Introducing The Next Generation of Shift Left Security, Powered by Runtime

Diagram showing a grid of 25 pink circles with warning symbols on the left transforming into a grid of 25 circles with only two pink warning symbols on the right. Arrows indicate transition from left to right. Upwind is in the top left corner.

Today, we’re thrilled to introduce Upwind Shift Left – a major new capability in the Upwind platform that brings the power of runtime intelligence to CI/CD pipelines, transforming how teams secure their software at every step. By marrying real-world runtime context with build-time best practices, this next-generation solution redefines shift left for modern cloud security. […]

Proactively Secure Your Kubernetes With Upwind’s Vulnerability Management

Illustration of a shipping container with a Kubernetes logo, labeled MyPod, illuminated by a spotlight. The scene has a digital, futuristic feel with a dark blue and white color scheme. The word Upwind is in the top right corner.

Upwind’s runtime vulnerability management leverages real-time, runtime insights and correlates them with CI/CD and DevOps context, giving you end-to-end visibility and protection for Kubernetes and associated workloads.  Upwind’s vulnerability management intelligently prioritizes your most critical vulnerabilities based on real environmental factors, cutting out around 95% of alert noise to focus on the risks that pose […]

Deep Dive: CVE-2024-37902 and Potential Impact on DeepJavaLibrary Users

A warning sign labeled DJL DeepJavaLibrary CVE-2024-37902 stands on a sandy beach with palm trees. In the background, a large wave crashes, and a surfboard is visible in the surf.

AWS announced today, June 17, that there is a potential security issue with archive extraction utilities in DeepJavaLibrary versions 0.1.0 through 0.27.0 that could allow an attacker to tamper with your system. What is DeepJavaLibrary? DJL is a free, open-source library by AWS used for building deep learning models in Java. It provides easy-to-use tools […]

Prioritize & Eliminate Critical Risks with Upwind

Upwind brings a new approach that redefines the speed, visibility and actionability of cloud security, cutting 95% of alert noise to help you focus on your most critical risks. The Upwind Cloud Security Platform gives you the ability to: Accelerate productivity and empower your Dev, Security, and DevOps teams to innovate within a secure & […]

Master Risk Prioritization by Leveraging Insights into Runtime Facts & Critical Cloud Misconfigurations

A surfboard labeled CI floats in the center of a circular formation of sharks, silhouetted against a blue background with a light gradient. The word upwind is in the top right corner.

In today’s increasingly cloud-centric business landscape, securing your cloud environment is crucial. The growth and dynamic nature of attack surfaces often make it difficult for security teams to identify and address their most critical risks, resulting in a lack of clear prioritization and delaying remediation. Upwind’s Cloud Security Platform actively addresses this challenge by leveraging […]

Evaluate Your Vulnerability Resolution Over Time

A promotional graphic for Upwind featuring the text Evaluate Your Vulnerability Resolution Over Time. It shows colorful umbrellas and abstract shapes against a gradient blue to sand-colored background.

We are excited to announce a new section in the Upwind Platform – the Vulnerability Dashboard.  The Vulnerability Dashboard will give you the ability to see both an overview of your current critical vulnerabilities and the state of your vulnerabilities over time.  Get an instant overview of your current vulnerabilities, including: The Vulnerability Dashboard will […]

Upwind takes over ArgoCD and an EKS Cluster Using Only A Simple CSRF Vulnerability

Illustration of a smiling cartoon character with headphones emerging from a hole in sandy terrain, resembling a computer vulnerability. Text reads ArgoCD Vulnerability with a subtitle about exploiting a CSRF vulnerability to take over ArgoCD and EKS clusters.

In recent weeks, Upwind’s research team dug into Argo CD, our research revealed two batches of vulnerabilities, specifically critical security vulnerabilities in Argo CD, including Cross-Site Request Forgery (CSRF) impacting GET, POST, and PUT requests, and Remote Code Execution (RCE) capabilities.  These vulnerabilities opened doors to unauthorized exposure and manipulation of sensitive data within Kubernetes […]

Reduce Attack Surfaces with Distroless Images – Part 1

A tropical beach scene with palm trees and a large ocean wave. In the foreground, a red warning sign reads Attack Surface Reduction Part 1 with a wave graphic above the text.

Upwind pioneered a method to streamline patch management and significantly reduce vulnerabilities for Upwind users through leveraging runtime data. When it’s challenging to eliminate unneeded binaries and artifacts from applications, there are two strategies available: Both approaches aim to minimize image size and reduce the attack surface, while Distroless images require no patching, no upgrading […]

Visualize Internet Exposure Paths in Real-Time

Surfboards with a globe icon and U logo lean against palm trees against a blue sky. The text reads, Visualize Internet Exposure Paths in Real-Time with the Upwind logo above.

We are excited to announce a new capability – real-time Internet exposure path visualization. This new capability visualizes exposure paths from the Internet for AWS resources, showing you the entire exposure path through Internet gateways, routing tables, security groups and load balancers. This gives you the ability to identify attack paths and better prioritize vulnerabilities […]

Abstract illustration of a windsurfer with a gradient sail, blending red, blue, and purple, on a light blue background. The word upwind is displayed in the top left corner.

Welcome 🤙

Looking to create a secure cloud environment to accelerate your business?

Download our CNAPP Guide