Securing a modern Google Cloud environment demands both breadth and depth: broad visibility across services, and deep insight into workload behavior. However, gaining this level of coverage without introducing operational overhead is often a challenge—especially in environments where deploying runtime agents is difficult or impractical. While there are other ways to get started quickly with […]

We are excited to announce that Upwind now supports Google Cloud Run. This addition reflects our commitment to delivering comprehensive, modern cloud security – no matter where or how your applications run. With this update, all core capabilities within the Upwind Platform are now available for workloads deployed on Google Cloud Run.  What is Google […]

We are excited to announce a new capability in the Upwind platform, providing organizations with deep visibility into Kubernetes’ ingress traffic to identify exposures and risks. Traditional security systems often fall short in providing comprehensive visibility into how Kubernetes ingress services distribute incoming internet traffic within a cluster, leaving potential blind spots that malicious actors […]

Redefining Cloud Security with Cloud Application Detection & Response (CADR) Traditional cloud security approaches struggle to keep up with today’s evolving threats. Cloud Application Detection & Response (CADR) is changing the game—leveraging real-time insights to enhance protection and response capabilities. Join Analyst James Berthoty and Upwind CPO Joshua Burgin for an exclusive discussion on how CADR is transforming cloud security and what it means for your organization. […]

It’s not every day that a surf session in Maui turns into a sponsorship. But that’s exactly how we met Tom Reuveny—Israel’s first-ever Olympic gold medalist in iQFoil windsurfing and now, the newest member of the Upwind family. After his historic win at the 2024 Paris Olympics, Tom did what any world-class athlete might do: […]

We are thrilled to introduce the future of API security with real-time, advanced API threat detection. As API-driven architectures continue to evolve, organizations need proactive, intelligent defenses that move beyond traditional detection methods. Upwind’s latest innovation represents a shift toward real-time, runtime security – ensuring threats are identified and mitigated before they can impact critical […]

We are thrilled to announce a major breakthrough in AI security with the release of Upwind GenAI Security.​ AI is transforming industries at an unprecedented pace, but without the right security measures, it becomes an ungoverned risk. Organizations need purpose-built protections that evolve with the complexity of AI workloads. This is a first-of-its-kind solution that […]

In today’s fast-paced DevOps world, security can no longer be an afterthought. Shift Left Security aims to integrate security checks earlier in the software development lifecycle, ensuring vulnerabilities are detected and remediated before they reach production. In this article, we explore how Upwind Shift Left seamlessly integrates into a GitHub Actions CI/CD pipeline, automating image […]

Kubernetes administrators take note: a critical set of vulnerabilities in the popular ingress-nginx controller—collectively dubbed “IngressNightmare”—could put your entire cluster at risk. In particular, CVE-2025-1974, with a CVSS score of 9.8, allows attackers to take over Kubernetes clusters simply by exploiting the Validating Admission Controller feature. Because ingress-nginx runs in roughly 40% of Kubernetes deployments, […]

Next.js middleware plays a key role in securing applications by enforcing authentication, managing access control, and applying security headers. However, a newly discovered vulnerability, CVE-2025-29927, allows attackers to bypass these protections entirely using a manipulated HTTP header. Affected Versions This flaw affects the following versions: The Core Issue Next.js prevents infinite middleware loops by tracking […]