TalksAWS re:Invent 2025 - Runtime + AI: Reinventing Cloud Security on AWS (SEC223)

AWS re:Invent 2025 - Runtime + AI: Reinventing Cloud Security on AWS (SEC223)

AWS re:Invent 2025 - Runtime + AI: Reinventing Cloud Security on AWS (SEC223)

Introduction to Upwind

  • Upwind is a cloud security platform founded by a team with a background in DevOps and the Israeli military
  • The founders previously built Spot, a cloud automation platform, which was acquired by Netapp in 2020
  • Upwind was started in 2022 with the goal of fundamentally changing the approach to cloud security

The Need for a New Cloud Security Paradigm

  • Modern cloud architectures, especially those leveraging AI, behave differently than traditional workloads
  • AI agents and microservices communicate through APIs, are ephemeral, and keep minimal state
  • This requires a new approach to visibility that goes beyond just configuration and vulnerability scanning

Upwind's Approach: Inside-Out Visibility

  • Traditional "outside-in" cloud security focuses on configuration, vulnerabilities, and static scanning
  • Upwind introduces an "inside-out" approach that provides runtime visibility into application and workload behavior
  • This allows for:
    • Real-time threat detection by observing anomalies and deviations from behavioral baselines
    • Prioritizing security findings based on the actual risk to the specific runtime environment, not just generic CVE scores

Key Capabilities of the Upwind Platform

  1. Full Environment Discovery and Visibility:

    • Real-time mapping of the entire cloud environment, including changes over time
    • Visibility into data flows, network traffic, and API interactions

  2. Exposure and Attack Surface Reduction:

    • Identifying all exposures and vulnerabilities in the environment
    • Prioritizing the most critical issues based on runtime context

  3. Threat Detection and Response:

    • Detecting threats in real-time by observing behavioral anomalies
    • Providing detailed incident analysis and the ability to take immediate action, such as killing processes or blocking network paths

  4. AI and Data Security:

    • Securing AI workloads, microservices, and APIs that are highly dynamic and ephemeral
    • Monitoring data flows to and from AI services, both internally and externally

Business Impact and Use Cases

  • Upwind's approach allows organizations to focus on the most critical security issues, reducing alert fatigue and improving overall security posture
  • The platform can consolidate multiple security tools into a single solution, providing a comprehensive view of the cloud environment
  • Specific use cases include:
    • Securing traditional cloud workloads
    • Protecting AI-powered applications and data flows
    • Gaining real-time visibility and threat detection for modern, dynamic cloud architectures

Conclusion and Next Steps

  • Upwind offers a new way to approach cloud security by providing deep runtime visibility and context-aware security
  • Interested attendees are invited to visit the Upwind booth (Isle 600) to see a demo and discuss their specific security needs

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

This website stores cookies on your computer.

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.