Here at Upwind, we love to hear from our customers, and one thing you’ve consistently requested is more “inside scoop” on what’s happening at Upwind and how we’re addressing emerging trends in cybersecurity. We loved this idea, so we’re launching “Inside Upwind”—a series of periodic updates from our senior executives, starting with this one from our Chief Product Officer, Joshua Burgin.

—–

Hi everyone! I’m thrilled to kick off the “Inside Upwind” series with a look at how we are actively shaping the future of cloud security. My relationship with Amiram and his team began over a decade ago when I was General Manager for the EC2 business at AWS – during their time at Spot.IO, which was later acquired by NetApp for $450M in 2020. I began advising Upwind at the company’s founding, and influenced by the vision of our team and the innovative approaches to cloud security, joined full time in January 2024.

In the last six months, I’ve dove deep into the Upwind platform and engaged with our customers, analysts, CISOs, and DevSecOps teams at events like KubeCon, Google Next, BlackHat, and RSA. These conversations have reinforced that our unique runtime-based approach to managing cloud-native environments is resonating strongly with practitioners, and clearly sets Upwind apart as a leader in cloud security.

Here at Upwind, our dedication to addressing our customers’ challenges focuses on enhancing speed, visibility, and actionability. We aim not just to provide a product but to lead a significant evolution in how organizations secure their cloud environments.

Today, I’m excited to discuss how Upwind is reshaping cloud security. Our integration of runtime and build-time contexts doesn’t just alert you—it proactively identifies risks, threats, and misconfigurations, instantly prioritizing the most critical issues and thoroughly tracing their origins. This capability has been a game-changer, enhancing productivity and empowering your development, security, and DevOps teams to excel in a secure and efficient ecosystem. Now, let’s dive into the seven ways Upwind is delivering this transformation in cloud security.

1) Reduce Noise, Prioritize Effectively

In my experience, particularly from my time leading product and engineering teams at AWS for the EC2 Spot, RI & AutoScaling businesses, managing the flood of security alerts can feel daunting. It’s almost impossible to effectively sift through and prioritize the real threats when you’re doing it by hand. At Upwind, we achieve a remarkable 95% reduction in noise by combining runtime context with build-time intelligence. This unique approach not only streamlines the alert process but also sharpens the precision in identifying critical vulnerabilities. This means that teams can focus where it counts, significantly boosting productivity and impact compared to other top-tier tools.

Frame-30159-1024x653

2) Unparalleled Visibility

From my earliest career days at Amazon.com, where I was a software engineer and one of the first 100 employees, I learned how crucial visibility is for robust security management. At Upwind, we offer a clear view into every corner of your PaaS and IaaS environments. Our service-aware Infrastructure Topology & Dependency Map provides not just a detailed timeline but also a comprehensive history of changes. This level of detail empowers teams with the deep context needed to make well-informed decisions, which I’ve found invaluable in efficiently securing cloud infrastructure.

Frame-30159-1-1024x653

3) Elevate API Security

During my time at Zynga, where I ran an internal game services platform, including an in-game advertising platform, APIs were crucial. They not only connected all our game studios but also facilitated interactions with external third parties via our APIs. From this experience, I know firsthand that APIs are the lifeblood of modern applications but also pose significant security risks. At Upwind, we automatically discover your complete API catalog and sensitive data flows. 

We then bolster your API security with a comprehensive approach designed to identify and mitigate trending & critical vulnerabilities, high-impact attacks, common targets for attackers, and frequent coding errors made by developers. This includes rigorous, automated scans based on the OWASP (The Open Worldwide Application Security Project) Top 10 list & combined with targeted tests covering hundreds of “Common Weakness Enumerations” (CWEs – a category system for hardware and software weaknesses and vulnerabilities).

Screenshot-2024-05-14-at-10.25-1-1024x449

4) Effortless Baseline Establishment

In my experience, whether working with e-commerce giants, SaaS vendors, or diverse enterprises across industries, I’ve seen how critical it is to establish a clear baseline for network, processes, files, and database connections quickly and efficiently. At Upwind, we streamline this essential step. With as little effort as using a Terraform/CloudFormation script or deploying a Helm chart, you can swiftly gain a comprehensive understanding of your environment’s baseline. This not only provides immediate value in understanding your application behavior, but also activates our anomaly detection capabilities, which automatically identify unusual behaviors or communications. This enables teams of all kinds to act swiftly and decisively against potential threats.

Compute-1024x683

5) Identity Dependency Mapping:

In my work across various platforms, including multi-cloud environments as enterprises like VMware, I’ve recognized that identity really is the new perimeter in today’s digital landscape. At Upwind, we ensure that you have crystal-clear visibility of all identity dependencies, from your Identity Providers (IdP) to Resources, covering both human and non-human identities. Our platform significantly narrows your attack surface, enhances governance, and sets you on the path to compliance from day one. This holistic view is essential not just for security but for operational efficiency across any cloud environment.

Frame-30159-4-1024x653

6) Externally Exposed Asset Management:

In today’s interconnected world externally exposed assets can become prime targets for attackers. I’ve seen this firsthand – whether at major tech firms or smaller startups and even my time in tech at a Cancer Research Center. Upwind offers a clear and intelligent overview of all your externally exposed cloud assets, correlating them with their vulnerabilities, permissions, and behaviors. This enables you to immediately identify and remediate the most critical business risks with confidence. It’s about turning what could be a security weakness into a controlled, defendable front.

Frame-30159-5-1024x653

7) Bonus: Network Spending Optimization:

Did you ever think a security platform could also help slash your network spending? I sure didn’t, until I joined Upwind. Now, by monitoring all your cross-AZ/Region traffic, Upwind can reduce your network costs by 25%-40%. That’s money you can funnel into those game-changing strategic initiatives. This insight gave me flashbacks to my days running EC2 Spot at AWS, interacting with the Spot.IO team — yep, the very same wizards who founded Upwind. They opened my eyes to what’s possible. Surprise and delight? At Upwind, absolutely.

Frame-30159-6-1024x653

Customer Quotes:

But don’t just take our word for it. Hear what our customers have to say:

“Within minutes of deployment, we had real-time protection of our entire infrastructure. The entire process using Upwind was incredibly simple.”

– Alon Reznik, Chief Architect, Rivery

“Upwind provides a level of visibility and context I have never seen before in a solution.”

– Gal Aviv, CTO & GM, Digital Turbine

“Upwind makes it seamless to view and protect all our cloud infrastructure. The visibility and context Upwind provides has made it easy for us to secure multi-architecture environments all from one centralized location.”

– Rinki Sethi, VP & CISO, Bill.com

Conclusion:

Thank you for taking the time to read about how Upwind is transforming cloud security. Every discussion I’ve had and every customer I’ve engaged with since joining has reaffirmed my decision. With Upwind, cloud security is not just a checkbox—it’s a strategic advantage. 

Experience the difference for yourself and see a live demo. Give us an hour, and we’ll show you what you’ve been missing.

I’m excited about the road ahead and hope you’ll join us on this journey. And remember, this is just the beginning—stay tuned for more insights in future “Inside Upwind” updates.