Somewhere between his 16th hour of a training day in Israel's most elite military computing unit and his second unicorn-track company, Amiram Shachar developed a firm opinion: most security tools are solving the wrong problem. They're built to find everything. He wants to find what matters.

Upwind Security, the company he co-founded and leads, launched a platform that cuts customer security alert volumes by 98%. Not by ignoring threats - by using runtime data to tell you which vulnerabilities are actually reachable, exploitable, and worth losing sleep over. The rest? Noise. And in cloud security, noise has been killing teams for years.

That thesis, backed by $558 million in funding and a $1.5 billion valuation, didn't come from theory. It came from watching cloud infrastructure up close - first inside the Israel Defense Forces, then at Spot.io, the cloud optimization company he built from a college final project and sold to NetApp for $450 million. Both times, the pattern was the same: systems produce more data than anyone can act on. The winner is whoever builds the filter.

"Real security starts with real evidence. We brought runtime clarity to cloud workloads, and now we're doing the same for AI."

- Amiram Shachar, CEO Upwind Security

The Mamram Mark

When Amiram Shachar was 18, he was selected into Mamram - the IDF's Center of Computing and Information Systems. Getting in meant landing in roughly the top 1% of all military candidates. The first six months were 16-hour days: software development, system architecture, infrastructure from the ground up.

He spent his years there as a Team Leader for Linux Kernel infrastructure, managing the military's data centers. At some point, he became the person responsible for introducing VMware virtualization technology into the IDF - one of the first deployments of the technology in the Israeli military. It wasn't glamorous. It was foundational. The kind of work that teaches you how systems actually break when real stakes are involved.

That foundation is visible in how he builds companies. Not flashy features first - infrastructure, signal over noise, operational clarity. You don't pick up that instinct from a pitch deck.

Top 1% IDF Mamram Selectivity Elite military computing unit - where he built his technical foundation
16h Daily Training Days Six months of intensive systems engineering training in the IDF
$450M Spot.io Exit Value Acquired by NetApp - started as a college final project
<3 yrs To Unicorn Status Upwind Security reached $1.5B valuation in under three years

The College Project That Became a $450M Exit

Spot.io - originally called Spotinst - started in 2015 not as a startup but as a final project for Shachar's computer science degree at The College of Management Academic Studies in Israel. He was working at Ybrant Digital as Director of DevOps at the time, watching cloud bills climb and infrastructure efficiency fall. The project became a product. The product became a company.

The idea was elegant: enterprises were overpaying massively for cloud compute because they were buying on-demand capacity when they could be leveraging spot instances and unused reserved capacity at a fraction of the cost. Spot.io automated that arbitrage. It built intelligence around cloud spend optimization that saved customers significant money at scale.

By May 2020, NetApp acquired Spot.io for $450 million. Shachar briefly became VP and General Manager of Spot by NetApp. Briefly, because the next problem was already forming.

Spot.io began as a college final project in 2015. Ten years later, Shachar's companies have collectively raised more than half a billion dollars. Sometimes the assignments you turn in late are the ones that matter most.

Why He Built Upwind

Cloud security had a problem everyone knew about and nobody had fixed well. The tools proliferated - CSPM, CWPP, CDR, API security, container scanning - each generating its own fire hose of findings. A security team at a mid-size company might wake up to thousands of alerts. The response was, inevitably, to start ignoring the alerts.

Shachar's insight was that the gap was epistemic, not technical. Static scanning tools look at configuration and code and ask: could this be exploited? Runtime tools ask: is it being exploited right now, and given how this system actually runs, is it even reachable? The second question is harder to answer. It's also the only one that matters at 2 a.m. when something is actually wrong.

Upwind's platform is built on eBPF - a Linux kernel technology that lets you observe system behavior in real time without changing the system itself. It watches how workloads actually run, maps network flows, tracks API calls and data access, and uses that runtime evidence to filter vulnerability findings down to what's genuinely exploitable. The 98% alert reduction isn't a headline. It's the output of knowing what's actually reachable.

"Cloud security teams are tasked to do the impossible - protect digital assets in an ever-changing cloud environment. Our job is to simplify that work with more clarity, evidence-backed findings, and precision."

- Amiram Shachar

The Team That Came With Him

Here's the detail that tells you something about how Shachar operates: all four Upwind co-founders - Amiram Shachar, Liran Polak, Lavi Ferdman, and Tal Zuri - worked together at Spot.io first. They didn't find each other through a network. They earned each other through a previous company. When Shachar decided to build again, there was already a team. The trust was already there. The playbook was already written.

That matters in security more than most categories. Enterprise security buyers are risk-averse. They want a vendor who has shipped production infrastructure before. A co-founding team with a $450M exit on its resume and years of operational experience at scale is a different sales conversation than a first-time team with strong ideas.

$250M, NBA Stars, and What Comes Next

In January 2026, Upwind Security raised $250 million in its Series B, led by Bessemer Venture Partners, at a $1.5 billion valuation. The round brought total funding to $558 million. The investor list reads like a security-sector hall of fame - Greylock, Cyberstarts, Craft Ventures, TCV, Salesforce Ventures - plus two names you don't see often in enterprise security rounds: NBA stars Steph Curry and Israeli basketball legend Omri Casspi, both early backers.

The year leading into that raise showed why: 900% revenue growth year over year, 200% logo growth, and a customer roster that includes People.ai, The RealReal, H2O.ai, and Yotpo. Upwind also went live in the AWS Security Hub Console and launched on Azure Marketplace. The platform wasn't just growing. It was becoming infrastructure.

Upwind Security went from founding to unicorn in under three years - on a team that had already built and sold one cloud company together. The second time isn't luck. It's pattern recognition with better tools.

The Runtime-First Thesis at Scale

What Shachar is building toward is a unified security layer that sits across the runtime environment - one that bridges Dev, Sec, and Ops into a shared context. That means not just finding vulnerabilities but understanding the full blast radius of any issue: what data is at risk, what services are exposed, which identities have access, how an attacker would actually move through the system.

The extension of that into AI workloads is his most recent public push. As companies deploy LLM pipelines, AI agents, and model inference infrastructure in the cloud, the attack surface changes. Runtime intelligence - watching what models actually call, what data they access, how they behave under normal conditions versus anomalous ones - becomes the next essential layer. Shachar is positioning Upwind to own that layer before the problem becomes too obvious to ignore.

He speaks on this regularly - at RSA Conference, Cybertech New York, AWS re:Inforce, and in interviews ranging from the ModernCTO Podcast to NYSE TV. The message is consistent: security tools that work at the config layer are necessary but insufficient. The cloud moves too fast, attackers adapt too quickly, and alert fatigue is a feature, not a bug, of tools that want to cover everything.

"The need for runtime intelligence and build-time context to achieve dynamic, modern cloud-native security that unifies Dev, Sec, and Ops."

- Amiram Shachar

The Trajectory

There's a through line from Mamram to Spot.io to Upwind that isn't immediately obvious until you trace it: each chapter was about making complex infrastructure legible at scale. In the IDF, it was making data centers observable. At Spot.io, it was making cloud spend understandable. At Upwind, it's making cloud risk actionable. The scale changes. The problem doesn't.

Amiram Shachar is 35 or so, leading a team of ~350 people across San Francisco and Tel Aviv, with two unicorn-track companies in his wake and a third chapter still being written. The pattern that produced Spot.io - start with a real operational problem, solve it with data, build a product before you build a story - is running again. The alerts are down 98%. The ambition, considerably higher.