Cloud environments don’t care about your org chart, and neither do attackers. Whether your workloads run on AWS, Azure, or GCP, your security team needs to investigate threats, query inventory, and understand risk without mentally translating between three different provider schemas. That translation work is slow, error-prone, and reduces time to remediation. Today, we’re excited […]

If you’re running workloads in Azure, chances are your security team has a solid handle on what’s configured. Resource settings, network rules, identity policies it’s all there in your posture management dashboard. But here’s the question that keeps security leaders up at night: do you know what’s actually happening? Configuration snapshots are great at telling […]

Last year, we launched full security support for Google Cloud Run bringing posture management, real-time threat detection, vulnerability management, inventory discovery, and topology mapping to serverless container workloads. Teams using Cloud Run got the same Upwind coverage they already relied on for VMs and containers. Now we’re making that experience even simpler. With direct tracer […]

RSAC 2026 drew 43,500 attendees, 600+ exhibitors, and enough AI announcements to fill a small data lake. But the conversations that mattered most didn’t happen on the main stage. They happened in hallway pull-asides, over bad coffee, at HH and during blunt one-on-ones with security leaders who are done being marketed to and ready to […]

You’ve invested in security tools and surfaced thousands of findings. Yet, when the board asks if the organization’s cloud risk is improving, the answer is a number without a story. When you need engineering to prioritize fixing issues, your request competes with every other item in an already-strained backlog. Finding issues isn’t the problem. The […]

The industry has a “shift left” problem. We’ve become excellent at scanning images and generating massive spreadsheets of vulnerabilities. But for most security teams, a scan result is just the start of a forensic investigation. You find a critical CVE, but then the real work begins:  Is this in the base image?  Did a developer […]

The industry has a snapshot problem. Static analysis and SCA tools tell you what might happen based on a manifest, but once a function is triggered, the execution environment becomes a black box. For most security teams, Lambda security is a “hope for the best” strategy. The “Old Way” relies on coarse-grained IAM policies and […]

At Upwind, our goal has always been to provide deep visibility into your cloud environment without the “dashboard fatigue” that plagues so many security teams. We know that in the heat of a security incident, every second counts—and every click matters. That’s why we’ve rolled out a series of Platform Navigation Updates designed to make […]

TL;DR: Agentic security is the use of autonomous AI systems that detect, triage, and respond to threats without human intervention, which introduces a new category of operational risk. The most valuable security skill in 2026 is not prompt engineering or AI fluency. It’s consequence engineering: the ability to anticipate what happens when an autonomous system […]

Executive Summary Our researchers and MDR team identified an npm supply chain attack involving malicious axios packages that leads to the execution of a Python-based payload on infected machines. The malware fingerprints the host, collects basic system and user environment data, and then communicates with attacker-controlled infrastructure to receive follow-on instructions. Rather than acting noisily, […]