Articles by Amiram
-
A Spoiler from Spotinst's Advisor
A Spoiler from Spotinst's Advisor
Run your Hadoop on Spot, Scale up your instances with Spot, Provision Smarter with Spotinst. https://www.
Activity
21K followers
-
Amiram Shachar shared this🚨Amiram Shachar shared thisWe’re in the middle of another wave of supply chain attacks, and this one is already active 🚨 We’ve identified an active zero-day supply chain attack in npm, and we’re working with customers right now to investigate, contain, and understand the scope. Here’s what we know so far, on what we're calling Nodes to Snakes: • A malicious package pulls a Python script (ld.py) from a remote source • The script fingerprints the host and builds a unique identifier • Only then does it retrieve the second stage, likely to evade static and sandbox-based detection • Data is exfiltrated over port 8000 after being encoded and tied to that unique host signature • The attacker bypasses standard OS commands, directly accessing low-level system artifacts • Includes continuous monitoring of the process tree and attempts to extract sensitive data This is not a spray-and-pray attack. It’s selective. It profiles the environment first, then decides how to proceed, a clear attempt to stay ahead of traditional detection approaches. We identified this early and are actively supporting impacted customers while continuing to analyze new samples in real time. What we’re focused on now: • Understanding second-stage delivery conditions • Tracking how stolen data and credentials are being used • Identifying indicators that can help teams detect this before damage is done Supply chain attacks like this don’t break in, they’re invited in through trusted dependencies. And once inside, they operate at runtime, where visibility is often limited. Our threat research team is on standby and will continue sharing validated findings as they come in. If your team needs support, please reach out we are here to help. If you're running workloads that rely on external npm packages, it's urgent that you go and verify what’s actually executing in your environment, not just what was installed. More updates coming soon. For updates and current details, see our blog via link in comments.
-
Amiram Shachar shared thisBig supply chain attack is active now in the wild. DM us if you need help with identifying / scanning.Amiram Shachar shared thisThe best way to abuse the RSA jet lag is to discover a supply chain attack in production affecting multiple customers. Details will be shared soon 🏄♂️ Dan Yahav Omer Idel what an outstanding work! Please note that the timestamps in the screenshots are shown in GMT+3, which is equivalent to late 30.03 ET
-
Amiram Shachar shared thisBuilding. 💯⚡️Amiram Shachar shared thisAsked Claude to evaluate the Cloud Security market for a fund thesis. It came back with this. In under 90 seconds. 15 companies ranked by momentum score. Funding history, employee growth, estimated valuations for the top 5. Overvalued companies flagged. Companies likely coming back to market identified. One prompt. One answer. Real data. This is the CybersecTools MCP Server. It connects Claude, Cursor, or any AI agent directly to our database of 10,000+ cybersecurity products and 2,800+ companies. No copy-pasting. No tab-switching. No stale spreadsheets. Here's what it pulled in that single query: 🔹 Upwind scored 72 (Accelerating). 138% headcount growth. Bessemer leading the Series B. Valuation looks justified at 17.5x on $80M revenue. 🔹 Cloudflare's $75.8B market cap vs $17.5B estimated fair value. 37.6x P/S is pricing in AI/edge compute narrative, not cloud security economics. 🔹 CoreStack flagged: 54.8x revenue multiple on $11.3M revenue. Headcount shrinking 19% YoY. Last equity round was Nov 2021. Took $50M debt in 2025. Down round or strategic exit incoming. 🔹 Sysdig, Obsidian Security, AppOmni all flagged with 18+ month funding gaps. The momentum scoring methodology weighs three pillars: growth signals, market presence, and funding velocity. It's not a vanity metric. It's built on the same data layer that tracks every product, feature, and integration across the cybersecurity landscape. This depth of analysis is available on the Professional plan. If you're an investor running due diligence, a vendor tracking competitors, or an analyst covering cybersecurity, the MCP Server turns your AI workspace into a market intelligence terminal.
