We are excited to introduce a new capability that enables you to bring-your-own version control system to the Upwind platform – which integrates rich context from pull requests and build-time activities directly into our cloud infrastructure security platform.
Upwind offers unprecedented end-to-end visibility of your cloud infrastructure and applications, marrying intelligence from both build time and runtime to quickly prioritize your most critical risks and pinpoint the root cause of risks and threats. Leveraging SDLC context, Upwind can immediately identify the exact pull request and developer who pushed new code and correlate it with the resulting runtime changes. By leveraging both runtime and SDLC, Upwind gives you the ability to streamline investigations, get to the root cause of risks 10x faster, reduce time to remediation and improve team collaboration.
Leverageraging SDLC Context in the Upwind Platform
The Upwind Cloud Security Platform is powered by both SDLC and runtime context, and this end-to-end intelligence is seen in numerous areas of the platform.
Inventory:
- Discover the images your resources are using at runtime and view historical information about their changes through CI/CD pipelines.
- Search for vulnerable packages, understand where they exist in your environment, and identify which developer made the pull request that introduced the vulnerability.
Vulnerabilities
- Get to the root cause of every vulnerability finding 10X faster with SDLC context on how it got into your environment.
- Improve accountability by clearly identifying who introduced a vulnerability and when, and encouraging best practices and ownership among developers.
Threats
- Correlate threat detections with changes in your application by analyzing SDLC changes that introduced real risks.
- Enable your threat detection team to perform automated actions and respond to threats in real-time, while giving them the ability to solve the issue at the root in parallel.
Use this capability to understand how SDLC influences the security of your production environment, including what changed in your application, when and by whom; along with what additional vulnerabilities or risks were introduced. Streamline your investigation progress with built-in root cause analysis, and receive build-time context with every finding.
To learn more about Upwind’s support for custom CI and version control integrations, visit the Upwind Documentation Center (login required) or schedule a demo.
