Upwind Expands to Sydney: Real Time Cloud Security for APJ

Every significant change in technology has brought about an escalation in the way threat actors operate and in the defensive capability required to defend against new types of attacks. Traditional defensive tools, typically based on recognising malware signatures or specific characteristics to identify threats, are no longer effective. Cybercriminals can use generative AI tools to create unique payloads that defy many detection techniques.

The major focus for security teams has been on misconfigurations in the cloud and scanning software code to find the issues, weaknesses and vulnerabilities in the code. And that's becoming increasingly complex as developers are creating code with AI which can introduce new code faster than ever before.

Yarin Pinyan, Co-Founder and VP of Product at Upwind Security, says those static methods of vulnerability and threat detection are no longer enough.

"If you're securing once every 24 hours, you're securing yesterday. You're not securing today. You're not securing tomorrow," he says. "Security needs to be deployed at run time."

Over the last two years, more zero-day vulnerabilities have been detected than in the decade before. And with software code, in the cloud and in on-prem systems, being developed and deployed faster than ever before the number of zero-day threats is set to increase.

AI has introduced new threat surfaces that need to be defended. Cybercriminals are targeting models, inference pipelines and data flows. The rules-based mechanisms used by traditional security tools are not equipped to deal with the new threats that are coming. The race between defenders and attackers is increasingly asymmetric.

"Defenders are using rule-based mechanisms and attackers are using something that has no signatures, is fileless and without recognisable signatures. The old rules are no longer fit for purpose," he says.

Australian expansion

Upwind recently closed a US$250M funding round that values the company at around USD$2B. That capital injection is being used to expand Upwind Security into Australia and the broader APJ region. The company has started building a team in Australia, at a new Sydney office, with local engineering and support staff. The local team is being led by veteran Australian technology leader Anthony Leverington.

"Australia is a very strategic market," Yarin says. "It's a very strategic time zone for us as it enables us to offer 24/7 support globally. Australia has robust cybersecurity and privacy regulations. We can move fast and deliver capabilities to organisations to help stay ahead of this fast-moving compliance and legal landscape. We've built a very granular system that allows us to be able to support the technical requirements of these laws at scale."

Anthony Leverington, Head of Sales ANZ & ASEAN adds, "In Australia, we're taking a channel first approach. We have a very strong partnership with AWS, which recently selected us as their only global go-to-market cloud security partner, deployable via AWS Security Hub Extended. That means if a customer chooses to use Upwind, it's added to the AWS bill for the customer. That makes deployment and onboarding easy."

CISOs need real-time intelligence

When talking to CISOs and other security leaders, Yarin says overall cloud security posture is a major focus. Everything from vulnerability management to identity security needs to be considered. By monitoring everything in real-time, as code is executed, security teams are empowered to discover potential incursions and data exfiltration as it happens and not after the fact.

"When we deploy Upwind with a customer, the first five minutes shows them what is deployed in their cloud, what has issues, vulnerabilities, weaknesses and what is exposed. This information is critical for security leaders and teams," says Yarin.

This is achieved through a sensor that scans operations in real-time and monitors what's happening in AI applications and seeing the traffic that goes to your MCP and agents.

"This is the only accurate way to tell you what's right and what's wrong in your AI workloads," explains Yarin.

Looking ahead, Yarin says one of the risks he sees is the increased autonomy of AI systems. Citing the TV series Black Mirror, he says we could see malware that uses AI to disallow remedial actions from taking place.

"We could see AI refuse to do some things and locking us out of systems. We must have the right security and the right guardrails in place. AI workloads are being granted many permissions and entitlements in the organisations we work with. It's not beyond possibility to see an AI go rogue one day – either by accident or because a malicious actor makes it happen," says Yarin.

Protection of cloud workloads, particularly AI, is becoming increasingly complex and difficult. Scanning and reviewing logs can leave organisations vulnerable. The speed at which software code can be developed and deployed means organisations need to rethink how they defend their technology estate. Real-time protection is the only way to protect against threats and risks as they emerge.