SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
International Women’s Day
267 opinions Read now

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

3d cloud shields aws data center real time security streams
#
Data Protection
#
Digital Transformation
#
Hyperscale

Upwind joins AWS Security hub extended plan for CNAPP

Fri, 27th Feb 2026
Author image
By Sofiah Nichole Salivio, News Editor

Upwind has integrated its cloud-native application protection platform (CNAPP) with the Extended plan for AWS Security Hub. The move expands its distribution through AWS's security marketplace and connects Upwind runtime data to AWS Security Hub findings.

The integration makes Upwind one of a select group of partners available through the Security Hub Extended plan. The plan combines AWS detection services with partner tools under a consolidated purchasing and support model.

Security hub extended

AWS Security Hub is a unified service that aggregates and correlates security findings across AWS services. The Extended plan adds curated third-party products and simplifies procurement through a single vendor experience, with one contract, one bill, and consolidated support and pricing through AWS.

Upwind said the integration provides real-time visibility across AWS workloads and reduces alert volume. It positions runtime context as a way to separate active risk from issues that are less relevant in production.

Security teams have often relied on periodic scanning and posture assessments for cloud environments. As more organisations run containerised workloads, serverless architectures, and AI-driven applications across large estates, the volume of findings has increased, adding pressure on security operations to triage faster.

In this model, AWS Security Hub surfaces correlated findings and attack paths across AWS services. Upwind adds runtime-level data to help validate whether an issue is active in production. Together, the companies describe a more unified workflow between detection and remediation.

Procurement model

The Extended plan also changes how security tools are bought and managed in AWS environments. Enterprises often purchase multiple products with separate contracts, billing, and support processes. AWS has been expanding security purchasing options that more closely mirror consumption-based cloud procurement.

With Upwind included in the Extended plan, customers can buy the product through AWS under the plan's commercial framework. That may simplify standardisation for organisations that already manage vendors through AWS Marketplace-style models and want a consistent support path.

Amiram Shachar, CEO and Co-founder of Upwind, said the integration reflects changes in cloud infrastructure and the limits of snapshot-based security approaches.

"AWS Security Hub Extended plan and Upwind deliver what enterprises need most: unified visibility and clarity across increasingly complex cloud environments," Shachar said.

"Cloud infrastructure has changed faster than the security models designed to protect it. The next era of cloud security must be built on runtime signals; that's actually the only way to understand what is truly happening in production. By integrating Upwind's runtime-first cloud security platform with Security Hub Extended Plan, customers can base their decisions on live signals, not assumptions. That changes how teams prioritize risk, how they operate, and how fast they can move. This is the direction cloud security is heading," he added.

Customer view

Waste Management is among the customers referenced as using Upwind across AWS and its broader cloud footprint. Jerich Beason, CISO at Waste Management, said the company selected Upwind after testing CNAPP products and has reduced alert volume and vulnerability noise.

"Upwind provides deep visibility and clarity across our AWS environment, allowing us to focus on real, actionable risk," Beason said. "After an in-depth evaluation of CNAPP platforms and extensive hands-on testing, we chose Upwind and rolled it out across our AWS and broader cloud infrastructure. Since deployment, we've seen a significant reduction in security alerts and fewer irrelevant CVEs. That level of clarity enables our teams to prioritize what actually matters and operate far more efficiently. Cloud security has lacked meaningful context for too long. Upwind shows us what is happening in our environment and why it matters. The agent built on the platform allows us to interrogate our data in real time, saving time and money while strengthening our overall security operations. Just as important, they have earned the trust of our engineers and security teams and continue to operate at the speed we expect from modern cloud partners."

Market Context

CNAPP products typically combine multiple cloud security functions, including workload protection, posture management, and vulnerability assessment. Vendors have pushed deeper integrations with hyperscalers as large enterprises look to reduce the number of consoles and improve signal correlation.

AWS has also been expanding its own security portfolio while relying on partners for specialist tools and adjacent coverage. The Extended plan reflects that approach by bundling partner products with AWS-native detection services under a single procurement route.

The Extended plan for AWS Security Hub is available in all commercial AWS regions.

Related stories
Bridging the gap: Cybersecurity breakthroughs and imbalances
In a cost-pressured AI race, operational maturity is now the competitive advantage
AI cyber threats outpace staff readiness, report warns
Teramind launches AI governance to tackle shadow AI
UK AI budgets shift to data infrastructure & storage

Top stories

Safe AI needs all voices: Celebrating the women who help drive CSA's AI safety initiative
Autonomous AI 'agentic customers' set to reshape banks
How women in cyber change the conversation at board level
The weight women carry
Preserving our voice: Why women must shape the future of AI and cybersecurity