The evolution of cloud security starts with what is happening now
The digital transformation driven by the cloud requires a new approach to cybersecurity. The traditional model, focused only on static analysis and compliance posture, is no longer sufficient to protect dynamic, highly distributed environments that are increasingly exposed to real-time attacks. In this scenario, Upwind gains strength, a next-generation CNAPP (Cloud Native Application Protection Platform) that redefines how companies detect, prioritize, and respond to risks in their cloud-native environments.
To better understand this new paradigm and the differentiators of Upwind, Nova8, the only Latin American distributor mentioned in the Gartner Market Guide for IT Distributors, held an exclusive conversation with Samuel Zejger, an executive with years of experience in cybersecurity, technology, and cloud. Now leading Upwind’s operation in Latin America, Samuel provides a strategic and technical perspective on the challenges organizations face in protecting workloads, APIs, and applications in production.
Exclusive interview: Upwind’s differentiators in the view of Samuel Zejger
1. Why are traditional cloud security solutions no longer adequate?
Samuel: Today, many Cloud Security platforms (like traditional CSPMs) offer an avalanche of alerts based on static analysis. The problem is that this creates noise: the security team is overwhelmed trying to understand what is truly critical. Upwind was born precisely to address this pain, prioritizing risks based on what is happening in runtime, meaning in real-time within cloud environments. This reduces false positives, speeds up responses, and focuses the team’s energy on what truly represents a threat.
2. What does it mean to protect applications and infrastructure “in real-time” in the cloud?
Samuel: It means going beyond posture and compliance. It means identifying active attacks, lateral movements, anomalous identity behaviors (both human and non-human), and reacting at the moment they occur. We use eBPF-based sensors to monitor containers, APIs, and workloads in runtime. This allows us to offer CDR (Cloud Detection and Response) and CADR (Cloud Application Detection and Response), which are modern and essential layers for protecting dynamic and complex environments like Kubernetes.
3. Shift left, shift right… where does Upwind really fit into the security journey?
Samuel: Upwind is a complete second-generation CNAPP (Cloud Native Application Protection Platform) solution. We work on three fronts:
- Posture, with graphical visibility of the cloud, network topology, and inventory of APIs and identities.
Whether in development, operations, or incident response, we ensure security is present end-to-end.
- Shift-left, with policies and native integrations with GitHub, GitLab, and Azure to prevent risks at the source;
- Runtime, where we are leaders with live detection and actionable context;
4. What changes in risk prioritization when you have visibility in runtime?
Samuel: Everything. Instead of merely classifying a vulnerability solely by CVE, Upwind checks if it is being actively exploited, if it belongs to a truly exposed workload, and if there are suspicious movements connected to it. With this, we create a dynamic risk scoring model, allowing the CISO and analysts to know what needs to be addressed now, and what can wait.
5. Many companies already have other solutions like Prisma, Wiz, or Orca. How does Upwind differentiate itself in this scenario?
Samuel: Most leading solutions – like Prisma, Wiz, and Orca – were born focused on static analysis and are only now trying to catch up with runtime, which was our starting point. Upwind is the only CNAPP on the market that uses the Runtime context for all aspects of cloud security, including vulnerability prioritization, configuration posture, and API security. In this way, Upwind generates high-fidelity results, prioritized based on real-world criticality, connecting the dots between seemingly unrelated security events.
Upwind also utilizes Machine Learning to create cloud “baselines,” proactively alerting teams about abnormal activities that may indicate a threat or attack. This, in turn, empowers users to make highly informed security decisions, reducing remediation and incident response times, and allowing for more efficient security practices. Furthermore, some more traditional solutions have recently started launching sensors, but they still lack maturity. We offer continuous monitoring, with automated response and deep visibility into containers, APIs, and networks, with clear proof of this in POCs (proofs of concept) we conduct with large clients.
6. How does Upwind assist with compliance with LGPD, PCI, and other regulations?
Samuel: In addition to mapping configurations and posture policies, we deliver concrete evidence of risky behavior, such as exfiltration attempts, unauthorized access, or API exposure. This helps companies remain compliant without relying solely on sporadic audits. Our graphical topology facilitates audits, visually showing who communicates with whom within the cloud.
7. If I am a company at the beginning of a cloud journey, why choose Upwind now?
Samuel: Upwind has a single SKU, meaning all functionalities are embedded in the platform from day one, from posture to runtime, API protection to shift left. For companies still structuring their security architecture, it is a smart way to start with a modern, robust foundation prepared to grow with the business. And for more mature companies, we enter as an advanced complement, focusing where other tools fail: real-time visibility and response.
Market trends and reflection for security leaders
As cloud-native environments become more complex and dynamic, the need for approaches integrating prevention, detection, and response to incidents in a coordinated manner also increases. The interview with Samuel Zejger offers a clear insight into how the market has evolved, moving away from models centered solely on posture and compliance towards solutions that also track what happens in production.
More than promoting a specific solution, the conversation invites reflection: how are companies dealing with risks that escape static control and manifest in real-time?
According to Gartner, as published by InforChannel, the adoption of CNAPP platforms is expected to grow significantly in the coming years, as companies seek to consolidate security tools into unified solutions, reducing operational complexity in multicloud environments and increasing protection effectiveness. This trend reinforces the central role of runtime visibility and integration between layers in the future of cloud security.
Want to understand how Upwind can transform your cloud environment protection?