-
Amiram Shachar shared thisTo all the builders out there. ⚒️Amiram Shachar shared this“When you run a company, 80% of your day is bad.” Our own Nowi Kallen sat down with Amiram Shachar ahead of Upwind Security’s $250M Series B announcement and he shared some sage advice that he received early on. As a founder, you spend most of your time dealing with things that are broken, late, or harder than you expected. You solve one problem and two more appear. But, as Amiram puts it, that’s not a bad thing. Once you accept that this is the job, you stop treating friction like a sign that something has gone wrong. In most cases, it’s a sign that you’re in the work. You just have to learn to stay locked in, keep solving, and not let every setback shake your belief. 🎥 Watch Nowi's full conversation with Amiram in the comments below.
-
Amiram Shachar shared thisIt was a privilege sharing the stage at Cybersparx with Guru Chahal , Yevgeny Dibrov and Isaac Evans and talk about the important partnership between Upwind Security and AWS as Upwind becomes the CNAPP of choice inside the AWS Security Hub and what it means for the future of Cloud Security. Up & Up!
-
Amiram Shachar shared thisWelcome to the Upwind Security family, Salesforce Ventures! ♥️ Nowi Kallen , Kartik Gupta - excited to build with you. Up & Up!Amiram Shachar shared thisAnnouncing our investment in Upwind Security's $250M Series B 🤝 Upwind is built for the reality of modern cloud environments, where static scans and daily snapshots no longer cut it. Using eBPF, its runtime-first approach gives teams deep visibility into live workloads without the burden of legacy agents. That inside-out architecture lets Upwind do what static scanners can’t: determine reachability. By pairing build-time data with real-time runtime context, Upwind can show which vulnerabilities are genuinely exploitable in production. If a vulnerable library is sitting on disk but never loaded into memory, it’s not treated as an urgent risk. The result is roughly 95% less alert noise, so security teams can focus their time on what matters. We’ve known Amiram Shachar, Tal Zur, and Lavi Ferdman since their Spot.io days, and stayed close because it was obvious they had something special: serious technical depth, strong founder chemistry, and a clear view of where the market was heading. That direction feels even more important now. AI is reshaping the cloud and expanding the attack surface along with it. New risks are emerging fast, from model theft to data poisoning to entirely new security requirements around AI workloads. At the same time, those workloads are dynamic, complex, and resource-intensive, which makes traditional approaches feel increasingly outdated. We believe this change will continue to drive value into CNAPP, one of the most important and fastest-growing categories in cloud security. The Upwind team is building with real urgency, real conviction, and real product insight. We’re thrilled to partner with them as they continue to raise the bar for what modern cloud security should look like. 🔗 In a new blog post, Nowi Kallen and Kartik Gupta shared more about our investment in Upwind: https://lnkd.in/ez2-BP5i
-
Amiram Shachar shared thisGearing up for RSA next week. Come say hi at the Upwind High Tide House @ The Box San Francisco. Incredible lineup of sessions, speakers and roadmap sessions.
-
Amiram Shachar shared thisCybersparx… The concentration of talent per square foot at this conference is simply among the most impressive I’ve ever witnessed in my life.
