ZEST Security partners with Upwind for faster AI-driven cloud fixes
According to ZEST Security, the collaboration is designed to bridge the gap between the identification of cloud security risks and the remediation process, streamlining response actions for both security and DevOps teams.
The integration allows teams to detect cloud threats as they occur, trace vulnerabilities back to their root causes in code, and automatically generate as well as implement high-impact solutions.
Security teams are able to use Upwind to achieve comprehensive and real-time insight into cloud workloads, applications, identities, data flows, and APIs, surfacing actionable intelligence that assists with the identification of threats and risk exposures as they arise.
ZEST Security's integration with Upwind is intended to simplify the remediation of findings by analysing available solutions and automatically producing the most efficient and effective paths for resolution. Solutions may include code-based fixes, critical patching, or the use of existing security controls and cloud-native services.
Hannah Sather, Senior Account Executive, stated: "The complexity of cloud environments and modern applications demands specialised, cloud-native solutions to effectively manage risk exposure. Security teams today benefit from deep, runtime-level visibility combined with the ability to rapidly remediate and mitigate identified risks. That's why we're excited to announce a new integration with Upwind to empower security and DevOps teams to identify, prioritise, and resolve cloud threats with unprecedented speed and scale."
The process to implement the integration has been streamlined. Users generate API credentials in their Upwind account and connect them to ZEST using a connector supplied by the company. Once established, runtime security findings from Upwind are made available in the ZEST platform, enriched with context, ownership details, and prioritised remediation and mitigation paths using ZEST's AI Resolution Engine.
Hannah Sather added: "See More. Fix Faster. Upwind provides deep, runtime intelligence that gives security teams complete visibility across workloads, applications, identities, data flows, and APIs. By surfacing real-time, actionable insights, Upwind helps security teams cut through the noise, reduce exposure, and detect cloud threats as they happen."
The integration includes several key features. Security teams gain deep visibility into workloads, applications, identities, data flows, and APIs in real time. Vulnerabilities and risks can be identified promptly, and ZEST's Agentic AI generates guided resolution paths for remediation and mitigation. The platform supports Security as Code (SaC) through integration with existing DevOps workflows.
Automated root cause analysis is a further feature, tracing risks back to their origin in code and generating replacement code. Existing guardrails, controls, and policies can also be utilised to help reduce the exploitability, severity, and exposure associated with cloud security issues.
Regarding the benefits, ZEST Security stated that the integration is intended to accelerate the time taken to remediate issues by matching risks to the most efficient solutions, subsequently reducing mean time to resolution and operational friction.
The integration also harnesses Agentic AI to move beyond automating manual tasks. The technology correlates findings, performs automated root cause analysis, and generates high-impact resolution pathways.
The coordinated approach streamlines the progression from real-time identification of risks to guided remediation and mitigation, and aims to deliver holistic risk reduction by combining code-based remediation, patching, and the application of mitigating controls.
Hannah Sather said: "We're so excited to join forces with Upwind to empower security teams to move faster and secure their cloud environment."
