Upwind provides a Cloud-Native Application Protection Platform (CNAPP) that focuses on runtime security for cloud environments. The platform performs vulnerability management and scanning services to identify security risks in cloud infrastructure and applications. Upwind's approach emphasizes runtime data analysis to assess exploitable CVEs and determine actual risk levels rather than just cataloging vulnerabilities. The company conducts security research on cloud services and open-source components, identifying vulnerabilities in widely-used technologies. Their vulnerability management tool discovers various CVE types including Remote Code Execution (RCE), Denial of Service (DoS), and data exfiltration vulnerabilities. The platform helps organizations prioritize remediation efforts by analyzing which vulnerabilities pose real threats in their specific runtime environments. Upwind serves organizations running cloud workloads and containerized applications, helping them secure their cloud infrastructure through continuous monitoring and assessment. The platform integrates with cloud environments to provide visibility into security posture, vulnerable components, and potential attack vectors. Their solution addresses the challenge of vulnerability overload by focusing on exploitability and actual risk in production environments rather than theoretical threats.