Upwind targets India’s cloud defence market as AI cyber threats intensify

Summary

US-based cloud security firm Upwind Security is expanding aggressively in India after raising $250 million in a Series B funding round that reportedly valued the company at around $2 billion. The company is strengthening its Pune development centre and focusing on defence, BFSI, and government clients as demand rises for real-time cloud security and runtime protection tools. The expansion also aligns with India’s Digital Personal Data Protection (DPDP) Act and the growing threat of AI-driven cyberattacks targeting critical infrastructure.

BENGALURU, May 7, 2026 — US cybersecurity company Upwind Security is accelerating its India expansion as enterprises and government agencies increase spending on cloud protection and AI-driven threat detection. The company, which recently raised $250 million in fresh funding, said India will become one of its key growth markets in the Asia-Pacific region.

Shift toward runtime cloud security

Upwind is positioning itself around “runtime security,” a fast-growing cybersecurity segment focused on monitoring applications and workloads while they are actively operating in cloud environments. Unlike traditional vulnerability scanning, runtime protection aims to identify suspicious behaviour in real time and stop attacks before systems are compromised.

The company said demand from India’s banking, fintech, defence, and public-sector industries has increased as organisations move critical infrastructure and sensitive workloads to cloud-native systems.

Simarpreet Singh, Country Manager for India and SAARC at Upwind, said Indian enterprises are increasingly looking for security tools that can detect attacks during execution rather than relying only on periodic scans or static code analysis.

Pune development centre expansion

As part of its India strategy, Upwind is expanding its Pune development centre, which is focused on engineering, compliance, and cloud governance solutions. The company plans to increase local hiring as it develops products tailored to India’s evolving regulatory environment, including compliance requirements under the DPDP Act.

The Pune facility is also expected to support product localisation efforts for customers in highly regulated sectors such as banking and government services, where data residency and privacy controls are becoming increasingly important.

AI-driven attacks reshape cybersecurity priorities

The expansion comes amid growing concern about AI-enabled cyber threats. Security experts have warned that generative AI tools are lowering the technical barriers for attackers by helping automate phishing, malware generation, and vulnerability discovery.

Upwind said its platform uses automated detection and behavioural analytics to identify potential zero-day attacks and cloud misconfigurations at machine speed. The company believes runtime visibility will become critical as organisations adopt AI-powered applications and hybrid cloud environments.

Industry analysts note that Indian enterprises are increasing cybersecurity spending following a rise in attacks targeting cloud workloads, APIs, and identity systems.

Why this matters

• Cloud security demand is rising fast: Indian enterprises are shifting more sensitive operations to cloud infrastructure, increasing the need for advanced runtime protection.
• India is becoming a cybersecurity R&D hub: Expansion in Pune reflects the growing role of Indian engineering talent in global cloud-security product development.
• AI is changing cyber warfare: Automated attacks powered by generative AI are forcing companies to move from reactive security tools to continuous monitoring systems.

FAQs

Q1. What is runtime security?

Runtime security monitors applications and cloud systems while they are actively running. It helps detect suspicious activity, malware, or unauthorised access attempts in real time.

Q2. Why is India important for cybersecurity companies?

India has one of the world’s fastest-growing digital economies, with rapid cloud adoption across banking, fintech, telecom, and government sectors.

Q3. How does the DPDP Act affect cybersecurity firms?

India’s DPDP Act increases compliance requirements around data protection, privacy, and handling of personal information, encouraging firms to deploy stronger cloud-security systems.