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
05-08-2025
- Techday NZ
ZEST Security adds AWS Service Control Policies to AI cloud platform
ZEST Security has announced the integration of AWS Service Control Policies (SCPs) into its Agentic AI-powered Cloud Risk Resolution platform to provide security teams with new, code-free mitigation methods for reducing cloud exposure. According to research conducted by ZEST Security, over half of cloud security risks are not immediately remediable due to several barriers such as unavailable patches, the inability to make code changes, or limitations brought about by legacy systems. This often results in organisations accepting these risks, which can increase the potential for security incidents if appropriate mitigating controls are not in place. Remediation challenges ZEST Security's "2025 Cloud Risk Exposure Impact" report underscores the difficulties of traditional cloud risk management. The report found that 56% of risks cannot be remediated primarily because a patch may not be available, a code change cannot be made immediately, or legacy systems do not support upgrades. In these cases, the report notes that, "organizations often accept the risk, increasing the potential for security incidents when appropriate mitigating controls aren't applied." Proactive SCT deployment By integrating AWS Service Control Policies as a core element of its mitigation toolkit, ZEST Security is targeting the issue of non-remediable risks. SCPs offer security teams the ability to enforce restrictions and compliance across AWS accounts, reducing the need to wait for work from other internal teams or available patches and upgrades before acting on a vulnerability or exposure. According to the company, "ZEST Security's mitigation pathways, now including AWS SCPs, offer a fast and reliable way to mitigate exposure, prevent exploitation and disrupt attacks at every stage, without waiting for patches, code changes or other teams to deliver full remediation." Blocking attacker activity By mobilising SCPs as a mitigation pathway, security teams can block both common and advanced attack techniques by controlling access to sensitive resources, encryption settings and public exposure, ZEST Security states. This reduces the risk of exploitation and helps prevent key attack stages such as reconnaissance, privilege escalation, and data encryption. Technology and AI support The ZEST Security platform leverages artificial intelligence agents to map vulnerabilities and misconfigurations identified by cloud security posture management and vulnerability management tools to corresponding mitigation pathways. The company's resolution engine assesses possible actions, including code or infrastructure-as-code fixes, patches, upgrades, cloud guardrails, and now SCPs, to identify the most effective means of reducing exposure at scale. "The ZEST platform leverages AI Agents to map vulnerabilities and misconfigurations identified by CSPM and vulnerability management solutions to remediation and mitigation pathways. ZEST's resolution engine analyzes all available options, including code/IaC fixes, patches, upgrades, policies and cloud guardrails to identify the most direct and impactful path to reduce cloud exposure at scale, even in scenarios when remediation isn't immediately possible," ZEST Security stated. Expanding mitigation options While SCPs represent the latest addition to ZEST Security's suite of mitigation capabilities, the platform also enables mobilisation of other controls such as Web Application Firewalls, VPC, and GuardDuty. These options allow organisations to harden cloud configurations, enforce policy compliance, and establish custom protection rules, particularly when code changes or upgrades are impractical. "While SCPs represent ZEST's latest mitigation pathway, ZEST provides a broader mitigation offering that mobilizes other controls and services such as Web Application Firewalls, VPC and GuardDuty to harden configurations, enforce stricter policies and create customized protection rules when code changes or upgrades aren't possible," the company stated. The announcement highlights ZEST Security's strategy of operationalising standard cloud policies and AI-driven mapping to address risks that cannot be resolved through traditional remediation approaches, offering practical alternatives to address persistent vulnerabilities in cloud environments.
Techday NZ
12-06-2025
- Techday NZ
Upwind names Rinki Sethi Chief Security Officer amid growth
Upwind has appointed Rinki Sethi as Chief Security Officer, where she will lead the company's global Information Security and Technology functions, as well as contribute to strategy across marketing, go-to-market, and customer engagement. Sethi brings more than twenty years of experience in cybersecurity, having held senior roles at Twitter, BILL, Rubrik, Walmart, IBM, Palo Alto Networks, and eBay/PayPal. She has served on the boards of Vaultree and ForgeRock and is a founding partner at Lockstep Ventures. Upwind reports significant business momentum, citing a 4,000% year-on-year revenue increase in 2024, 40% growth in its customer base, and over 30 product updates in the first quarter of 2025. The company positions itself as an alternative to traditional CNAPP vendors, focusing on real-time, runtime-first detection and protection across cloud environments. Leadership perspective "Rinki is one of the most respected CISOs in the world, and her decision to join Upwind is a major signal of where the future of cloud security