Upwind has completed a Series B financing round of $250 million, bringing its total capital raised to $430 million. The capital injection comes about a year after the previous financing round and marks the next phase of growth for the cloud security company.
Upwind focuses on securing public cloud environments with a so-called runtime-first approach. According to the company, traditional security models are increasingly out of step with modern cloud architectures, in which real-time applications and AI workloads play an increasingly important role. The CEO and co-founder argues that security should be based on what is actually happening in a cloud environment, rather than on static assumptions or snapshots.
Upwind’s platform analyzes malicious activity by combining cloud telemetry with data collected via eBPF, a technology from the Linux kernel. This allows the operating system itself to act as an observation layer, which, according to the company, provides deeper and more accurate insights than traditional observability methods, writes SiliconANGLE. This runtime data makes it possible to detect attacks at an early stage and better understand how they develop.
Detailed timeline
When a security incident is detected, Upwind generates a detailed timeline showing how an attack started, what techniques were used, and what the impact is within the cloud environment. Administrators can also use automated scripts to accelerate and standardize parts of the incident response.
In addition to runtime detection, the platform also focuses on prevention before code goes into production. Upwind integrates with CI/CD environments to identify vulnerabilities in application code and infrastructure-as-code before they are rolled out. Configuration errors that could lead to compliance issues are also flagged, providing insight into which data assets are at risk and what remedial measures are possible.
Once software is active in production, Upwind maps how applications communicate with other cloud resources and external services. Based on this, vulnerabilities are identified that could be exploited by unauthorized AI agents, for example. At the same time, the platform attempts to limit the number of false positives by filtering out vulnerabilities that cannot be exploited in practice, such as issues in isolated or inactive components.
According to Upwind, revenue has grown by more than 900 percent between the last two financing rounds. With the new capital, the company wants to further expand its functionality, with a focus on tools that help developers identify security issues earlier in the development process. The commercial and support teams will also be scaled up to support international growth.
The investment round was led by Bessemer Venture Partners, with participation from Salesforce Ventures and Picture Capital.
Also read: Upwind drafts in Nyx for cloud security keyhole surgery