Upwind Launches Runtime-Powered CNAPP 2.0 for Cloud Security Posture

Upwind has introduced a major upgrade to its Cloud-Native Application Protection Platform (CNAPP), aimed at rethinking how cloud posture is assessed and enforced. Launched at RSA Conference 2025, the company’s enhanced inventory and posture modules bring runtime context to the forefront—enabling security teams to focus on what’s actually exposed, not just what is misconfigured.

As cloud environments grow more complex, traditional posture management tools struggle to keep pace. They often rely on static checks and best-practice frameworks, which can lead to an overwhelming volume of alerts with limited insight into true risk. Upwind’s latest release addresses this gap by incorporating live production data into posture analysis, allowing teams to identify, prioritize, and respond to issues based on real-world behavior.

With this update, security teams gain the flexibility to define custom posture rules that reflect their unique environments, business priorities, and evolving threat models. Violations are surfaced and ranked based on actual runtime exposure, rather than theoretical vulnerabilities. A centralized dashboard provides a comprehensive, executive-friendly view of posture risk, helping organizations focus on the issues that carry the greatest operational and security impact.

The enhancements follow a broader strategy by Upwind to embed runtime intelligence across its platform. This includes recent updates to its inventory management capabilities and the integration of AI-driven threat detection. By aligning cloud security posture with how applications actually behave in production, Upwind is enabling organizations move beyond surface-level compliance and toward actionable, risk-informed decision-making.