Sold by: Upstream Security Ltd.
Deployed on AWS
Helping security teams to discover AI agents and API traffic, monitor their intent and behavior, detect real-time threats, and automating investigations.
Live digital twins maintain a historical and behavioral representation of assets, endpoints, consumers, and agents.
The platform monitors all traffic and provides a stateful analysis across the entire ecosystem, supporting a more comprehensive and resilient cybersecurity posture.
Overview
Upstream Runtime AI and API Security gives security and AppSec teams visibility into the intent and behavior behind every API transaction and AI agent action, including MCP traffic. Instead of treating each request as an isolated event, Upstream correlates sequences of activity across APIs, AI agents, endpoints, consumers, and operational data to identify patterns that would otherwise appear benign one transaction at a time.
APIs and AI agents have converged into a single execution layer for business logic. AI agents now use the same APIs as human users, but they operate through patterns most request-level tools were not built to analyze: hundreds of individually legitimate calls that can accumulate into reconnaissance, fraud, or abuse. Most security tools still treat API security and AI agent security as separate problems. WAFs, API gateways, and other stateless tools inspect requests in isolation. AI governance tools operate at the model input/output boundary, reasoning about prompts and completions but missing the authenticated, stateful API calls that agent intent turns into. This creates a visibility gap between what an agent intends to do and how that intent is executed across APIs, sessions, and systems.
Upstream closes that gap with a unique data foundation based on live digital twins. These continuously monitor and analyze behavior and intent across every endpoint, consumer, and agent in the ecosystem. By building a stateful representation of each agent, including what it is, what it has done, and how its actions accumulate over time, Upstream can detect distributed, low-and-slow, and multi-step attacks that look harmless when viewed one request at a time.
The platform spans discovery, detection, investigation, and response. Discovery includes automated API and MCP inventory, including shadow and zombie APIs. Detection applies stateful behavioral analysis across the OWASP Top 10 for API, MCP, and LLM risks. Investigation includes GenAI-powered classifications, forensic investigations, and threat hunting. Response is supported through agentic remediation, automated playbooks, and integrations with SIEM, SOAR, and WAF systems.
Upstream is built for enterprise scale, processing billions of monthly API transactions. It can be deployed as multi-tenant SaaS or directly within the customer cloud environment. Runtime AI and API Security sits at the intersection of API security and the emerging field of AI agent and MCP security, helping security and AppSec teams understand how these two layers are converging into a single runtime security challenge.
IMPORTANT: For any sales-related inquiries please contact sales-aws-MP@upstream.auto
Highlights
- Advanced API and AI Agent Discovery and Behavior Profiling Upstream offers comprehensive discovery tools for API endpoints, consumers and agents to ensure full coverage. The platform also profiles assets over time for deep contextual analysis.
- Stateful Threat Detection Across a Sequence of Actions Live digital twins build stateful models of endpoint, consumer, and agent behavior, powering ML-based threat detection that infers attack sequence and intent across the full execution flow.
- Threat Hunting, Investigations and Response Ocean AI, Upstream AI Suite, delivers LLM-powered security workflows for low-and-slow or unknown risks, enabling teams to query data, extract insights, triage, and build agentic workflows.
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Basic | Access to Upstream Platform API Security; up to 10M API calls/month | $50,000.00 |
SMB | Upstream Platform for API Security; up to 100M API calls/month | $200,000.00 |
Enterprise | Upstream Platform for API Security; up to 500M API calls/month | $500,000.00 |
Dimension | Cost/unit |
|---|---|
Charge per additional 100K API calls/month | $100.00 |
Vendor refund policy
Please contact sales-aws-MP@upstream.auto
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
For any sales-related inquiries please contact sales-aws-MP@upstream.auto
Our SLA resolves incidents in the delivery of its SaaS products and services and responds to user support requests, Standard and Premium, details of which are provided in the SLA document support@upstream.auto
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Discover, Detect, and Defend all your Cloud and AI workloads in real-time.
Operant AI actively protects every layer of modern applications, from Infra to APIs. Within minutes of a single-step helm install, Operant provides full-stack security visibility and runtime controls for every layer, blocking a wide range of common and critical attacks, including data exfiltration, data poisoning, zero-day vulns, lateral movement, crypto mining, prompt injection, and more.
All with zero instrumentation, zero drift, and zero friction between Dev, Sec, and Ops.
XDefender is a next generation Linux security platform that uses a trusted Smart Integrity Baseline to deliver deterministic runtime protection, blocking unauthorized code, in memory threats, API abuse, OWASP Top 10 vulnerabilities, and CI/CD pipeline risks before execution. It includes built in Data Loss Prevention (DLP), Supply Chain Security, IaC code security, and real time protection against AI agentic attacks . Designed for cloud and VM environments, XDefender provides high assurance Linux security with near zero performance impact.
XDefender is a next-generation Linux security platform that uses a trusted Smart Integrity Baseline to deliver deterministic runtime protection for IoT devices and workspace machines. It blocks unauthorized code, in-memory threats, API abuse, OWASP Top 10 vulnerabilities, and CI/CD or firmware pipeline risks before execution. XDefender includes built-in Data Loss Prevention (DLP), Supply Chain Security, IaC code security, and real-time protection against AI-agentic attacks and prompt-injection attempts. Designed for resource-constrained IoT endpoints and end-user workspace machines, XDefender delivers high-assurance Linux security with near-zero performance impact.
Radware API Security Service delivers end-to-end API protection through continuous API discovery, runtime posture management, contextual testing, and AI-driven defense. It helps organizations identify exposed or misconfigured APIs, reduce risk, and protect against business logic abuse, automated threats, and DDoS attacks across modern application environments.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.