Get a Demo
Under Attack?

Upwind’s Runtime Vulnerability Management

<br />
<b>Warning</b>:  Undefined variable $photo in <b>/nas/content/live/landing173/wp-content/themes/bricks/includes/elements/code.php(236) : eval()'d code</b> on line <b>33</b><br />
<br />
<b>Warning</b>:  Trying to access array offset on value of type null in <b>/nas/content/live/landing173/wp-content/themes/bricks/includes/elements/code.php(236) : eval()'d code</b> on line <b>33</b><br />
Denise Ashur September 05, 2023

Upwind’s Runtime Vulnerability Management

Contents

Further Reading

KSPM-Agentless-Scanning

Complete KSPM: From Pull Request to Production Runtime

Kubernetes environments move fast. Workloads appear and disappear, container images change continuously, services are exposed, permissions evolve, and development teams deploy updates throughout the day. But most cloud security platforms force practitioners to investigate Kubernetes risk through interfaces designed for the broader cloud, leaving teams to manually filter the noise before they can begin investigating…
Upwind MCP Server

Revolutionizing Security Investigations with the Upwind MCP Server

Frontier AI models combined with a rampant rate of new critical vulnerabilities mean speed and context are everything. When a critical production service starts behaving suspiciously, every second spent jumping between different tools and dashboards is a second lost to a potential attacker. At Upwind, we are excited to introduce a game-changer for security teams:…
Security Feed - Threat

No npm Token Required: Inside the AsyncAPI Supply Chain Attack

Executive Summary Upwind identified a critical supply chain compromise across five npm packages in the @asyncapi scope, published on July 14, 2026 via two separate branch compromises in two GitHub repositories. The attacker never touched an npm token. They abused each project's own CI pipeline through GitHub Actions OIDC to publish the malicious packages. The…