Upwind, the next-gen Wiz, now secures every corner of the AI stack

Upwind just dropped a new product announcement today, and it signals a fundamental shift in how the company thinks about AI risk.

CEO Amiram Shachar published a lengthy post this morning laying out Upwind’s “Security for AI” thesis, the companion piece to their earlier push around agentic AI capabilities. The core argument is simple: AI security isn’t a standalone product category you can bolt on. It has to be woven into every existing layer of cloud security, from the code pipeline all the way through to runtime.

The attack surface has moved

The most striking part of Shachar’s framing is his argument about where the real action now happens. Traditional runtime security spent years watching process execution, malware signatures, and network flows.

That’s increasingly the wrong place to look. The interesting threat activity has moved up to the application layer, to APIs, payloads, prompts, and the thousands of MCP calls a single AI agent fires off to complete a task. When a model receives a prompt, calls a tool, hits an MCP server, retrieves from a datastore, and returns a payload, every single hop in that chain is an exposure point. Prompt injection, data leakage, over-permissioned tool calls, none of it shows up when you’re watching packets.