Skip to main content

Upwind Cloud Security Integration Setup

This guide walks you through integrating Upwind with RAD Security to ingest cloud security posture and compliance findings, cloud threats, and cloud resource inventory for unified posture and attack-surface analysis. Upwind provides cloud-native application protection (CNAPP) across your cloud environment. RAD Security connects to the Upwind API using OAuth 2.0 client credentials and pulls findings, threats, and asset inventory on a scheduled basis to correlate them with your runtime and Kubernetes security data.
Read-only integration: RAD Security only reads data from Upwind. It never writes to, modifies, or deletes resources in your Upwind environment.

Prerequisites

Before you begin, ensure you have:
  • An Upwind account with API access
  • Permission to create API credentials (client ID and secret) in Upwind
  • Your Upwind Organization ID
  • The Upwind region for your tenant (US, EU, or ME)
  • Access to a RAD Security workspace with integration permissions

Understanding Integration Components

RAD Security authenticates to the Upwind API using the OAuth 2.0 client-credentials grant. You provide a Client ID and Client Secret generated in Upwind, and RAD exchanges them for short-lived access tokens automatically.
The Organization ID identifies your Upwind organization and is used in the Upwind API path. You can find it in your Upwind organization/account settings.
Upwind operates regional deployments. The Region (US, EU, or ME) selects both the OAuth audience and the API base URL. It must match the region of your Upwind tenant.
RAD Security ingests Upwind data via scheduled polling. Webhooks are not used for this integration — data arrives on RAD’s polling cadence rather than being pushed by Upwind.

Step 1: Create API Credentials in Upwind

1

Sign in to the Upwind Console

Log in to the Upwind console with an account that has permission to manage API access.
2

Create an API Client

Navigate to Settings → API access and create a new API client or service account. Generate the credentials to obtain your Client ID and Client Secret.
Copy the Client Secret immediately. Many platforms show the secret only once at creation time. Store it securely in a password manager or secrets vault.
3

Locate Your Organization ID

Find your Organization ID in your Upwind organization or account settings.
4

Determine Your Region

Identify the Region of your Upwind tenant — US, EU, or ME.
Exact console navigation and labels may vary across Upwind versions. See the Upwind documentation for the current steps to create API credentials.

Configure in RAD Security

Navigate to your RAD Security workspace and configure the Upwind integration with the following parameters:

Required Parameters

ParameterDescription
Client IDUpwind OAuth 2.0 Client ID
Client SecretUpwind OAuth 2.0 Client Secret
Organization IDUpwind organization identifier used in the Upwind API path
RegionUpwind region — US, EU, or ME — selects the OAuth audience and API base URL

Verify Integration

1

Check Connection Status

  1. Navigate to Data Sources > Integrations > Cloud Security in RAD Security
  2. Locate your Upwind integration
  3. Verify the connection status shows as Connected
Your Upwind integration is now configured! RAD Security will ingest cloud posture findings, threats, and resource inventory from Upwind on a scheduled basis.

What Data is Synced

Cloud security posture and compliance findings, mapped to OCSF Detection Findings. Feeds unified posture analysis and RADBot.
Cloud threat detections, mapped to OCSF Detection Findings, correlated with runtime and Kubernetes signals.
Cloud resource (asset) inventory, mapped to OCSF Cloud Resources Inventory. Feeds attack-surface analysis.

Use Cases

Posture Management

Track cloud misconfigurations and compliance gaps from discovery through remediation.

Attack Surface Analysis

Use cloud asset inventory to understand and reduce your attack surface.

Threat Investigation

Investigate Upwind cloud threats with context from RAD runtime and Kubernetes detections.

RADBot Prioritization

Leverage RADBot to prioritize Upwind findings and threats by real-world impact.

Troubleshooting

Possible causes:
  • Incorrect Client ID or Client Secret
  • Client credentials were revoked or disabled in Upwind
Solution:
  • Verify the Client ID and Client Secret are copied correctly (no extra spaces)
  • Confirm the API client is still active in Settings → API access
  • Regenerate the credentials in Upwind and update them in RAD Security if needed
Possible causes:
  • The selected Region does not match your Upwind tenant
  • Audience mismatch causing token exchange to fail
Solution:
  • Confirm your tenant’s region (US, EU, or ME)
  • Update the Region parameter to match and reconnect
Possible causes:
  • Incorrect Organization ID
  • The organization has no findings, threats, or resources in scope
Solution:
  • Verify the Organization ID matches your Upwind organization
  • Confirm data exists in the Upwind console for the configured organization

Security Best Practices

Use a Service Account

Create dedicated API credentials for the RAD integration rather than tying them to a personal account.

Least Privilege

Grant only the read permissions required for posture, threats, and inventory.

Rotate Credentials

Rotate the Client Secret periodically according to your security policy.

Secure Secret Storage

Store the Client Secret in a secrets vault. Never commit it to version control.

Additional Resources

Upwind Documentation

Official Upwind documentation, including API access and credentials

Cloud Security Overview

Learn about RAD’s cloud security integrations

Next Steps

Cloud Security Integrations

Explore other cloud security integration options

Data Sources

Connect additional security data sources

RADBot

Learn how RADBot helps prioritize findings