Upwind's AI-Validated Rise Redefines Cloud Security Markets

SAN FRANCISCO, CA – November 26, 2025 – In the hyper-competitive cloud security market, achieving top-tier recognition is a significant milestone. For a company to do so in just over two years is nearly unprecedented. Upwind, a cloud security platform founded in 2022, has done just that, securing a coveted top-right quadrant position in the newly released Information Security Media Group (ISMG) 2025 Cloud-Native Application Protection Platform (CNAPP) Market Guide. The recognition not only validates Upwind's technology but also signals a profound market shift, one increasingly measured by objective, data-driven analysis.

Among the 19 vendors evaluated, Upwind stands out as the youngest company and the fastest to reach the guide's highest quadrant, a category designated for solutions offering both simple deployment and comprehensive coverage. This rapid ascent in a market projected to exceed a 30% compound annual growth rate is turning heads among investors and enterprise security leaders alike, prompting a closer look at the forces behind its success: a novel 'runtime-first' architecture and a new, AI-powered methodology for market evaluation.

The AI Effect: An Unbiased Verdict on Innovation

Perhaps the most compelling aspect of Upwind's placement is how it was determined. ISMG's 2025 report was produced using its proprietary Apollo AI workflow engine, a methodology designed to strip away narrative bias and marketing hype. Instead of relying solely on vendor briefings, the AI engine gathers and validates information from a vast array of public data sources, including product documentation, regulatory filings, investor disclosures, and technical blogs. This process elevates vendors based on objective signals like digital presence, customer traction, and product clarity.

This data-centric approach is particularly significant for emerging companies that may lack the legacy brand recognition of established incumbents. It levels the playing field, allowing the strength of the technology and its real-world impact to speak for itself.

"We were pleased to feature Upwind in this year's CNAPP Market Guide," said Dan Vertan, Vice President at ISMG. "Their runtime-focused architecture continues to resonate strongly with the needs we see across cloud-native security teams. Because our process is fully data-driven and rooted in verified information, Upwind's capabilities emerged naturally and objectively in the research." This objective validation underscores a broader trend: the industry is moving toward evaluation criteria where tangible performance and clear communication are becoming as critical as a vendor's historical market share.

Deconstructing the 'Runtime-First' Revolution

At the core of Upwind's technological and market success is its 'runtime-first' philosophy. For years, cloud security has been dominated by static analysis—scanning code repositories and cloud configurations for potential vulnerabilities and misconfigurations. While useful, this approach often generates a high volume of alerts, many of which are not actually exploitable in a live environment, leading to significant 'alert fatigue' for security teams.

Upwind flips the script by prioritizing what is actually happening inside a live production environment. By deploying lightweight sensors that leverage technologies like eBPF within the Linux kernel, the platform observes real-time workload activity, network flows, and process executions with minimal performance impact. It then correlates this live intelligence with static context—data from vulnerabilities, identities, and configurations. The result is a highly contextualized view of risk that answers the most critical question for any security team: Is this threat actually exploitable right now?

This hybrid model, which combines the speed of agentless discovery with the depth of runtime sensors, allows organizations to cut through the noise. By focusing on active, exploitable risk paths rather than a theoretical laundry list of vulnerabilities, security teams can prioritize their efforts effectively. The ISMG report highlights this advantage, noting Upwind's ability to surface what's truly impactful to the business while eliminating the noise that slows down most security operations. It's a shift from a posture of 'what could go wrong' to 'what is going wrong'.

From Startup to Market Shaper in Record Time

Upwind's market trajectory is as impressive as its technology. Founded by Amiram Shachar and the entrepreneurial team behind Spot.io, which was acquired by NetApp for $450 million, the company was built with a clear vision and deep industry expertise. Since its inception in 2022, it has raised an impressive $180 million from a roster of top-tier investors including Greylock, Cyberstarts, Craft Ventures, and even celebrity-backed funds from Omri Casspi and Stephen Curry.

This strong financial backing has enabled the company to execute with remarkable speed and precision. "Upwind entered the CNAPP landscape just 2.5 years ago, and we're proud to reach this level of momentum so quickly," stated Amiram Shachar, CEO and Co-Founder of Upwind. "We built Upwind on a runtime-first foundation from day one, and ISMG reinforces how critical that approach has become. The findings reflect what customers tell us consistently, that runtime clarity and context make security teams faster, more accurate, and more confident."

This confidence is increasingly shared by the market. The company’s rapid valuation growth, reportedly approaching $900 million after its latest funding round, reflects strong customer adoption and the resonance of its message. This isn't just about a single product feature; it's about addressing a fundamental pain point in the industry as organizations grapple with the complexity and dynamism of modern cloud-native environments.

A New Front in a Crowded Arena

The CNAPP market is far from empty, with behemoths like Palo Alto Networks' Prisma Cloud and Microsoft Defender for Cloud, alongside highly valued specialists like Wiz and Orca Security. However, Upwind's success demonstrates that the market is not yet consolidated. The industry-wide shift from fragmented point solutions (CSPM, CWPP, CIEM) to unified CNAPP platforms is creating new opportunities for innovators that can effectively address the next frontier of cloud threats: the runtime environment.

Legacy tools and first-generation CNAPPs, while adept at inventory and static posture management, often struggle to provide deep visibility into the ephemeral, fast-changing nature of live workloads. Upwind’s focus on correlating runtime behavior with build-time context to trace threats back to their origin is a key differentiator. This move toward runtime-powered protection, contextual correlation, and AI-assisted remediation is precisely the direction the market is heading, as validated by ISMG and other analyst firms.

As enterprises continue their migration to the cloud and adopt complex architectures like containers and serverless functions, the attack surface expands and shifts. Securing these environments requires more than just a periodic scan; it demands continuous, real-time intelligence. Upwind's rapid validation suggests that the future of cloud security will be defined not by who has the longest list of features, but by who provides the clearest, most actionable insights into what matters most.