From Startup Struggles to $1.5 Billion Valuation: How Upwind Security Revolutionized Cloud Protection

When Upwind Security burst onto the tech scene just four years ago, few could have predicted the meteoric rise that would follow. Today, the cloud security startup commands a staggering $1.5 billion valuation and counts industry titans like Siemens, Peloton, Roku, Wix, Nextdoor, and Nubank among its prestigious client roster. But behind the glittering success story lies a tale of uncertainty, perseverance, and revolutionary thinking that nearly derailed the entire venture.

“Three years ago, we would spend hours asking ourselves if we were heading in the right direction, and 80% of the time, it felt like we weren’t,” admits Amiram Shachar, Upwind’s co-founder and CEO, in a refreshingly candid conversation with TechCrunch following the company’s massive $250 million Series B funding round.

The journey from concept to cloud security powerhouse was anything but smooth sailing. In those early days, the founding team found themselves in a constant state of doubt, questioning whether the market even needed their solution, whether integration into larger systems would prove too complex, or if customers would ultimately adopt their innovative approach.

“Developing a new approach was difficult; people are used to installing certain agents on machines, but they don’t like doing it,” Shachar recalls, highlighting the fundamental challenge of disrupting established security paradigms.

The “Runtime” Revolution: Inside-Out Security

What sets Upwind apart is its pioneering “runtime” security approach—a methodology that prioritizes alerts and remediation efforts around threats and vulnerabilities in active services in real time. As Shachar eloquently describes it, this represents an “inside-out” take on cloud security, where internal signals like network requests and API traffic provide crucial context that helps security teams distinguish between urgent risks requiring immediate attention and those that can wait.

This revolutionary approach emerged from the founders’ unique perspective. Unlike traditional security experts, Shachar and his co-founders first made their mark by building and selling a cloud compute brokerage called Spot.io to NetApp for approximately $450 million in 2020. This experience gave them intimate knowledge of cloud infrastructure that most security professionals lacked.

“After joining NetApp post the Spot acquisition, I experienced firsthand how difficult cloud security really is,” Shachar explains. “The security team would scan our environment and report issues, but they lacked critical context. Coming from a DevOps background, we understood the infrastructure deeply, while security teams often didn’t know how APIs were exposed or which packages were running. As a result, they flagged many issues that weren’t real risks.”

The team’s epiphany was simple yet profound: they possessed better insight into cloud environments because they were actively running them. The dominant approach at the time was agentless, an “outside-in” model where environments were scanned externally. While easy to deploy, this method generated substantial noise because it could only observe what was visible from the outside.

“We saw something others didn’t,” Shachar emphasizes. “Inside-out isn’t an advanced option; it’s the only way to solve the next generation of problems. With ephemeral infrastructure like containers, serverless workloads, AI agents talking to each other, and data constantly moving through APIs, you simply can’t map this from the outside. It has to be inside.”

The Rocky Road to Market Acceptance

Despite having what they believed was a superior solution, Upwind faced significant hurdles in gaining market traction. Security teams often lacked the permissions necessary to deploy software internally and tended to default to more traditional tools they knew and trusted.

“Sales took time,” Shachar admits. “It wasn’t clear at first, and there was a lot of uncertainty; customers were hesitant.”

The company also had to contend with an extremely crowded security market. Security teams were already overwhelmed by the sheer number of tools available, and customers were reluctant to adopt multiple products just to manage cloud security effectively.

“From the beginning, it was clear that Upwind would need to build a broad, integrated platform,” Shachar explains. “Otherwise, customers wouldn’t engage or allow us to deploy our technology.”

Explosive Growth and Global Expansion

The company’s persistence and the undeniable logic of its approach eventually resonated with target customers: large, data-intensive organizations with substantial cloud footprints. Since its $100 million Series A in 2024, Upwind has experienced explosive growth, posting an incredible 900% year-over-year revenue growth and doubling its customer base.

The company has also expanded its geographic reach beyond its core markets in the United States, United Kingdom, and Israel to emerging markets including Australia, India, Singapore, and Japan, demonstrating the global applicability of its solution.

Massive Investment Fuels Ambitious Plans

The recent $250 million Series B funding round, led by Bessemer Venture Partners with participation from Salesforce Ventures and Picture Capital, provides substantial resources for Upwind’s next phase of growth. The fresh capital will be directed toward product development and go-to-market initiatives, with the startup planning to invest heavily in its AI security capabilities within its core cloud security platform.

Additionally, Upwind aims to “extend its approach closer to developers to help prevent misconfigurations before they reach production,” representing a proactive rather than reactive security posture that could fundamentally change how organizations approach cloud protection.

The Future of Cloud Security

Upwind’s journey from uncertain startup to billion-dollar valuation represents more than just business success—it embodies the kind of innovative thinking necessary to address the evolving challenges of cloud security. As infrastructure becomes increasingly ephemeral, workloads more distributed, and AI agents proliferate, traditional security approaches simply cannot keep pace.

The company’s “inside-out” methodology, born from real-world experience running cloud environments rather than just securing them, offers a glimpse into the future of cybersecurity. By providing security teams with the context they need to make informed decisions about real versus perceived risks, Upwind is helping organizations navigate an increasingly complex digital landscape.

As cloud adoption continues to accelerate across industries and the attack surface expands exponentially, solutions like Upwind’s will likely become not just advantageous but essential. The company’s journey—from those early days of doubt and uncertainty to its current position as a leader in cloud security innovation—serves as both inspiration and roadmap for other startups daring to challenge established paradigms.

The $1.5 billion valuation isn’t just a number; it’s validation that sometimes the most revolutionary ideas emerge not from incremental improvements to existing approaches, but from completely reimagining the problem itself.

Tags: Cloud Security, Startup Success, Runtime Security, Inside-Out Security, Series B Funding, Cybersecurity Innovation, Cloud Infrastructure, Security Solutions, Enterprise Technology, AI Security, DevOps, Cloud Computing, Security Platform, Tech Unicorns, Security Market Disruption

Viral Phrases: “Inside-out isn’t an advanced option; it’s the only way to solve the next generation of problems,” “We saw something others didn’t,” “Three years ago, we would spend hours asking ourselves if we were heading in the right direction,” “Developing a new approach was difficult; people are used to installing certain agents on machines,” “Security teams were already overwhelmed by the number of tools available,” “It wasn’t clear at first, and there was a lot of uncertainty; customers were hesitant,” “From the beginning, it was clear that Upwind would need to build a broad, integrated platform,” “With ephemeral infrastructure like containers, serverless workloads, AI agents talking to each other, and data constantly moving through APIs, you simply can’t map this from the outside.”

,