{"id":731459,"date":"2026-06-05T00:40:25","date_gmt":"2026-06-04T21:40:25","guid":{"rendered":"https:\/\/buradabiliyorum.com\/en\/upwind-the-next-gen-wiz-now-secures-every-corner-of-the-ai-stack\/"},"modified":"2026-06-05T00:40:25","modified_gmt":"2026-06-04T21:40:25","slug":"upwind-the-next-gen-wiz-now-secures-every-corner-of-the-ai-stack","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/upwind-the-next-gen-wiz-now-secures-every-corner-of-the-ai-stack\/","title":{"rendered":"Upwind, the next-gen Wiz, now secures every corner of the AI stack"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3bf176db8f3\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3bf176db8f3\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/upwind-the-next-gen-wiz-now-secures-every-corner-of-the-ai-stack\/#The_attack_surface_has_moved\" >The attack surface has moved<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/upwind-the-next-gen-wiz-now-secures-every-corner-of-the-ai-stack\/#The_inventory_problem_is_now_critical\" >The inventory problem is now critical<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/upwind-the-next-gen-wiz-now-secures-every-corner-of-the-ai-stack\/#Shift_left_isnt_dead_it_just_has_to_run_faster\" >Shift left isn\u2019t dead, it just has to run faster<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/buradabiliyorum.com\/en\/upwind-the-next-gen-wiz-now-secures-every-corner-of-the-ai-stack\/#Whats_still_coming\" >What\u2019s still coming<\/a><\/li><\/ul><\/nav><\/div>\n<div id=\"article-main-content\">\n<p><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.upwind.io\/\" target=\"_blank\" rel=\"nofollow noopener\">Upwind<\/a>\u00a0just dropped a new product announcement today, and it signals a fundamental shift in how the company thinks about AI risk.<\/p>\n<p>CEO Amiram Shachar published a lengthy post\u00a0<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.upwind.io\/feed\/security-for-ai-cloud-security-pillars\" target=\"_blank\" rel=\"nofollow noopener\">this morning<\/a>\u00a0laying out Upwind\u2019s \u201c<em>Security for AI<\/em>\u201d thesis, the companion piece to their earlier push around\u00a0agentic AI capabilities. The core argument is simple:\u00a0AI security isn\u2019t a standalone product category\u00a0you can bolt on. It has to be woven into every existing layer of cloud security, from the code pipeline all the way through to runtime.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"The_attack_surface_has_moved\"><\/span>The attack surface has moved<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>The most striking part of Shachar\u2019s framing is his argument about where the real action now h<a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ens. Traditional runtime security spent years watching process execution, malware signatures, and network flows.<\/p>\n<p>That\u2019s increasingly the wrong place to look. The interesting threat activity has moved up to the application layer, to APIs, payloads, prompts, and the\u00a0thousands of MCP calls a single AI agent fires off\u00a0to complete a task. When a model receives a prompt, calls a tool, hits an MCP server, retrieves from a datastore, and returns a payload, every single hop in that chain is an exposure point.\u00a0Prompt injection, data leakage, over-permissioned tool calls, none of it shows up when you\u2019re watching packets.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"The_inventory_problem_is_now_critical\"><\/span>The inventory problem is now critical<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>One of the more practical points in the announcement concerns cloud inventory. There are now more ways than ever to consume AI in the cloud, through managed services like AWS Bedrock, Azure AI Foundry, and Vertex AI, through self-hosted open-source models, or through custom agents, MCP servers, knowledge bases, and inference endpoints.<\/p>\n<div class=\"inarticle-wrapper latest channel-cta hs-embed-tnw\">\n<div id=\"hs-embed-tnw\" class=\"channel-cta-wrapper\">\n<div class=\"channel-cta-img\"><img decoding=\"async\" class=\"js-lazy\" src=\"https:\/\/media.thenextweb.com\/hardfork-2018\/uploads\/visuals\/tnw-newsletter.png\"\/><\/div>\n<p><img decoding=\"async\" src=\"https:\/\/media.thenextweb.com\/hardfork-2018\/uploads\/visuals\/tnw-newsletter.png\"\/><\/p>\n<div class=\"channel-cta-input\">\n<p class=\"channel-cta-title\">The \ud83d\udc9c of EU tech<\/p>\n<p class=\"channel-cta-tagline\">The latest rumblings from the EU tech scene, a story from our wise ol&#8217; founder Boris, and some questionable AI art. It&#8217;s free, every week, in your inbox. Sign up now!<\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>The kicker is that teams across your org are spinning these up constantly, often without security having any visibility. Upwind\u2019s answer is an AI inventory layer that goes beyond a flat resource list to map the relationships, dependencies, and risks between components.<\/p>\n<p>What that looks like in practice: every Bedrock Agent, Azure OpenAI Assistant, and self-hosted agent surfaces alongside the model behind it, whether it has guardrails enabled, its last invocation timestamp, and the non-human identity it runs as. Datastores feeding AI workloads get flagged for PII, PHI, and exposed secrets. MCP servers show their auth method and public vs. private exposure status. Shachar calls out publicly exposed MCP gateways in a degraded state as a prime target for attackers, and based on how fast MCP adoption is accelerating, that\u2019s not a hypothetical concern.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Shift_left_isnt_dead_it_just_has_to_run_faster\"><\/span>Shift left isn\u2019t dead, it just has to run faster<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>On the code side, Upwind is updating its scanning capabilities to keep pace with AI-generated code, a fundamentally different challenge than reviewing human-authored commits. Velocity is up by an order of magnitude, with more code from more sources, merged faster, and more dependencies pulled in automatically. The company points to its own research team\u2019s work uncovering the Shai-Hulud campaign, a compromised package that\u00a0moved through the supply chain and into build pipelines, as a preview of what this threat landscape looks like in practice.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Whats_still_coming\"><\/span>What\u2019s still coming<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Upwind is signaling more to come. The next piece is securing AI endpoints themselves, the point where prompts and responses actually cross the wire, with a private preview already open for registration.<\/p>\n<p>The broader bet Upwind is making is that the security industry is still treating AI as a niche concern, a new box to check rather than a thread running through every existing risk category. Whether you buy that framing or not, the product substance here is real, inventory, runtime behavioral baselines, and supply chain scanning that\u2019s been rearchitected for the agentic era. That\u2019s a more coherent AI security story than most vendors are telling right now.<\/p>\n<\/p><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMN63nwsw68G3Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" target=\"_blank\" >Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/thenextweb.com\/news\/upwind-the-next-gen-wiz-now-secures-every-corner-of-the-ai-stack\" target=\"_blank\" >Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Upwind\u00a0just dropped a new product announcement today, and it signals a fundamental shift in how the company thinks about AI risk. CEO Amiram Shachar published a lengthy post\u00a0this morning\u00a0laying out Upwind\u2019s \u201cSecurity for AI\u201d thesis, the companion piece to their earlier push around\u00a0agentic AI capabilities. The core argument is simple:\u00a0AI security isn\u2019t a standalone product&#8230;<\/p>\n","protected":false},"author":1,"featured_media":731460,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/media.thenextweb.com\/2026\/06\/upwind-next-gen-wiz-ai-stack-security.avif","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-731459","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/731459","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=731459"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/731459\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/731460"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=731459"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=731459"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=731459"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}