Cloud security teams are being asked to do more than ever. They need to prove compliance against growing regulatory demands, reduce configuration risk, and keep cloud environments lean, secure, and aligned with how they were actually designed to operate. That is why we are excited to introduce several new frameworks now available in Upwind’s Configurations […]

When something changes in your cloud security platform, the first question is almost always the same: What happened and who did it? Upwind Audit Logs gives security and platform teams a centralized, searchable record of user-driven actions across the Upwind platform, including activity performed through the UI or Public API. The result is clearer accountability, […]

Cloud teams are moving fast on Azure PaaS to reduce operational overhead—serverless containers with Azure Container Apps and managed web apps with Azure App Services. But that speed often comes with a tradeoff: security visibility and detection can lag behind because you don’t have the same host access or deployment patterns you’d expect in Kubernetes […]

Personalize your view—without compromising RBAC, ownership, or auditability. We’re excited to share that Custom Dashboards are now available to all customers. This is an important step in Upwind’s Enterprise readiness, giving teams the ability to tailor how they consume insights based on role, responsibility, and priority—turning existing widgets into personalized, actionable dashboards. Overview Upwind’s Custom […]

Executive Summary In February 2026, an autonomous bot named hackerbot-claw exploited insecure GitHub Actions configurations across multiple high-profile repositories. The campaign abused unsafe pull_request_target triggers, unsanitized inputs, dynamic shell execution, and overprivileged GITHUB_TOKEN permissions to achieve remote code execution (RCE) in GitHub-hosted runners. Across at least six repositories, the bot successfully executed arbitrary commands, and […]

The Problem Nobody Wants to Admit  More data doesn’t automatically mean better security. It often means more homework. Anyone who has sat in a security engineering seat knows the drill: map private to public IPs, line up container IDs with hosts, connect GUIDs to service accounts, and reconcile correlation IDs across distributed apps. Each source […]

Upwind is now live inside AWS Security Hub Console. I’m incredibly excited to announce one of the biggest milestones in our company’s journey.  This tells us we’re on the right path to being the best cloud security company in the world. There isn’t any better validation.  Starting today, Upwind is one of roughly ten companies […]

Upwind’s Image Layers capability gives you deep visibility into how container images are built—so you can assign vulnerability ownership correctly, find root cause faster, and remediate issues more effectively across teams. Most tools only show the final image state. Upwind breaks images down layer by layer, so you can see exactly where a vulnerability was […]

Kubernetes environments move fast. Deployments happen constantly—through CI/CD pipelines, GitOps workflows, and direct kubectl commands. And when a misconfiguration slips in (a privileged pod, a missing required label, a deprecated API version), it can become a security incident in minutes. Until now, most teams have relied on post-deployment scanning to catch these issues. The problem: […]

Executive Summary In a single day, six vulnerabilities were disclosed in n8n, spanning remote code execution, command injection, arbitrary file access, and cross-site scripting. All six issues affect authenticated functionality and repeatedly break isolation between workflows, configuration, and the underlying host. This is not random disclosure noise, it’s a clear signal of systemic security weaknesses […]