How Petrofac uses Upwind for real-time AKS protection

“Upwind was incredibly easy to get up and running, within the first few hours of connecting to the Platform, we already had an actionable list of recommendations to strengthen our AKS security.”

A man in a formal suit with a dark tie and pocket square stands against a decorative, swirled-pattern background.
Shahab Siddiqui
|
Global Head of Cyber Security, Petrofac

How Petrofac Leverages Upwind

In today’s evolving world of cloud security, knowing how to comprehensively secure cloud infrastructure and applications can be challenging. Providing agile, complete protection that identifies critical risks and proactively remediates them is even more difficult. That’s where Upwind comes in.

The Upwind Cloud Security Platform defines the speed, visibility, and actionability of an Azure customer’s cloud security to identify critical risks instantly, get to the root cause faster, and halt attacks in real-time. In a multi-cloud and hybrid-cloud reality, Upwind provides comprehensive cloud security to accelerate productivity and empower their development, security and DevOps teams to innovate within a secure and efficient environment, including managed Kubernetes services like Microsoft’s AKS (Azure Kubernetes Service).

Providing Petrofac with innovative AKS protection

Petrofac is a leading energy services company that helps its clients meet the world’s evolving energy needs. Petrofac’s sophisticated Azure infrastructure allows it to adopt agile cloud practices and establish an extensive AKS environment. However, to ensure that their AKS clusters were protected in real-time, while also working to reduce the attack surface, they found a solution with Upwind.

Petrofac was able to quickly and easily deploy the Upwind platform, providing them with instant insights into their Azure inventory and real-time recommendations to further secure their AKS environment.

Upwind was incredibly easy to get up and running, within the first few hours of connecting to the Platform, we already had an actionable list of recommendations to strengthen our AKS security, as well as real-time visibility into our containerized resource communication.”

A man in a formal suit with a dark tie and pocket square stands against a decorative, swirled-pattern background.
Shahab Siddiqui
|
Global Head of Cyber Security, Petrofac

Real-time AKS threat detection and response

Petrofac’s AKS protection utilizes Upwind to discover its containerized resources, identify any vulnerabilities, and collect real-time insights through Upwind’s eBPF-based sensor. Petrofac’s security team was able to gain a comprehensive view of their AKS environment and start proactively protecting against Kubernetes threats.

Diagram showing a Kubernetes system network with kube-system components like connectivity-agent and cloud-node-manager. A side panel details kube-proxy traffic insights, including traffic by process, ports, and protocol, with a flowchart layout.
View real-time network communication and insights for Azure Kubernetes Service workloads

Upwind grants Petrofac the ability to instantly identify threats and eliminate malicious processes with the click of a button. It also creates prevention policies to block future malware from running in their environment.

Upwind’s ability to monitor our infra 24/7 to proactively find threats has shown us just how much organizations are missing when they rely on static tools for protection. Being able to receive detections in real time has given us an additional layer of protection that is crucial for our organization and helped us significantly strengthen our cloud security practice.”

A man with short hair and a serious expression is wearing a dark collared shirt against a plain white background.
Leon Colaco
|
Cyber Security Analyst, Petrofac
Screenshot of a dashboard displaying a prevention status as Active. It shows a countdown timer with 5 hours and 58 minutes remaining. A graph tracks response over time, and a table lists process details, IDs, and status updates as Success.
Stop threats in real-time and create prevention policies to prevent future malicious processes from running

Cutting 98% of noise to focus on real risk

In addition to real-time AKS protection, Upwind also gives Petrofac the ability to easily identify critical risks and vulnerabilities and rapidly remediate them. The Upwind platform helps Petrofac focus on actual risks rather than theoretical ones by looking at ingress traffic, in-use packages, and build-time data. This is paired with root cause analysis that goes down to the level of the developer responsible for pushing the code that caused the vulnerability.

By leveraging both runtime and build-time data, Upwind cut 98% of alert noise for Petrofac, allowing their team to focus and prioritize their most critical issues.

Flow chart showing a CVE funnel. Total is 2,969; Package in use: 2,888; Active internet traffic: 624; Exploit available: 136; Fix available: 77; CVSS critical severity: 3. Color-coded sections for Critical, High, and Other.
Upwind filters your vulnerabilities, cutting down alert noise and helping you focus on your most critical risks based on real environmental factors

Using Upwind has completely changed the way we protect our AKS clusters. Upwind’s real-time container security has cut 98% of our alert noise, making it easy for us to quickly find and fix risks, stop threats and ensure that our containerized environment is secure.”

A man with dark hair, wearing a blue suit and white shirt, is looking directly at the camera against a plain white background.
Kalim Aziz
|
Cyber Security Leader, Petrofac

Pairing AKS agility with real-time security

By implementing the Upwind Cloud Security Platform, Petrofac has been able to leverage the best of both worlds—marrying Azure’s rapid building capabilities in Azure Kubernetes Service with Upwind’s real-time protection. This has helped Petrofac take advantage of:

  • Complete AKS visibility: Upwind allows Petrofac to view resource communication and identify all communication within clusters, within accounts, and to the internet.

  • Real-time AKS security: Petrofac can use Upwind’s threat detection and response to detect threats and stop them at the packet and process level.

  • Prioritized AKS risk analysis: Upwind has reduced 98% of Petrofac’s alerts, helping them focus on their most critical risks and proactively reduce their attack surface.

  • AKS identity awareness: Upwind gives Petrofac visibility into all of its running user identities, including viewing identity risk by resource, and identifying all users and their permissions that have access to AKS resources.

Microsoft and Upwind have established a strong technological and business alliance that shows how innovative technology can foster growth and solve problems. Petrofac’s use of Azure and Upwind is a prime example of how strongly this alliance can bring increased value to customers.”

A smiling person with a shaved head wearing a light blue button-up shirt, posed against a dark green background.
Tom Davis
|
Senior Director, Microsoft for Startups

Just as Petrofac has harnessed the power of AKS and Upwind’s Cloud Security Platform to rapidly and securely build in Azure, all Azure customers can utilize Upwind’s AKS protection to ensure rapid and thorough cloud security.

Uplift Your Cloud
Security Today

Schedule a meeting with a cloud security experts today to secure your cloud, reduce friction between your teams and proactively protect your cloud infrastructure and applications.

Further Reading

The RealReal is the world's largest and most trusted resource for authenticated luxury resale.

EvenUp is an AI-powered legal services platform.

Anzu is the most advanced intrinsic in-game ad solution for mobile, PC, and console.