Upwind adds real-time API security to the Cloud Application Detection and Response (CADR) framework. This should take cloud security as a whole one step further and, above all, make it more comprehensive.
We no longer need to discuss the importance of APIs. However, securing them is still an important issue. We have been writing about this for quite a few years now. However, API security should not be a stand-alone security component, in our opinion. It should be part of a larger ecosystem. The market seems to agree, as evidenced by Akamai’s acquisition of Noname Security last year. It is therefore not surprising that a relatively new player such as Upwind has an API security component in its cloud security offering. It just makes perfect sense to go down this route.
Upwind API Threat Detection
Upwind was founded in 2022 by the team that had previously set up Spot.io. The latter company was successfully put on the market and eventually sold to NetApp. The central idea behind everything Upwind does is that cloud security is about protecting what happens in runtime. APIs play an important role in this.
During Kubecon in London earlier this week, Upwind announced an expansion of the API capabilities of the cloud security platform. API Threat Detection consists of several components. There is real-time monitoring based on telemetry from Layers 3, 4 and 7. This allows Upwind to actively monitor API traffic to detect any anomalies and potential threats in runtime. It also establishes baselines for API traffic to quickly detect any deviations from these.
API Threat Detection also adds the necessary response features. Automated workflows are available to perform analyses. This should enable a fast and efficient response. Organizations can align the policies of the Upwind platform with their own security policies. This should ensure that they are and remain compliant.
Finally, Upwind also promises that API Threat Detection can detect advanced GenAI threats. With the rise of generative AI, new vulnerabilities have emerged that require specific security measures. Upwind has developed targeted detection options for this.
Cloud Application Detection and Response (CADR) framework
API Threat Detection is part of a broader Cloud Application Detection and Response (CADR) framework from Upwind. According to the company, this framework is an evolution of traditional Cloud Detection and Response (CDR) technologies.
The CADR framework uses eBPF sensors that monitor traffic flows to immediately identify threats in a safe environment. In addition, the correlation of data from cloud logs, network flows and API activity should provide good visibility. The CADR framework should ultimately provide significant time savings for security teams. Upwind claims that it should be ten times faster. The MTTR (Mean Time to Response) should also be up to seven times faster.
With this week’s news, Upwind explicitly links cloud security and API security. That is a good thing and will be a good extra layer of security for many organizations. We will soon dive a little deeper into this new company and its offerings.