is headed," said Amiram Shachar, CEO and co-founder of Upwind. "She was one of the first to recognise that runtime context transforms how we secure the cloud. Now, she'll help scale that vision globally with the technical depth, customer empathy, and executive horsepower to match." As an early customer of Upwind, Sethi brings both practitioner and boardroom experience to the new role. Upwind's approach integrates CSPM, CWPP, CDR, vulnerability management, and identity security, anchored in live runtime activity. According to the company, this results in up to 95% fewer alerts and faster incident remediation for customers. Sethi's experience "As a CISO, I lived the pain of chasing dashboards while incidents unfolded in real-time," said Rinki Sethi, Chief Security Officer of Upwind. "Upwind is the first platform I've seen that flips the model, from reactive noise to real-time decisions. As an early customer, I experienced how powerful it is to operate with full runtime context. That's why I'm joining Upwind, to help build the future I always wanted as a practitioner." Sethi holds a bachelor's degree in Computer Science Engineering from UC Davis and a master's degree in Information Security from Capella University. She is recognised as an industry voice and advocate for women in security. Outside of work, Sethi is a mother of two, fitness enthusiast, and active supporter of early-stage cybersecurity startups. Follow us on: Share on:
Techday NZ
04-06-2025
- Techday NZ
ZEST Security partners with Upwind for faster AI-driven cloud fixes
ZEST Security has announced a new integration with Upwind to combine real-time, runtime-powered cloud visibility with AI-driven remediation capabilities. According to ZEST Security, the collaboration is designed to bridge the gap between the identification of cloud security risks and the remediation process, streamlining response actions for both security and DevOps teams. The integration allows teams to detect cloud threats as they occur, trace vulnerabilities back to their root causes in code, and automatically generate as well as implement high-impact solutions. Security teams are able to use Upwind to achieve comprehensive and real-time insight into cloud workloads, applications, identities, data flows, and APIs, surfacing actionable intelligence that assists with the identification of threats and risk exposures as they arise. ZEST Security's integration with Upwind is intended to simplify the remediation of findings by analysing available solutions and automatically producing the most efficient and effective paths for resolution. Solutions may include code-based fixes, critical patching, or the use of existing security controls and cloud-native services. Hannah Sather, Senior Account Executive, stated: "The complexity of cloud environments and modern applications demands specialised, cloud-native solutions to effectively manage risk exposure. Security teams today benefit from deep, runtime-level visibility combined with the ability to rapidly remediate and mitigate identified risks. That's why we're excited to announce a new integration with Upwind to empower security and DevOps teams to identify, prioritise, and resolve cloud threats with unprecedented speed and scale." The process to implement the integration has been streamlined. Users generate API credentials in their Upwind account and connect them to ZEST using a connector supplied by the company. Once established, runtime security findings from Upwind are made available in the ZEST platform, enriched with context, ownership details, and prioritised remediation and mitigation paths using ZEST's AI Resolution Engine. Hannah Sather added: "See More. Fix Faster. Upwind provides deep, runtime intelligence that gives security teams complete visibility across workloads, applications, identities, data flows, and APIs. By surfacing real-time, actionable insights, Upwind helps security teams cut through the noise, reduce exposure, and detect cloud threats as they happen." The integration includes several key features. Security teams gain deep visibility into workloads, applications, identities, data flows, and APIs in real time. Vulnerabilities and risks can be identified promptly, and ZEST's Agentic AI generates guided resolution paths for remediation and mitigation. The platform supports Security as Code (SaC) through integration with existing DevOps workflows. Automated root cause analysis is a further feature, tracing risks back to their origin in code and generating replacement code. Existing guardrails, controls, and policies can also be utilised to help reduce the exploitability, severity, and exposure associated with cloud security issues. Regarding the benefits, ZEST Security stated that the integration is intended to accelerate the time taken to remediate issues by matching risks to the most efficient solutions, subsequently reducing mean time to resolution and operational friction. The integration also harnesses Agentic AI to move beyond automating manual tasks. The technology correlates findings, performs automated root cause analysis, and generates high-impact resolution pathways. The coordinated approach streamlines the progression from real-time identification of risks to guided remediation and mitigation, and aims to deliver holistic risk reduction by combining code-based remediation, patching, and the application of mitigating controls. Hannah Sather said: "We're so excited to join forces with Upwind to empower security teams to move faster and secure their cloud environment."
