the platform does by prioritizing vulnerabilities in your environment that can actually be exploited by threats while ignoring those that don’t pose a threat to your organization.
We do this by mapping your cloud infrastructure and resources and creating security baselines based on your cloud environment’s known, normal behavior while adding the context of CI/CD events, git/code changes, k8s audit logs, Azure activity logs and cloud activities. By creating a security baseline and adding that grid of context from runtime events, Upwind is able to immediately distinguish which vulnerabilities can be exploited, such as critical vulnerabilities that are in-use, can be accessed by the Internet and have paths to sensitive data. By doing so, Upwind saves your security team countless hours of work and points them directly to the root cause of critical vulnerabilities.
“There are many companies that see runtime security as a feature, but we see it as the solution”
“There are many companies that see runtime security as a feature, but we see it as the solution,” said Amiram Shachar, CEO of Upwind. “We tackle runtime with mile-deep context that gives you full visibility and control over your cloud environment and helps you focus only on your most critical vulnerabilities.”
Upwind’s Runtime Vulnerability Feature lets you:
- Reduce the attack surface dramatically – Find software packages that are not in use and remove them from builds.
- Focus on what matters – Solve only the vulnerabilities that introduce a real risk to your business.
- Cut >90% of your CVEs noise –
Prioritize vulnerabilities based on real environmental variables:- Active Internet traffic
- Communication with metadata services (such as IMDSv1)
- Internet-facing
- Invoked packages
- Exploitability
- Available fix
- Clear Remediation – Save thousands of hours by solving the most critical alerts at the container/VM image level.
- CI/CD awareness – Go directly to the root cause of vulnerabilities with context from CI/CD, & git/code changes.
Our new Runtime Vulnerability Feature helps security teams cut through the noise to prioritize critical vulnerabilities and investigate the root cause of CVEs. You can learn more about our runtime detection and response capabilities in the Upwind docs (login needed). If you would also like to see a live demo of the Upwind product, we would love to connect with you.