-
Amiram Shachar shared thisComing soon. Your Cloud Security + APIs @ Runtime like you've never seen before. 🌊
Amiram Shachar commented on a post
14h
👏
Amiram Shachar replied to a comment
1w
David Murfet , you have been an integral part of this journey. And we wouldn’t be here without your trust in the early days. Thank you ♥️🌊
-
Amiram Shachar liked thisBig supply chain attack is active now in the wild. DM us if you need help with identifying / scanning.Amiram Shachar liked thisThe best way to abuse the RSA jet lag is to discover a supply chain attack in production affecting multiple customers. Details will be shared soon 🏄♂️ Dan Yahav Omer Idel what an outstanding work! Please note that the timestamps in the screenshots are shown in GMT+3, which is equivalent to late 30.03 ET
-
Amiram Shachar liked thisAmiram Shachar liked this🚨🏄🏻♂️We detected ANOTHER live npm supply chain attack in production, before any CVE, a scary name, or signature existed. We mainly saw a live malicious process flow of; node → sh → curl → python3 What this means (in simple terms): • A normal Node.js app suddenly opened a shell • The shell downloaded a file from the internet • Then executed it using Python 👉 In short: legitimate app → downloads payload → runs it → Game over. (see process tree, screenshot #1 👇) _________ Why it triggered and how Upwind works (behavior vs baseline) This workload never: • spawned Python (process monitoring) • wrote to /tmp (file integrity baselining) • called unknown external domains (network profiling) • triggered unusual API flows (API behavior monitoring) • executed chained shell commands from Node (process lineage anomaly) 👉 Behavior broke the baseline What it maps to (now public) • axios@1.14.1, 0.30.4 compromised • RAT via npm postinstall • C2: sfrcl*k.com (see threat feed, screenshot #2👇) The main takeaway, is that in a few days: • CVE will be assigned • scanners will alert But the attack already ran. Most tools detect known issues. Runtime + baselining detects unknown behavior, before it has a name. If you want to check this in your environment, happy to help, reach out to me any time. Another gem from our amazing Research & MDR teams, led by Dan Yahav Omer Idel Moshe Hassan Eldan Talis Upwind Security
-
Amiram Shachar reacted on thisAmiram Shachar reacted on thisEarly adopters. Always. 🏓 My highlight of the week happened today, meeting the Ping Identity Cybersecurity leadership in Florida ahead of the matza balls 🫓 PingIdentity, with Russ, Kris, Jack and team, have been true early adopters and design partners, helping us shape and implement our inside-out approach from day one. Russ K. & Dr. Jack Whitter-Jones thank you for an amazing day. Kris Paterson - you were missed mate. P.S. - Upwind’s native integration with Ping Identity and PingOne enables real-time correlation of IAM risk directly within your cloud providers to PingOne identities.
-
Amiram Shachar reacted on thisAmiram Shachar reacted on thisThe best way to abuse the RSA jet lag is to discover a supply chain attack in production affecting multiple customers. Details will be shared soon 🏄♂️ Dan Yahav Omer Idel what an outstanding work! Please note that the timestamps in the screenshots are shown in GMT+3, which is equivalent to late 30.03 ET
Experience & Education
-
Upwind Security
View Amiram’s full experience
See their title, tenure and more.
or
Projects
-
Real Revenue
- Present
Presenting daily real revenue and profit for the company on several revenue streams, according to statistical data that is taken from ad-serving platform (internal and external) and financial info from our CRM.
Other creators -
-
Pre-Planning
- Present
Pre-Planning is an automatic tool for creating mass campaigns in ad-serving platform. It assures business scalability, and also supports optimization by auto targeting based on historical data and business rules.
Other creators -
-
Pangea
-
Pangea is a highly scalable platform helping marketers to take control, manage, and optimize ad campaigns on top of Facebook Ads API.
Using real time user analysis and dynamic content creation, the platform provides marketers with advanced insights for massive campaign management and focuses on delivering optimal results.
The Pangea platform supports marketers with automatic marketing decisions and increases the efficiency of their media Ad Spending, thanks to our automatic optimization…Pangea is a highly scalable platform helping marketers to take control, manage, and optimize ad campaigns on top of Facebook Ads API.
Using real time user analysis and dynamic content creation, the platform provides marketers with advanced insights for massive campaign management and focuses on delivering optimal results.
The Pangea platform supports marketers with automatic marketing decisions and increases the efficiency of their media Ad Spending, thanks to our automatic optimization tools and massive scalable enabling functionalities, which are designed based on the best practices and know-how.Other creators -
Recommendations received
1 person has recommended Amiram
Join now to viewOther similar profiles
Explore more posts
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top content