By leveraging application context from runtime into CI/CD pipelines, Upwind allows customers to build and deploy software faster and more securely than ever.
SAN FRANCISCO, CA / ACCESSWIRE / December 5, 2024 / Upwind has announced the launch of Upwind Shift Left, a new capability in its platform that integrates cloud runtime context into CI/CD pipelines. This advancement enables teams to identify and prioritize vulnerabilities during build time, reducing risks before software reaches production without creating any noise and unnecessary work for developers.
Traditional Shift Left tools focus on catching misconfigurations and vulnerabilities during development, often creating excessive alerts without clear prioritization nor remediation, leaving teams uncertain about which issues require immediate attention. Upwind Shift Left addresses this by incorporating cloud infrastructure and applications runtime context-such as actual app usage patterns, internet exposure, actual ports being in use, application endpoints (APIs) exposure, the existence of sensitive data, and any real indication of exploitation -directly into build-time security assessments.
This feature helps development teams evaluate vulnerabilities at build stage based on their real-world impact. For each new build, the platform uses runtime context to recommend one of three actions: proceed with deployment, proceed with caution, or hold deployment for critical fixes.
Upwind Shift Left integrates directly into developers’ build pipelines (Jenkins, CircleCI, GitHub Actions and more), providing seamless analysis of new builds and ensuring a clear view of any changes in security posture. This approach streamlines workflows by prioritizing issues that pose the highest risk while reducing unnecessary delays.
“Upwind Shift Left builds on our runtime foundations,” said Amiram Shachar, Co-founder and CEO of Upwind. “By integrating runtime context from APIs and real exposure analysis into development pipelines, we’re enabling developers to move faster while powering security teams to minimize the risk of critical vulnerabilities making it to production.”
“At Upwind, we believe in tackling the real-world pain points that our customers face,” said Joshua Burgin, Chief Product Officer at Upwind. “With Upwind Shift Left, we’re not just adding another layer of data – we’re providing actionable insights, powered by runtime context, that enable teams to make smarter decisions at the speed of development. This capability is a true step forward in security, ensuring that the risks that matter most are prioritized, not just analyzed. It’s about delivering value, not just information.” –
Upwind Shift Left extends Upwind’s comprehensive CNAPP (cloud security platform), offering numerous security functionalities, including Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP), Cloud Detection and Response (CDR), vulnerability management, identity security, and container security. Upwind was the first to include and identify the importance of API security and deep application runtime context as part of a CNAPP.
About Upwind
Upwind is the next-generation cloud security platform that helps organizations run faster and more securely. Upwind combines the power of cloud security posture with runtime context and real-time protection- enabling security teams to prioritize critical risks and fix them faster. Upwind was founded by Amiram Shachar and his founding partners from Spot.io (which was sold to NetApp for $450 million) and is backed by top cybersecurity investors Greylock, Cyberstarts, Leaders Fund, Craft Ventures, Cerca Partners, and Sheva, a VC fund founded by former NBA player Omri Casspi. The company has secured $180 million in funding since its founding in 2022.
For more information or to schedule a demo, visit http://www.upwind.io.
Contact Information
Mia Balaban
[email protected]
Source: Upwind