Cycode is proud to announce a new integration with Upwind, a modern cloud security platform built to secure running environments at speed and scale. This partnership allows customers to ingest container image vulnerability data from Upwind directly into the Cycode platform, giving teams visibility and actionability that spans both runtime and development.
As more organizations embrace cloud-native technologies and containerized applications, the gap between runtime visibility and secure development practices becomes a critical risk. Our integration with Upwind is designed to close that gap by ingesting runtime insights into the Cycode Application Security platform and adding useful context for developers to take action.
Why This Integration Matters
Security leaders are increasingly challenged to unify fragmented tooling across the software lifecycle. Runtime security tools like Upwind offer critical detection capabilities, but they often lack visibility into how and where that vulnerability originated. On the other side, application security tools like Cycode have deep insight into code, pipelines, and developers but historically have had limited context on what is actually running in production.
By integrating their products, Cycode and Upwind can bridge this gap. The new connector pulls container image vulnerability findings from Upwind into the Cycode platform, where they are enriched with SDLC context and mapped back to the teams and code that introduced the issue. Cloud and application security teams no longer have to operate in isolation and developers no longer have to guess where runtime problems originated. All teams get a unified view with clear ownership and context.
“As runtime and development environments continue to converge, security teams need a single thread to understand and act on risk. Our partnership with Upwind brings that vision to life by connecting production insights with SDLC context. This is how modern security should work.”
— Dor Atias, Chief Product & Engineer Officer | Co-founder of Cycode”
What the Integration Delivers
The Cycode and Upwind connector supports a streamlined setup. Once API credentials are created in Upwind and configured inside Cycode, vulnerability data begins syncing automatically. These findings are then mapped across Cycode’s native SDLC graph, providing answers to questions like:
- Which repository introduced the vulnerable image
- Who is the developer or team that owns this code
- What is the deployment history and exposure window of the vulnerability
- How should this be prioritized compared to other risks in the environment
This enriched data is then made visible in tools where developers already work, such as GitHub, GitLab, Jira, and Slack. Teams can triage, assign, and remediate runtime risks with the same workflows they already use for SAST or IaC vulnerabilities.
Security teams gain visibility into runtime container issues while retaining the ability to prioritize and assign with precision. Engineering teams get actionable feedback that includes exactly where the problem started and how to resolve it. Together, organizations can move faster.
The Cycode + Upwind Advantage
This partnership is part of a larger effort at Cycode to unify the application security lifecycle. The combination of Cycode’s SDLC intelligence with Upwind’s runtime insight creates a powerful feedback loop between code and production.
By combining strengths, customers get better coverage, improved accuracy, and shorter time to remediation across the software lifecycle.
Getting Started
You can get started by generating API credentials within the Upwind platform and entering them into Cycode using our guided connector wizard. The process takes just a few minutes. Once configured, container image vulnerabilities from Upwind will begin appearing inside Cycode, enriched with repository metadata and ownership information.
We are excited to partner with Upwind to bring even more value to our customers and help them secure what matters most from code to cloud. Please reach out and request a demo to learn more.
