SAN FRANCISCO--(BUSINESS WIRE)--Upwind, the runtime-first cloud security leader, today announced that its cloud-native application protection platform (CNAPP) is now integrated with the Extended plan in AWS Security Hub, Amazon Web Services’ unified security solution. This integration enables customers to gain deep, real-time visibility across their AWS workloads while reducing alert noise and focusing on the risks that matter most. By combining AWS detection services with Upwind’s runtime context, customers can prioritize active risk, streamline security operations, and strengthen protection of their workloads on AWS, through a simplified single-vendor Amazon Confidential experience with one contract, one bill, consolidated support, and flexible pricing through AWS.

Cloud security has reached an inflection point. As organizations rapidly scale containerized workloads, serverless architectures, and AI-driven applications, traditional approaches built on periodic scans and static posture checks are struggling to keep pace. Security teams need systems that operate at cloud speed, where detection, correlation, and response happen in real-time and continuously, not in snapshots.

AWS Security Hub Extended plan delivers curated enterprise security solutions from AWS and partners with simplified purchasing. It streamlines procurement through a single vendor experience – one contract, one bill, consolidated support, and flexible pricing. Security Hub Extended plan brings together the best of AWS detection services and curated partner solutions from endpoint and identity to security operations and artificial intelligence. These solutions enable defense-in-depth across your organization while simplifying deployment.

The Extended Plan for AWS Security Hub simplifies how enterprises deploy and manage security tooling within AWS. By integrating directly into this framework, Upwind becomes part of a consolidated operating model, allowing security leaders to standardize procurement and align security operations more tightly with their existing AWS investments.

“AWS Security Hub Extended plan and Upwind deliver what enterprises need most: unified visibility and clarity across increasingly complex cloud environments,” said Amiram Shachar, CEO & Co-founder at Upwind. “Cloud infrastructure has changed faster than the security models designed to protect it. The next era of cloud security must be built on runtime signals; that’s actually the only way to understand what is truly happening in production. By integrating Upwind's runtime-first cloud security platform with Security Hub Extended Plan, customers can base their decisions on live signals, not assumptions. That changes how teams prioritize risk, how they operate, and how fast they can move. This is the direction cloud security is heading.”

Together, AWS Security Hub and Upwind help organizations shift from fragmented investigations to a more unified security workflow. Security Hub surfaces correlated findings and attack paths across AWS services, while Upwind enriches those findings with runtime-level insight to validate and investigate real risk. The result is a more connected security workflow that reduces friction between detection and remediation. For large enterprises operating at scale, the ability to combine centralized visibility with runtime-level insight is critical. As environments grow more distributed and teams more specialized, integrations like this allow security, engineering, and cloud operations to work from a shared source of truth.

“Upwind provides deep visibility and clarity across our AWS environment, allowing us to focus on real, actionable risk,” said Jerich Beason, CISO at Waste Management. “After an in-depth evaluation of CNAPP platforms and extensive hands-on testing, we chose Upwind and rolled it out across our AWS and broader cloud infrastructure. Since deployment, we’ve seen a significant reduction in security alerts and fewer irrelevant CVEs. That level of clarity enables our teams to prioritize what actually matters and operate far more efficiently. Cloud security has lacked meaningful context for too long. Upwind shows us what is happening in our environment and why it matters. The agent built on the platform allows us to interrogate our data in real time, saving time and money while strengthening our overall security operations. Just as important, they have earned the trust of our engineers and security teams and continue to operate at the speed we expect from modern cloud partners.”

As cloud-native architectures evolve and AI-driven workloads expand, security strategies must evolve alongside them. Integrations built on shared telemetry and complementary capabilities represent the next step in how enterprises protect modern cloud environments at scale.

The Extended Plan for AWS Security Hub is immediately available in all commercial AWS regions. To learn more, visit upwind.io.

About Upwind

Upwind is the next-generation cloud security platform built to lead the Runtime revolution. Headquartered in San Francisco, California, Upwind brings together a unified vision for cloud and application-layer protection, empowering organizations to run faster, detect threats earlier and secure their environments with unmatched precision. The company was founded by Amiram Shachar and the founding team behind Spot.io (acquired by NetApp for $450 million) and is backed by leading investors including Bessemer, Salesforce Ventures, Greylock, Cyberstarts, Leaders Fund, Craft Ventures,TCV, Alta Park, Cerca Partners, Swish Ventures and Penny Jar Capital. Upwind has raised $430 million since its founding in 2022 and is trusted by forward-thinking enterprises globally to bring real-time runtime intelligence to modern cloud security. For more information or to schedule a demo, visit www.upwind.io.