Skip to content
  • +55 (11) 3375 0133
  • contato@nova8.com.br
Linkedin-in Facebook-square Instagram Youtube
  • EN-US
  • PT-BR
  • ES-MX
Nova8
  • #Nova8is10!
  • Portfolio

    Checkmarx

    Application security testing solution

    Cequence

    API security platform

    Snyk

    Security for Developers

    IRONSCALES

    Application security testing for companies

    Upwind

    Cloud Security platform

    CORO

    Simplified Cybersecurity

    Invicti

    Web Security Tool for Vulnerability Detection

    See all solutions
  • Services

    VAD

    The only Value-Added Distributor (VAD) in Latin America mentioned in the Gartner Market Guide

    Center of Excellence Nova8 in Cybersecurity

    Accelerate your technical and strategic training with Nova8's innovation hub.

    Nova8 Consulting in Cybersecurity

    Strategy, efficiency and real protection for critical applications and data.

  • Cases
  • Blog & Materials
Contact us
Nova8
  • Home
  • Blog

Upwind and Nova8: The new generation of cloud security that prioritizes what truly matters

  • Nova8 Security Research Team
  • July 1, 2025
  • Blog, Upwind

The evolution of cloud security starts with what is happening now

The digital transformation driven by the cloud requires a new approach to cybersecurity. The traditional model, focused only on static analysis and compliance posture, is no longer sufficient to protect dynamic, highly distributed environments that are increasingly exposed to real-time attacks. In this scenario, Upwind gains strength, a next-generation CNAPP (Cloud Native Application Protection Platform) that redefines how companies detect, prioritize, and respond to risks in their cloud-native environments.

To better understand this new paradigm and the differentiators of Upwind, Nova8, the only Latin American distributor mentioned in the Gartner Market Guide for IT Distributors, held an exclusive conversation with Samuel Zejger, an executive with years of experience in cybersecurity, technology, and cloud. Now leading Upwind’s operation in Latin America, Samuel provides a strategic and technical perspective on the challenges organizations face in protecting workloads, APIs, and applications in production.

Exclusive interview: Upwind’s differentiators in the view of Samuel Zejger

1. Why are traditional cloud security solutions no longer adequate?

Samuel: Today, many Cloud Security platforms (like traditional CSPMs) offer an avalanche of alerts based on static analysis. The problem is that this creates noise: the security team is overwhelmed trying to understand what is truly critical. Upwind was born precisely to address this pain, prioritizing risks based on what is happening in runtime, meaning in real-time within cloud environments. This reduces false positives, speeds up responses, and focuses the team’s energy on what truly represents a threat.

2. What does it mean to protect applications and infrastructure “in real-time” in the cloud?

Samuel: It means going beyond posture and compliance. It means identifying active attacks, lateral movements, anomalous identity behaviors (both human and non-human), and reacting at the moment they occur. We use eBPF-based sensors to monitor containers, APIs, and workloads in runtime. This allows us to offer CDR (Cloud Detection and Response) and CADR (Cloud Application Detection and Response), which are modern and essential layers for protecting dynamic and complex environments like Kubernetes.

3. Shift left, shift right… where does Upwind really fit into the security journey?

Samuel: Upwind is a complete second-generation CNAPP (Cloud Native Application Protection Platform) solution. We work on three fronts:

  • Posture, with graphical visibility of the cloud, network topology, and inventory of APIs and identities.
    Whether in development, operations, or incident response, we ensure security is present end-to-end.
  • Shift-left, with policies and native integrations with GitHub, GitLab, and Azure to prevent risks at the source;
  • Runtime, where we are leaders with live detection and actionable context;

4. What changes in risk prioritization when you have visibility in runtime?

Samuel: Everything. Instead of merely classifying a vulnerability solely by CVE, Upwind checks if it is being actively exploited, if it belongs to a truly exposed workload, and if there are suspicious movements connected to it. With this, we create a dynamic risk scoring model, allowing the CISO and analysts to know what needs to be addressed now, and what can wait.

5. Many companies already have other solutions like Prisma, Wiz, or Orca. How does Upwind differentiate itself in this scenario?

Samuel: Most leading solutions – like Prisma, Wiz, and Orca – were born focused on static analysis and are only now trying to catch up with runtime, which was our starting point. Upwind is the only CNAPP on the market that uses the Runtime context for all aspects of cloud security, including vulnerability prioritization, configuration posture, and API security. In this way, Upwind generates high-fidelity results, prioritized based on real-world criticality, connecting the dots between seemingly unrelated security events.


Upwind also utilizes Machine Learning to create cloud “baselines,” proactively alerting teams about abnormal activities that may indicate a threat or attack. This, in turn, empowers users to make highly informed security decisions, reducing remediation and incident response times, and allowing for more efficient security practices. Furthermore, some more traditional solutions have recently started launching sensors, but they still lack maturity. We offer continuous monitoring, with automated response and deep visibility into containers, APIs, and networks, with clear proof of this in POCs (proofs of concept) we conduct with large clients.

