Skip to main content

Upwind

Visualize Upwind cloud security posture including vulnerability findings, threat detections, configuration findings, and inventory assets. Monitor changes through queries and alerts.

Installation

Prerequisites in Upwind

Before configuring the integration in JupiterOne, you must generate API credentials in Upwind.

info

You will need the following parameters:

  • Client ID and Client Secret - OAuth 2.0 credentials for API authentication
  • Organization ID - Your Upwind organization identifier (e.g., org_123456789)
  • Region - The regional API endpoint your Upwind account uses: us, eu, or me

Step 1: Generate API Credentials in Upwind

  1. Log in to your Upwind console.
  2. Navigate to Settings > Credentials.
  3. Click Generate Credential.
  4. Select API (Call the Upwind API service).
  5. Click Generate New Credentials.
  6. Copy and securely store the Client ID and Client Secret. The client secret will only be displayed once.
warning

Treat your client credentials like a password. Store them securely and never share them in plain text.

Step 2: Find Your Organization ID

Your Organization ID can be found in the Upwind console URL or in your account settings. It follows the format org_ followed by alphanumeric characters (e.g., org_123456789).

Step 3: Determine Your Region

Upwind operates in three regional environments. Select the region that matches your Upwind deployment:

RegionAPI Endpoint
US (default)https://api.upwind.io
EUhttps://api.eu.upwind.io
MEhttps://api.me.upwind.io

Step 4: Configure the Integration in JupiterOne

To install the Upwind integration in JupiterOne, navigate to the Integrations tab and select Upwind. Click New Instance to begin configuring your integration.

Creating an Upwind instance requires the following:

  • The Account Name used to identify the Upwind account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when the AccountName toggle is enabled.

  • Description to assist in identifying the integration instance, if desired.

  • Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.

  • Your Upwind Client ID and Client Secret obtained in Step 1.

  • Your Upwind Organization ID obtained in Step 2.

  • Your Upwind Region (us, eu, or me). If not specified, defaults to us.

Data Filtering Options (Optional)

The integration supports filtering to control which data is ingested. These options help manage data volume and focus on the most relevant findings.

Vulnerability Findings

FieldDescriptionDefault
Vulnerability SeveritiesComma-separated list of severities to ingest. Valid values: critical, high, medium, low, unclassified, other. Leave empty to fetch all severities.critical,high
Exploitable OnlyWhen enabled, only ingests vulnerabilities marked as exploitable.false
Fix Available OnlyWhen enabled, only ingests vulnerabilities that have a fix available.false

Configuration Findings

FieldDescriptionDefault
Configuration Finding SeveritiesComma-separated list of severities to ingest. Valid values: CRITICAL, HIGH, MEDIUM, LOW. Leave empty to fetch all severities.CRITICAL,HIGH
Failed Status OnlyWhen enabled, only ingests configuration findings with a FAIL status.false
Days in PastNumber of days to look back for configuration findings.30

Threat Detections

FieldDescriptionDefault
Threat Detection SeveritiesComma-separated list of severities to ingest. Valid values: CRITICAL, HIGH, MEDIUM, LOW. Leave empty to fetch all severities.CRITICAL,HIGH
Days in PastNumber of days to look back for threat detections.30

Click Create once all values are provided to finalize the integration.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.