Securing a modern Google Cloud environment demands both breadth and depth: broad visibility across services, and deep insight into workload behavior. However, gaining this level of coverage without introducing operational overhead is often a challenge—especially in environments where deploying runtime agents is difficult or impractical. While there are other ways to get started quickly with […]

We are excited to announce that Upwind now supports Google Cloud Run. This addition reflects our commitment to delivering comprehensive, modern cloud security – no matter where or how your applications run. With this update, all core capabilities within the Upwind Platform are now available for workloads deployed on Google Cloud Run.  What is Google […]

As cloud workloads grow more dynamic and distributed, it becomes increasingly difficult to maintain control over data privacy and security. That’s especially true for healthcare applications deployed in containerized environments, which depend on container security measures and real-time protection to protect sensitive data. For organizations handling protected health information (PHI), ensuring compliance with HIPAA in […]

Secure coding, writing software to minimize vulnerabilities, is a shift-left development approach that can deliver applications resistant to exploitation. To actualize that promise, teams will need to do more than wave a magic “secure coding” wand — they’ll face ongoing challenges like scaling secure code across teams and balancing resource-intensive needs with development realities. Best […]

How can teams achieve infrastructure security beyond misconfigurations? Can IaC scan for compliance benchmarks? Can it distinguish between a hardcoded secret and a placeholder?  We’re going beyond the basics of infrastructure as code (IaC) scanning to break down some tangible trade-offs and deeper questions that security teams will face as they work to perfect the […]

Architectural patterns. Advanced kernel-level mitigations. Continuous integrity management. Supply chain security. There’s a lot that goes into Linux security. And all those pieces need to be coupled with strategic initiatives, like zero-trust architectures and scaling security policies.  This essential guide to Linux security topics starts with the common hardening basics, but also touches on more […]

Kubernetes audit logs are a cornerstone of cluster visibility. They capture the who, what, and when of user and service activity. But their sheer volume and complexity often create bottlenecks for security teams trying to distinguish meaningful anomalies from routine noise. We’re going deeper into the role of Kubernetes audit logs in DevSecOps workflows, exploring […]

Cybersecurity vulnerabilities have been tracked since 1999, when the Internet Category of Attack (ICAT) toolkit began compiling attack scripts and made them available to developers to look up easily. ICAT evolved into the National Vulnerability Database (NVD) of today, holding over 150,000 vulnerabilities and adding tens of thousands more annually. Beyond the basics, we’re going […]

We’ve discussed zero-day attacks, but understanding the vulnerabilities that give rise to these unforeseen intrusions is the key to shutting down attacks before they occur. Vulnerabilities are not inherently dangerous on their own, but are the flaws without which hacks and business disruptions could not happen. Their threat lies in their complete obscurity to vendors, […]

Zero-day attacks take advantage of vulnerabilities before they’re even recognized, let alone fixed. That essentially weaponizes the unknown against systems and networks. Understanding zero-day attacks calls for embracing unpredictability. So for security leaders, grappling with zero-day attacks is less about chasing perfection and more about cultivating resilience-building systems and strategies capable of withstanding the unexpected, […]