Ir para o conteúdo
  • +55 (11) 3375 0133
  • contato@nova8.com.br
Linkedin-in Facebook-square Instagram Youtube Whatsapp
  • EN-US
  • PT-BR
  • ES-MX
Nova8
  • #Nova8é10!
  • Portfólio

    Checkmarx

    Segurança de Aplicações (AppSec) de Ponta a Ponta​

    Cequence

    Proteção Contra Fraudes e Bots com Segurança de APIs​

    Snyk

    Segurança Dev-First para Desenvolvimento Seguro e Ágil

    IRONSCALES

    Antiphishing Inteligente com IA Adaptativa e Generativa​

    Upwind

    Segurança em Tempo Real para Ambientes em Nuvem e Containers

    CORO

    Cibersegurança Simples e Modular para Empresas Enxutas

    Invicti

    Segurança web com detecção de vulnerabilidades

    Conheça o portfólio completo
  • Serviços

    VAD

    Única Distribuidora de Valor Agregado (VAD) de cibersegurança da América Latina citada no Gartner Market Guide

    Centro de Excelência Nova8 em Cibersegurança

    Acelere sua capacitação técnica e estratégica com o hub de inovação da Nova8.

    Consultoria Nova8 em Cibersegurança

    Estratégia, eficiência e proteção real para aplicações e dados críticos.

  • Cases
  • Blog & Materiais
Fale Conosco
Nova8
  • Home
  • Blog

Upwind and Nova8: The new generation of cloud security that prioritizes what truly matters

  • Nova8 Security Research Team
  • julho 1, 2025
  • Blog, Upwind

The evolution of cloud security starts with what is happening now

The digital transformation driven by the cloud requires a new approach to cybersecurity. The traditional model, focused only on static analysis and compliance posture, is no longer sufficient to protect dynamic, highly distributed environments that are increasingly exposed to real-time attacks. In this scenario, Upwind gains strength, a next-generation CNAPP (Cloud Native Application Protection Platform) that redefines how companies detect, prioritize, and respond to risks in their cloud-native environments.

To better understand this new paradigm and the differentiators of Upwind, Nova8, the only Latin American distributor mentioned in the Gartner Market Guide for IT Distributors, held an exclusive conversation with Samuel Zejger, an executive with years of experience in cybersecurity, technology, and cloud. Now leading Upwind’s operation in Latin America, Samuel provides a strategic and technical perspective on the challenges organizations face in protecting workloads, APIs, and applications in production.

Exclusive interview: Upwind’s differentiators in the view of Samuel Zejger

1. Why are traditional cloud security solutions no longer adequate?

Samuel: Today, many Cloud Security platforms (like traditional CSPMs) offer an avalanche of alerts based on static analysis. The problem is that this creates noise: the security team is overwhelmed trying to understand what is truly critical. Upwind was born precisely to address this pain, prioritizing risks based on what is happening in runtime, meaning in real-time within cloud environments. This reduces false positives, speeds up responses, and focuses the team’s energy on what truly represents a threat.

2. What does it mean to protect applications and infrastructure “in real-time” in the cloud?

Samuel: It means going beyond posture and compliance. It means identifying active attacks, lateral movements, anomalous identity behaviors (both human and non-human), and reacting at the moment they occur. We use eBPF-based sensors to monitor containers, APIs, and workloads in runtime. This allows us to offer CDR (Cloud Detection and Response) and CADR (Cloud Application Detection and Response), which are modern and essential layers for protecting dynamic and complex environments like Kubernetes.

3. Shift left, shift right… where does Upwind really fit into the security journey?

Samuel: Upwind is a complete second-generation CNAPP (Cloud Native Application Protection Platform) solution. We work on three fronts:

  • Posture, with graphical visibility of the cloud, network topology, and inventory of APIs and identities.
    Whether in development, operations, or incident response, we ensure security is present end-to-end.
  • Shift-left, with policies and native integrations with GitHub, GitLab, and Azure to prevent risks at the source;
  • Runtime, where we are leaders with live detection and actionable context;

4. What changes in risk prioritization when you have visibility in runtime?

Samuel: Everything. Instead of merely classifying a vulnerability solely by CVE, Upwind checks if it is being actively exploited, if it belongs to a truly exposed workload, and if there are suspicious movements connected to it. With this, we create a dynamic risk scoring model, allowing the CISO and analysts to know what needs to be addressed now, and what can wait.

5. Many companies already have other solutions like Prisma, Wiz, or Orca. How does Upwind differentiate itself in this scenario?

Samuel: Most leading solutions – like Prisma, Wiz, and Orca – were born focused on static analysis and are only now trying to catch up with runtime, which was our starting point. Upwind is the only CNAPP on the market that uses the Runtime context for all aspects of cloud security, including vulnerability prioritization, configuration posture, and API security. In this way, Upwind generates high-fidelity results, prioritized based on real-world criticality, connecting the dots between seemingly unrelated security events.


Upwind also utilizes Machine Learning to create cloud “baselines,” proactively alerting teams about abnormal activities that may indicate a threat or attack. This, in turn, empowers users to make highly informed security decisions, reducing remediation and incident response times, and allowing for more efficient security practices. Furthermore, some more traditional solutions have recently started launching sensors, but they still lack maturity. We offer continuous monitoring, with automated response and deep visibility into containers, APIs, and networks, with clear proof of this in POCs (proofs of concept) we conduct with large clients.

