Upwind reveals completed integration of Nyx

Upwind has announced the full integration of Nyx into its product offering, following the successful completion of its acquisition in April 2025.

CADR

According to the company, this marks a major milestone in Upwind’s mission to unify cloud infrastructure and application security.

With Nyx’s function-level runtime visibility fully embedded in the Upwind platform, customers gain threat detection and vulnerability prioritisation from infrastructure to the application layer.

Upwind states that it is the first platform to offer true Cloud Application Detection and Response (CADR), delivering a single runtime-native solution that spans process behaviour, network activity, API usage and application function execution.

This establishes Upwind as the only CNAPP with fully integrated application-layer runtime protection.

“The real battle for cloud security”

Amiram Shachar, CEO and Co-Founder of Upwind commented: “We acquired Nyx because we believe that runtime is where the real battle for cloud security is happening.

“And now that it’s fully integrated, we’re delivering a single platform that’s purpose-built to observe, understand and stop attacks across cloud infrastructure and applications in production in real time.”

Real-time protection

Upwind highlights that attackers are evolving faster than the tools designed to stop them.

Traditional cloud security, focused on scanning infrastructure and posture, often misses what happens when code is running and services are live.

That’s where attackers are now operating and Upwind reports that it is uniquely positioned to respond.

Upwind

Upwind states that it was built from day one to secure live cloud environments through lightweight, high-fidelity runtime telemetry.

With the integration of Nyx’s eBPF-based engine, Upwind’s capabilities extend to observing and correlating function-level application behaviour, enabling two key capabilities:

• Function-aware vulnerability prioritisation: By identifying whether vulnerable functions in third-party packages are invoked at runtime, Upwind can suppress over 60% of false-positive vulnerability alerts, improving triage and reducing alert fatigue for developers and security teams
• Application-layer threat detection: Combined with Upwind’s existing baselines for process, network, syscall and API activity, Nyx’s technology adds a new layer of activity-based anomaly detection and runtime forensics, enabling deeper, real-time insight into application-level threats

These capabilities provide customers with a more accurate view of real risk, faster incident response and better alignment between AppSec, DevOps and cloud security teams, Upwind adds.

CNAPP landscape

With this integration, Upwind says that it has become the first CNAPP provider to offer integrated runtime protection across cloud infrastructure and applications, carving out a differentiated position in a market that has seen rapid expansion but limited innovation in application-layer defense.

While competitors have made moves into shift-left code scanning and static vulnerability analysis, runtime-focused Application Detection and Response (ADR) remains underserved.

Upwind highlights that it now uniquely delivers both in one platform, enabling runtime-first protection from the infrastructure level to the code path.

“Real-time signal, context and action”

Shachar commented: “Security has to keep up with the speed of production. You can’t wait hours or days to act.

“Upwind, now with Nyx, provides real-time signal, context and action – from the infrastructure to the process level.

“Mergers and acquisitions in the software industry are never easy.

“A perfectly executed integration, across both culture and technology, is essential to deliver a seamless user experience and a resilient architecture. That’s exactly what we’ve achieved with Nyx,” he concluded.

Runtime in modern cloud security

The shift toward runtime exploitation is accelerating. As threat actors become more adept at bypassing traditional guardrails, organisations need more than posture and policy – they need visibility into what’s happening as applications execute.

That means seeing every process, connection and user interaction in real time, with the ability to act before damage is done.

By anchoring security in runtime, Upwind says that it empowers teams to:

• Detect novel threats that static scanners miss
• Prioritise and respond to incidents with full context
• Prevent exploitation as it happens

Integration

With the integration of Nyx complete, Upwind states that it now offers a unified platform that combines deep runtime telemetry across cloud infrastructure and applications.

Looking ahead, Upwind is committed to expanding into Data Security and AI Security, through both organic execution and strategic mergers and acquisitions, to protect the next generation of cloud-native workloads.