Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
From the outside, Upwind Security looks like it’s had a smooth ride so far. In just four years, the cloud security startup now has $1.5 billion, and boasts Siemens, Peloton, Roku, Wix, Nextdoor and Nubank among its clients. But if you ask the company’s co-founder Amiram Shachar, the journey here was far from certain.
“Three years ago, we spent hours wondering if we were heading in the right direction, and 80% of the time, it felt like we weren’t,” a candid Shachar told TechCrunch in an interview after the company’s recent $250 million Series B round.
“In the beginning, we always wondered if the market needed our solution, if it would be difficult to integrate with the big systems, or if customers would take it,” he recalled. “Developing a new system was difficult; people are used to putting things on the machine, but they don’t like it.”
Upwind likes to call the approach “real-time security”: Prioritizing information and efforts to fix threats and vulnerabilities in real-time operations. As Shachar says, it’s an “inside-out” take on cloud security, where internal indicators such as network requests and API traffic serve as a tool to help security teams isolate potential threats.
Creating this strategy was not easy, however, as Shachar and his co-founders did not have a security background: they first built and sold a cloud computing brokerage. Spot.io, at NetApp about $450 million in 2020.
“When I joined NetApp after acquiring Spot, I saw firsthand how complex cloud security can be,” said Shachar. “The security team looked at our environment and pointed out problems, but it went wrong. From a DevOps background, we (Shachar and his team) have a good understanding of the architecture, while security teams often don’t know how APIs are exposed or what packages are running. As a result, they exposed a lot of things that weren’t really dangerous.”
But Shachar and his team felt they had a lot of experience with the cloud because they were running it. “The popular approach was a passive, ‘outside-in’ approach where you analyze the environment from the outside,” he said. “It’s easy to install, but it makes a lot of noise because you only see what’s visible from the outside.”
Techcrunch event
Boston, MA
| |
June 23, 2026
The team realized that the information provided by internal signals could be very useful for security teams, because they can see what is happening on the Internet, in real time. But selling innovations in cloud security has been difficult, as security teams often lack permission to deploy software internally and modify traditional tools.
So the Upwind sale took time. “It didn’t make sense at first, and there was a lot of uncertainty; customers were skeptical,” Shachar said.
“But we saw things that others did not,” he explained. “Internal-external is not the best way; it’s the only way to solve next-generation problems. With complex infrastructures such as containers, serverless services, AI agents talking to each other, with data constantly flowing through APIs, you can’t draw this from the outside. It has to be inside.”
However, the company had to contend with a crowded security market. Security teams were already tired of the plethora of tools, and customers didn’t want more products to manage their cloud security. “From the beginning, it was clear that Upwind would need to build a broad, integrated platform,” Shachar said. “Otherwise, customers would not engage or allow us to use our technology.”
The company’s philosophy ultimately spoke to its target customers: large, information-intensive organizations with large cloud footprints. The reason $100 million Series A in 2024Upwind has grown rapidly, posting 900% year-over-year revenue growth and increasing its customer base. The company has also expanded from its core markets of the US, UK and Israel to emerging markets including Australia, India, Singapore, and Japan.
The $250 million Series B was led by Bessemer Venture Partners, with participation from Salesforce Ventures and Picture Capital. The new funds will be used for product development and going to market, and the startup plans to invest its AI security within its cloud security platform and “expand its approach closer to manufacturers to help prevent defaults before they reach production.”