6. How does Upwind assist with compliance with LGPD, PCI, and other regulations?

Samuel: In addition to mapping configurations and posture policies, we deliver concrete evidence of risky behavior, such as exfiltration attempts, unauthorized access, or API exposure. This helps companies remain compliant without relying solely on sporadic audits. Our graphical topology facilitates audits, visually showing who communicates with whom within the cloud.

7. If I am a company at the beginning of a cloud journey, why choose Upwind now?

Samuel: Upwind has a single SKU, meaning all functionalities are embedded in the platform from day one, from posture to runtime, API protection to shift left. For companies still structuring their security architecture, it is a smart way to start with a modern, robust foundation prepared to grow with the business. And for more mature companies, we enter as an advanced complement, focusing where other tools fail: real-time visibility and response.

Market trends and reflection for security leaders

As cloud-native environments become more complex and dynamic, the need for approaches integrating prevention, detection, and response to incidents in a coordinated manner also increases. The interview with Samuel Zejger offers a clear insight into how the market has evolved, moving away from models centered solely on posture and compliance towards solutions that also track what happens in production.

More than promoting a specific solution, the conversation invites reflection: how are companies dealing with risks that escape static control and manifest in real-time?

According to Gartner, as published by InforChannel, the adoption of CNAPP platforms is expected to grow significantly in the coming years, as companies seek to consolidate security tools into unified solutions, reducing operational complexity in multicloud environments and increasing protection effectiveness. This trend reinforces the central role of runtime visibility and integration between layers in the future of cloud security.

Want to understand how Upwind can transform your cloud environment protection?

Schedule a consultative chat with our specialists and take your strategy to the next level.

 

  • Cloud Security, nova8, proteção de APIs

Navegue por tema

  • Segurança
  • Gestão de segurança
  • #cybersecurity
  • Notícias
  • Upwind
  • Cequence
  • #cybercrime
  • #IA
  • Segurança na Nuvem
  • Checkmarx

Navegue por solução

  • Snyk
  • Upwind
  • Cequence
  • Coro
  • Ironscales
  • Checkmarx

Segurança começa pelo Colaborador

Mantenha-se à frente das ameaças cibernéticas

Explore nossos materiais ricos em insights como e-books, whitepapers, artigos e conteúdos do blog para saber tudo sobre as tendências de cibersegurança.

Veja mais
Nova8 é 10! - Banner
  • maio 19, 2026
  • Trusted Advisor

Nova8 é 10: 10 anos como VAD em cibersegurança

Entenda por que a Nova8 é 10: uma década como VAD em cibersegurança, menção no Gartner Market Guide, ISO/IEC 27001, GPTW, Centro de Excelência e portfólio global.
Leia mais
Nova8 Checkmarx (3)
  • maio 14, 2026
  • Soluções

Vibe coding e AppSec: como proteger código gerado por IA

Entenda como o código gerado por IA muda o risco em AppSec e como a Checkmarx ajuda a escalar governança no SDLC.
Leia mais
Snyk Agent Fix por que a correção segura de código virou o novo desafio da AppSec com IA
  • maio 14, 2026
  • Soluções

Snyk Agent Fix e AppSec com IA: correção segura de código no fluxo dev

Entenda como o Snyk Agent Fix usa arquitetura agêntica para acelerar a remediação segura de código no fluxo de desenvolvimento.
Leia mais

Linkedin-in Facebook-square Instagram Youtube

Al. Rio Negro, 585 - Torre Jaçarí - 13º andar Conjunto 134 - Alphaville, Barueri - SP, 06454-000

  • +55 (11) 3375 0133
  • contato@nova8.com.br
  • Fale com a Nova8 pelo WhatsApp

Empresa

  • #Nova8é10!
  • Eventos
  • VAD
  • Centro de Excelência
  • Consultoria
  • Trabalhe conosco
  • Política de Privacidade
  • Código de Ética

Portfólio

  • Checkmarx
  • Upwind
  • Cequence
  • CORO
  • Snyk
  • IRONSCALES
  • Invicti
  • Bright
  • Riskified
  • MazeBolt
  • Mend
  • Solicite um orçamento

Conteúdo

  • Blog Nova8
  • Clientes e Cases
  • Materiais

Copyright © Nova 8 Cybersecurity - 2026 - Todos os direitos reservados

Pesquisar
Nova8
  • EN-US
  • PT-BR
  • ES-MX
  • #Nova8é10!
  • Sobre nós
  • Portfólio
  • Serviços
    • Consultoria em Cibersegurança
    • Centro de excelência
    • Distribuidora de Cibersegurança de Valor Agregado
  • Cases
  • Blog & Materiais
  • Fale Conosco
  • #Nova8é10!
  • Sobre nós
  • Portfólio
  • Serviços
    • Consultoria em Cibersegurança
    • Centro de excelência
    • Distribuidora de Cibersegurança de Valor Agregado
  • Cases
  • Blog & Materiais
  • Fale Conosco
  • +55 (11) 3375 0133
  • contato@nova8.com.br
Linkedin-in Facebook-square Instagram Youtube
Saiba mais
Pesquisar