Upwind

Upwind’s stated mission is to build the world’s best cloud security platform. The company aims to simplify the security of cloud and AI environments by leveraging its team’s deep experience in DevOps and cloud infrastructure. Upwind’s goal is to make securing cloud and AI as straightforward as consuming it.

Upwind focuses on providing a runtime-powered cloud security platform that helps security professionals identify the root causes of security issues. The platform is designed to offer context around application and infrastructure behavior. Upwind has garnered a positive market reputation, with users and industry analysts recognizing its innovative approach to cloud-native application protection. The company is noted for its rapid growth and for integrating multiple security tools into a single platform.

Offerings, Capabilities, and Integrations

Upwind provides a comprehensive Cloud Native Application Protection Platform (CNAPP) that secures cloud deployments, configurations, and applications from build-time to runtime. Upwind’s platform is designed to provide real-time visibility and threat detection within cloud environments. A key competitive differentiator for Upwind is its runtime-powered approach, which uses runtime intelligence to prioritize the most critical risks, significantly reducing alert noise and allowing security teams to focus on immediate threats. This focus on runtime context enables more accurate risk prioritization and faster root cause analysis. The platform offers agentless visibility, ensuring broad coverage across distributed environments without creating gaps. Upwind integrates with a variety of tools within the cloud ecosystem, including CI/CD pipelines, SIEM platforms like Splunk and Datadog, and notification tools such as Jira and Slack, to create a more efficient and seamless cloud security experience. Upwind supports major cloud providers, including AWS, Azure, and GCP.

Products and Services

Upwind’s core offering is its Cloud Security Platform, a comprehensive CNAPP that consolidates multiple security capabilities into a single solution. This platform is designed to provide end-to-end security for cloud infrastructure and applications.

• Cloud Security Posture Management (CSPM): Upwind’s CSPM capabilities help detect and remediate misconfigurations and compliance gaps across cloud environments before they can be exploited.
• Cloud Workload Protection Platform (CWPP): The platform provides real-time protection for cloud workloads, including containers and Kubernetes environments, by monitoring processes and activities.
• Vulnerability Management: Upwind identifies vulnerabilities in cloud infrastructure and applications, using runtime context to prioritize fixes based on actual usage and exposure.
• API Security: Upwind offers capabilities to discover, manage, and protect APIs in real-time. This includes automated API catalog creation, sensitive data classification, and threat detection at the application layer. It also includes Dynamic Application Security Testing (DAST) to proactively find vulnerabilities.
• Cloud Detection and Response (CDR): The platform provides real-time threat detection and response, enabling security professionals to identify the source of security issues quickly.
• Identity Security: Upwind provides visibility into identities and baselines their behavior to better understand and secure access.
• GenAI Security: A newer offering includes security for Generative AI workloads and applications by monitoring communication paths, reducing the attack surface with specific posture rules, and detecting advanced threats.

Target Customers

Upwind’s target customers are organizations that operate in cloud environments and require robust security solutions. This includes mid-market companies and Fortune 500 enterprises. The platform is designed for collaboration between security, DevOps, and engineering teams. Companies undergoing cloud migration can also benefit from Upwind’s platform to secure their transition and ongoing cloud presence. The primary users within these organizations are security professionals who need to navigate complex cloud environments and quickly get to the root cause of security issues. Customers benefit from Upwind’s platform by gaining comprehensive visibility into their cloud infrastructure, reducing alert fatigue by focusing on critical risks, and improving their overall cloud security posture and compliance rates.

Cloud Integrations and Marketplaces

Upwind offers a range of cloud integrations and is present on the major cloud marketplaces.

• AWS: Upwind integrates with multiple AWS services, including Amazon EKS, Amazon RDS, VPC endpoints, and AWS GuardDuty. It also utilizes AWS CloudTrail for real-time monitoring and compliance tracking. The Upwind Cloud Security Platform is available on the AWS Marketplace.
• Google Cloud: Upwind integrates with Google Kubernetes Engine (GKE) control plane logs to detect malicious API calls. The Upwind Cloud Security Platform can be purchased directly through the Google Cloud Marketplace.
• Microsoft Azure: Upwind provides native integration with Azure Log Analytics and Activity Logs for enhanced threat detection. It also offers agentless cloud scanners for Azure environments. Upwind is available for purchase on the Microsoft Marketplace.

Beyond the major cloud providers, Upwind also integrates with other tools and platforms to streamline security workflows.

• Collaboration and Ticketing: Upwind integrates with Jira to automatically create and update tickets and with Slack to send real-time alerts to specific channels.
• CI/CD: It offers an integration with GitHub Actions to correlate continuous integration events with artifacts in the cloud runtime environment.
• SOAR and Automation: Upwind connects with SOAR (Security Orchestration, Automation, and Response) platforms like Intezer, Zest, and Tines to automate investigation and response processes.

Key People

• CEO & co-Founder: Amiram Shachar
• CTO & co-Founder: Tal Zur
• CRO & co-Founder: Lavi Ferdman
• Chief Architect & Co-Founder: Liran Polak
• Chief Product Officer: Joshua Burgin
• Chief Security Officer: Rinki Sethi
• Senior Vice President Of Engineering: Nadav Naor
• SVP R&d Operations: Dan Yahav
• VP of Product: Jonathan Cohen
• Vice President, NA Sales: Max Stevens
• Chief Of Staff: Tomer Hadassi

Key Facts

• Headquarters Location: San Francisco, California.
• Number of Employees: 200-250.
• Annual Revenue: Approximately $52.4 million.
• Parent Company: None.
• Subsidiary Companies: Nyx Security.
• Publicly Listed: No.

Analyst Recognition

Upwind has been recognized by the following analyst groups:

• Gartner: Upwind is included in the Cloud-Native Application Protection Platforms (CNAPP) category. Upwind was named a Sample Vendor in three 2025 Gartner Hype Cycle reports: for Workload and Network Security, for Container Technologies, and for Platform Engineering. Gartner also included Upwind as a representative vendor in its 2025 Market Guide for Cloud-Native Application Protection Platforms.
• Forrester: Upwind was mentioned in Forrester’s 2025 CNAPP Solutions Landscape.

There is no publicly available information regarding recognition of Upwind by IDC or Everest Group.