IT Brief US - Technology news for CIOs & IT decision-makers
United States
Upwind launches AI agentic pack for cloud security
Digital Transformation Cloud Security Application Security

Upwind launches AI agentic pack for cloud security

Thu, 14th May 2026 (Today)
Sofiah Nichole Salivio
SOFIAH NICHOLE SALIVIO News Editor

Upwind has launched an AI Agentic Pack for cloud security, adding four specialised AI agents to its Cloud & AI Security Platform.

The package is designed to support threat investigation, risk validation and remediation across cloud and AI environments. It uses runtime context, including live cloud activity, service relationships, identity behaviour and execution context, to help security teams decide which risks need attention.

The launch comes as security vendors and customers look for ways to handle rising alert volumes and faster-moving threats. Upwind argues that for many teams, the main challenge is no longer collecting data but determining which issues are material and what action should follow.

Its approach focuses analysts on active workloads and exposed assets in production, rather than theoretical risks that may not be reachable in real-world conditions. The platform also recommends next steps based on runtime evidence while leaving customers in control of how actions are reviewed and carried out.

Four agents

The AI Agentic Pack includes four named agents aligned to different stages of a security workflow.

Choppy provides context by mapping services, dependencies and relationships across cloud, code and runtime environments. Blue is aimed at incident response, analysing alerts, suspicious activity and runtime signals to reconstruct activity, identify changes and support mitigation.

Red focuses on exposure validation. Upwind says it identifies entry points, maps attack paths and assesses which risks are likely to be exploitable.

Green is designed to turn validated findings into remediation steps, including root cause analysis, prioritised actions, remediation, pull request code generation and implementation guidance.

The four agents are intended to reduce the time security teams spend interpreting large volumes of findings and telemetry. In practice, the product enters a growing market for AI tools that aim to move from alert triage to automated or semi-automated investigation and response.

Industry forecasts point in the same direction. Gartner predicts that AI applications will drive half of cybersecurity incident response efforts by 2028, signalling broader adoption of AI-assisted workflows in security operations.

Runtime focus

Upwind has built its business around runtime-based cloud security. Its broader platform covers cloud infrastructure, applications, identities, APIs, workloads and AI systems, and the new AI package extends that model rather than standing alone as a separate product.

The platform combines agentless discovery, runtime sensors and contextual analysis. This allows customers to see where AI is being used across their environments, how systems connect and which risks require follow-up.

By adding AI agents on top of that data, Upwind is aiming to offer security teams a more operational layer. Rather than simply surfacing a finding, the system is meant to investigate surrounding activity, test whether a weakness is exposed and suggest a practical fix.

The launch reflects a broader shift in cloud security. Vendors are increasingly trying to show that their tools can narrow security backlogs by linking static findings to runtime behaviour, helping customers distinguish between a potential issue and one that is reachable, active or already being abused.

Moshe Hassan, Vice President of Product & Research at Upwind, outlined the company's view of that transition.

"AI is transforming how security teams operate. We are shifting from prioritization to agency and AI-driven security workforces," said Moshe Hassan, Vice President of Product & Research at Upwind.

"The future of cloud security will be driven by AI agents that can investigate, validate, solve and guide action in real time, grounded in the reality of what's happening across the environment. With the AI Agentic Pack, we're turning runtime context into an agentic security workforce that gives security teams high agency and capabilities never seen before, helping them move faster, prioritize real risk and stay in control of the decisions that matter most."

Customer view

Cyberhaven, a customer cited by Upwind, said the use of runtime information was a distinguishing feature.

"AI is changing how security teams operate, and the context of business impact, customer impact and technical exposure is becoming critical to effective decision-making," said Aman Sirohi, Senior Vice President & Chief Information Security Officer at Cyberhaven.

"What stands out with Upwind is its ability to ground AI-driven investigation and response in runtime reality. The AI Agentic Pack helps our team focus on what is actually exposed, what matters most to the business and prioritize action with far greater confidence and efficiency."

The AI Agentic Pack is available to Upwind customers as part of the broader Cloud & AI Security Platform.

Related stories
API attacks surge as AI exposure raises cyber risk
Check Point teams with Google Cloud on AI agent security
Silverfort & SentinelOne unite on AI identity security
Sentra & Wiz add data classification to cloud risks
AI agents blur human access lines in enterprise systems
Top stories
GTIA names three new voting board members for 2026-27
Virtana launches AI observability for Dell factories
Versa adds cloud posture management to SASE platform
HackerOne & Wiz link validated findings to cloud risk
Sweet launches AI red-team agent to test attack paths