RSS for Slack
A blue circle with the Kubernetes logo inside is in the center. The background features multiple faded, overlapping Kubernetes logos on a white backdrop. The word upwind is in the top left corner.
Product

Proactively Secure Kubernetes Workloads with Upwind’s Runtime-Powered KSPM

With the rise of containerized environments and Kubernetes adoption, Kubernetes security posture management (KSPM) has risen to the forefront of cloud security posture initiates. KSPM generally requires the use of security tools or processes to help ensure the security of Kubernetes clusters, with most focusing on policies and configurations. However, this focus on static configuration […]

Abstract design featuring large overlapping circles in shades of blue, with hexagonal patterns and a grid background. The word Upwind is in the upper left corner.
Product

Easily Query Kubernetes Objects with Upwind’s Runtime Topology Map 

We’re excited to introduce a powerful new container security capability that makes it easier than ever to view and query Kubernetes objects while exploring the entire exposure path with Upwind’s runtime topology map. Upwind has always provided deep visibility into containerized resources, showing traffic by port, process, and protocol, as well as details into an […]

A red background with a white bug icon symbolizes a critical vulnerability. The text reads: Critical Vulnerability Impacting FortiOS and FortiProxy Systems (CVE-2024-55591) with Upwind logo in the top-right corner.
Research

New CVE-2024-5591 Zero-Day Exploitation of Fortinet Firewalls 

On January 14, 2025, Fortinet announced a critical vulnerability impacting its FortiOS and FortiProxy systems, CVE-2024-55591 is an authentication  bypass zero-day vulnerability that has been actively exploited since mid-November 2024, enabling attackers to hijack Fortinet firewalls and compromise enterprise networks. Successful exploitation grants remote attackers super-admin privileges via malicious requests to the Node.js websocket module. Discovery […]

Abstract pink and red circular design with a small shield icon containing a white virus symbol at the center. The image has a modern, minimalist style, accompanied by the text upwind in the top left corner.
Research

Introducing New Runtime Security Features for Modern Containerized Environments

At Upwind Security, we continuously enhance our security capabilities to address emerging threats and provide unparalleled runtime protection for containerized environments. In this update, we are excited to introduce new detection and prevention policies designed to secure workloads against sophisticated attacks.  Next-Generation Threat Detections Over the past several weeks we have added additional detection policies […]

A warning icon in a triangular shape is centered against a pink background. Text below reads: Zero-Day Exploitation of Ivanti Connect Secure VPN Devices (CVE-2025-0282 & CVE-2025-0283). The Upwind logo is in the top right corner.
Research

New Zero-Day Exploitation of Ivanti Connect Secure VPN Devices with CVE-2025-0282 and CVE-2025-0283

On January 8, 2025, Ivanti announced two critical vulnerabilities impacting its Connect Secure (ICS) VPN appliances: CVE-2025-0282 and CVE-2025-0283. Notably, CVE-2025-0282 has been actively exploited in the wild since mid-December 2024. This vulnerability, an unauthenticated stack-based buffer overflow, allows remote code execution without authentication, posing a serious risk of further network compromise. Discovery and Response […]

Illustration of a grid with two purple icons: a house on the left and a fingerprint on the right. The top left corner features the word upwind in black lowercase letters with a purple accent. The background is light with faint outlines.
Product

Introducing Upwind Dashboards: Simplify Security Monitoring & Reporting

We are introducing four powerful new dashboards in the Upwind platform to simplify monitoring and reporting for security executives. These four new dashboards each offer a high-level overview of security risk, performance over time, and prioritized risk analysis to focus you on what matters most.  Home Dashboard  This dashboard is Upwind’s new home page, providing executives with […]

An illustration with a pink background featuring a white bug icon. Text reads: Apache Tomcat Vulnerability (CVE-2024-56337) Exposes Servers to RCE. The Upwind logo is in the top right corner.
Research

Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE

Overview Apache has released a security update to address an important Apache Tomcat vulnerability (CVE-2024-56337) that could result in remote code execution (RCE) under certain conditions. This new CVE is closely tied to the earlier Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation (CVE-2024-50379), for which an incomplete mitigation was issued on December 17, […]

A geometric illustration featuring a large blue hexagon with a white abstract design in the center, surrounded by various pastel blue and red rectangles. The word Upwind is in the top left corner.
Research

Kubernetes Dashboard: Features, Security Concerns, and Best Practices

The Kubernetes Dashboard is a popular web-based interface designed to simplify the management of Kubernetes clusters. It provides an intuitive UI that allows users to view and manage cluster resources without needing to work directly with command-line tools. However, while convenient, the Kubernetes Dashboard also presents specific security risks that should be carefully managed, especially […]

Diagram featuring colorful, dotted paths connecting cloud and security icons, including AWS. The upwind logo is in the top left corner. The background is white.
Product

How Upwind Leverages AWS CloudTrail for Enhanced Threat Detection Capabilities

As a part of Upwind’s runtime-powered threat detection capabilities, the Upwind Platform integrates seamlessly with AWS CloudTrail to provide real-time monitoring and detection of cloud logs. By leveraging AWS CloudTrail Logs generated at runtime, Upwind is able to provide deep runtime context and automatically alert you to suspicious or malicious log events. What is CloudTrail? […]

Add the Upwind RSS Feed to Slack

Connect the Upwind RSS Feed to your Slack.
Follow the how-to here.