6. How does Upwind assist with compliance with LGPD, PCI, and other regulations?

Samuel: In addition to mapping configurations and posture policies, we deliver concrete evidence of risky behavior, such as exfiltration attempts, unauthorized access, or API exposure. This helps companies remain compliant without relying solely on sporadic audits. Our graphical topology facilitates audits, visually showing who communicates with whom within the cloud.

7. If I am a company at the beginning of a cloud journey, why choose Upwind now?

Samuel: Upwind has a single SKU, meaning all functionalities are embedded in the platform from day one, from posture to runtime, API protection to shift left. For companies still structuring their security architecture, it is a smart way to start with a modern, robust foundation prepared to grow with the business. And for more mature companies, we enter as an advanced complement, focusing where other tools fail: real-time visibility and response.

Market trends and reflection for security leaders

As cloud-native environments become more complex and dynamic, the need for approaches integrating prevention, detection, and response to incidents in a coordinated manner also increases. The interview with Samuel Zejger offers a clear insight into how the market has evolved, moving away from models centered solely on posture and compliance towards solutions that also track what happens in production.

More than promoting a specific solution, the conversation invites reflection: how are companies dealing with risks that escape static control and manifest in real-time?

According to Gartner, as published by InforChannel, the adoption of CNAPP platforms is expected to grow significantly in the coming years, as companies seek to consolidate security tools into unified solutions, reducing operational complexity in multicloud environments and increasing protection effectiveness. This trend reinforces the central role of runtime visibility and integration between layers in the future of cloud security.

Want to understand how Upwind can transform your cloud environment protection?

Schedule a consultative chat with our specialists and take your strategy to the next level.

 

  • Cloud Security, nova8, proteção de APIs

Navigate by theme

  • Materials
  • Blog
  • Cequence
  • Nova8 Ecosystem
  • Checkmarx
  • Coro
  • Cybersecurity Distribution
  • Market Strategy
  • value-added distributor
  • Cases

Navigate by solution

  • Snyk
  • Upwind
  • Cequence
  • Coro
  • Ironscales
  • Checkmarx

Segurança começa pelo Colaborador

Stay Ahead of Cyber Threats

Explore our insightful materials such as e-books, whitepapers, articles, and blog content to learn all about cybersecurity trends.

See more
AI Experience o que o encontro da Nova8, Cequence e CISO’s Club mostrou sobre governança de IA e segurança de APIs
  • April 9, 2026
  • Cequence

AI Experience: what the meeting between Nova8 Cybersecurity, Cequence, and CISO’s Club revealed about AI governance and API security

The AI Experience demonstrated how AI already enables businesses but requires governance, guardrails, and API security. See the key insights from the event.
Read more
Nova8 RSA
  • March 30, 2026
  • value-added distributor

RSAC 2026: what really mattered at the world’s largest cybersecurity event

See the key insights from RSAC 2026, highlighting the role of AI, market positioning, and strategic learnings observed by Nova8 Cybersecurity.
Read more
Nova8_Cequence
  • March 16, 2026
  • Nova8 Ecosystem

AI Gateway, Agentic AI, and Corporate APIs: Why Cequence Has Become Strategic for Secure AI Adoption

Learn how Cequence's AI Gateway helps companies connect AI agents to APIs and applications with authentication, control, and monitoring.
Read more
Linkedin-in Facebook-square Instagram Youtube

Al. Rio Negro, 585 - Torre Jaçarí - 13º andar
Conjunto 134 - Alphaville, Barueri - SP, 06454-000

  • +55 (11) 3375 0133
  • contato@nova8.com.br

Company

  • #Nova8is10!
  • Events
  • VAD
  • Center of Excellence
  • Consulting
  • Work at Nova8
  • Privacy Policy
  • Code of Ethics

Portfolio

  • Checkmarx
  • Upwind
  • Cequence
  • CORO
  • Snyk
  • IRONSCALES
  • Invicti
  • Bright
  • Riskified
  • MazeBolt
  • Mend
  • Request a quote

Content

  • Clients and Cases

Copyright © Nova 8 Cybersecurity - 2025 - Todos os direitos reservados

Desenvolvido por Tech4Biz

Search
Nova8
  • EN-US
  • PT-BR
  • ES-MX
  • #Nova8is10!
  • Portfolio
    • CORO
    • Upwind
    • Cequence
    • CORO
    • IRONSCALES
    • Checkmarx
  • Services
    • Center of Excellence in Cybersecurity for Resellers and Technical Teams
    • Cybersecurity Consulting with a Focus on AppSec
    • Services – Value-Added Cybersecurity Distributor
  • Cases
  • Blog & Materials
  • Contact Us
  • #Nova8is10!
  • Portfolio
    • CORO
    • Upwind
    • Cequence
    • CORO
    • IRONSCALES
    • Checkmarx
  • Services
    • Center of Excellence in Cybersecurity for Resellers and Technical Teams
    • Cybersecurity Consulting with a Focus on AppSec
    • Services – Value-Added Cybersecurity Distributor
  • Cases
  • Blog & Materials
  • Contact Us
  • +55 (11) 3375 0133
  • contato@nova8.com.br
Linkedin-in Facebook-square Instagram Youtube
Search
Saiba mais
Search