Redefining Cloud Security with Cloud Application Detection & Response (CADR) Traditional cloud security approaches struggle to keep up with today’s evolving threats. Cloud Application Detection & Response (CADR) is changing the game—leveraging real-time insights to enhance protection and response capabilities. Join Analyst James Berthoty and Upwind CPO Joshua Burgin for an exclusive discussion on how CADR is transforming cloud security and what it means for your organization. […]

It’s not every day that a surf session in Maui turns into a sponsorship. But that’s exactly how we met Tom Reuveny—Israel’s first-ever Olympic gold medalist in iQFoil windsurfing and now, the newest member of the Upwind family. After his historic win at the 2024 Paris Olympics, Tom did what any world-class athlete might do: […]

We are thrilled to introduce the future of API security with real-time, advanced API threat detection. As API-driven architectures continue to evolve, organizations need proactive, intelligent defenses that move beyond traditional detection methods. Upwind’s latest innovation represents a shift toward real-time, runtime security – ensuring threats are identified and mitigated before they can impact critical […]

We are thrilled to announce a major breakthrough in AI security with the release of Upwind GenAI Security.​ AI is transforming industries at an unprecedented pace, but without the right security measures, it becomes an ungoverned risk. Organizations need purpose-built protections that evolve with the complexity of AI workloads. This is a first-of-its-kind solution that […]

In today’s fast-paced DevOps world, security can no longer be an afterthought. Shift Left Security aims to integrate security checks earlier in the software development lifecycle, ensuring vulnerabilities are detected and remediated before they reach production. In this article, we explore how Upwind Shift Left seamlessly integrates into a GitHub Actions CI/CD pipeline, automating image […]

Kubernetes administrators take note: a critical set of vulnerabilities in the popular ingress-nginx controller—collectively dubbed “IngressNightmare”—could put your entire cluster at risk. In particular, CVE-2025-1974, with a CVSS score of 9.8, allows attackers to take over Kubernetes clusters simply by exploiting the Validating Admission Controller feature. Because ingress-nginx runs in roughly 40% of Kubernetes deployments, […]

Next.js middleware plays a key role in securing applications by enforcing authentication, managing access control, and applying security headers. However, a newly discovered vulnerability, CVE-2025-29927, allows attackers to bypass these protections entirely using a manipulated HTTP header. Affected Versions This flaw affects the following versions: The Core Issue Next.js prevents infinite middleware loops by tracking […]

Cloud security teams are drowning in alerts, struggling to prioritize real threats among endless notifications. To help security professionals cut through the noise, we are thrilled to announce major enhancements to our Threats Module, further empowering security professionals to understand deep context for every threat detection, identify emerging threat actors, and respond to threats faster.  […]

In today’s rapidly evolving cloud environments, maintaining a robust security posture is more critical than ever. Traditional Cloud Security Posture Management (CSPM) solutions have played a pivotal role in identifying misconfigurations and policy violations within cloud infrastructures. However, as cloud architectures become increasingly dynamic, the sheer volume of misconfiguration findings can present an insurmountable challenge […]

We are excited to announce a new addition to Upwind’s built-in integrations, seamlessly connecting Upwind and Splunk. This new integration makes it easier than ever to export Upwind’s runtime-powered findings to your SIEM. What is Splunk? Splunk is a security information and event management (SIEM) platform designed to search, monitor, and analyze machine-generated data from […]