Upwind Security’s rise to a $1.5 billion valuation may look straightforward on paper, but the company’s leadership says the path was anything but predictable. Four years after its founding, the cloud security startup has closed a $250 million Series B round and counts Siemens, Peloton, Roku, Wix, Nextdoor, and Nubank among its customers.
Looking back, co-founder and CEO Amiram Shachar describes the early years as marked by constant doubt rather than confidence.
“Three years ago, we would spend hours asking ourselves if we were heading in the right direction, and 80% of the time, it felt like we weren’t,” Shachar told TechCrunch following the funding announcement.
At the outset, the team questioned whether the market would embrace their approach, whether large organizations would allow deep integration into their systems, and whether customers would accept a fundamentally different security model. “At the beginning, we constantly questioned whether the market needed our solution, whether it would be too hard to integrate into larger systems, or if customers would adopt it,” he said. “Developing a new approach was difficult; people are used to installing certain agents on machines, but they don’t like doing it.”
Upwind’s platform is built around what the company calls runtime, or “inside-out,” cloud security. Instead of relying on external scans, the system analyzes internal signals such as network activity and API traffic to prioritize real-time threats and remediation efforts. The goal is to help security teams distinguish between issues that require immediate attention and those that do not.
The idea was shaped by Shachar’s previous company, Spot.io, a cloud compute brokerage that he and his co-founders sold to NetApp for roughly $450 million in 2020. While integrating into NetApp, Shachar says he saw firsthand how disconnected cloud security tooling could be from operational reality.
“After joining NetApp post the Spot acquisition, I experienced firsthand how difficult cloud security really is,” he said. “The security team would scan our environment and report issues, but they lacked critical context. Coming from a DevOps background, we [Shachar and his team] understood the infrastructure deeply, while security teams often didn’t know how APIs were exposed or which packages were running. As a result, they flagged many issues that weren’t real risks.”
According to Shachar, most tools at the time relied on agentless, external scanning. “The dominant approach was agentless, an ‘outside-in’ model where you scan environments externally,” he explained. “It’s easy to deploy, but it creates a lot of noise because you can only see what’s visible from the outside.”
Upwind’s founders believed internal visibility was essential, especially as cloud infrastructure became more dynamic. “Inside-out isn’t an advanced option; it’s the only way to solve the next generation of problems,” Shachar said. “With ephemeral infrastructure like containers, serverless workloads, AI agents talking to each other, and data constantly moving through APIs, you simply can’t map this from the outside. It has to be inside.”
Despite that conviction, early customer adoption was slow. Security teams often lacked approval to deploy internal software and were already overwhelmed by existing tools. “It wasn’t clear at first, and there was a lot of uncertainty; customers were hesitant,” Shachar said.
That reality pushed Upwind to build a broad, integrated platform rather than a narrow point solution. “From the beginning, it was clear that Upwind would need to build a broad, integrated platform,” he said. “Otherwise, customers wouldn’t engage or allow us to deploy our technology.”
The strategy eventually resonated with large, cloud-heavy enterprises. Since raising a $100 million Series A in 2024, Upwind reports 900% year-over-year revenue growth and a doubling of its customer base. The company has also expanded beyond the U.S., U.K., and Israel into markets such as Australia, India, Singapore, and Japan.
The latest funding round was led by Bessemer Venture Partners, with participation from Salesforce Ventures and Picture Capital. Upwind plans to use the capital to accelerate product development, expand go-to-market efforts, and deepen its AI-driven security capabilities. The company also intends to push its platform closer to developers, aiming to catch misconfigurations earlier in the development lifecycle before they reach production.
