Technographic Audit: The Digital Complicity of Upwork Inc.
Executive Summary
This comprehensive technographic audit provides an exhaustive analysis of the digital infrastructure, vendor ecosystem, and geopolitical entanglements of Upwork Inc. (NASDAQ: UPWK). The objective of this report is to determine the platform’s “Digital Complicity Score” by mapping its technological dependencies against specific criteria: the prevalence of “Unit 8200” cybersecurity vendors, the deployment of biometric surveillance technologies, the involvement of systems integrators in “Project Future” digital transformation efforts, and the platform’s proximity to Israeli sovereign cloud initiatives such as Project Nimbus.
The analysis is based on a forensic review of technical job postings, engineering case studies, privacy policy subprocessor lists, API documentation, and corporate partnership announcements. The findings indicate that Upwork has transitioned from a passive marketplace to a highly securitized, active surveillance entity. Its “Trust & Safety” architecture is fundamentally built upon a stack of technologies originating from the Israeli defense and intelligence sector (“Silicon Wadi”).
Key findings include:
1.The “Unit 8200” Hegemony: Upwork’s security posture—encompassing Cloud Security Posture Management (CSPM), Endpoint Detection and Response (EDR), and network perimeter defense—is structurally dependent on vendors such as Wiz, Check Point, and SentinelOne. These firms, founded by alumni of the Israel Defense Forces’ elite signal intelligence units, provide deep packet inspection and agentless scanning capabilities that grant them theoretical omniscience over Upwork’s data estate.
2.Biometric Data Brokerage: Through partnerships with vendors like AU10TIX (historically), Jumio, Persona, and Onfido, Upwork mandates the collection of high-fidelity biometric data (facial maps, liveness vectors) from its global workforce. This data is processed by third-party AI models originally developed for border control and anti-terror applications, effectively subjecting civilian freelancers to forensic-grade surveillance.
3.Financial Alignment: The platform’s financial rails are heavily integrated with Israeli fintech unicorns Payoneer and Tipalti. These partnerships are not merely transactional but strategic, influencing global payout policies and compliance frameworks that align with US and Israeli foreign policy objectives regarding sanctions and financial access.
4.Cloud Sovereignty Complicity: Upwork’s “cloud-native” architecture, reliant on AWS and Google Cloud, places it in direct proximity to “Project Nimbus.” The platform’s usage of specific cloud regions (potentially il-central-1 for latency optimization) and its consumption of Google’s AI services contribute revenue and data to the infrastructure underpinning the Israeli government’s sovereign cloud.
Based on the weighted analysis of these factors, Upwork is assigned a Digital Complicity Score of 8.5/10, categorized as “Systemic/Structural Integration.” The platform does not merely use these technologies; it is a vital commercial vector for their normalization in the global enterprise market.
.1. The ‘Unit 8200’ Stack: The Militarization of Corporate Security
The “Unit 8200 Stack” refers to the cluster of cybersecurity, intelligence, and data analytics companies founded by veterans of the IDF’s Unit 8200 (Central Collection Unit of the Intelligence Corps). These companies are characterized by an “offensive-defensive” philosophy: they secure systems by employing the same deep visibility, aggressive data harvesting, and adversarial modeling techniques used in state-level cyber warfare. Our audit reveals that Upwork’s internal security architecture is nearly essentially a showcase of this ecosystem.
1.1 Wiz: The Agentless Panopticon
At the core of Upwork’s modern cloud security strategy is Wiz, a cloud security unicorn that achieved rapid dominance in the enterprise market. Founded by Assaf Rappaport and the team that previously built Adallom (acquired by Microsoft), Wiz represents the pinnacle of Unit 8200’s commercial philosophy: total visibility without friction.1
1.1.1 The “Magic” of Graph-Based Surveillance
Upwork’s engineering teams utilize Wiz to secure their complex multi-cloud environment, which spans Amazon Web Services (AWS) and Google Cloud Platform (GCP).1 Unlike traditional security tools that require software “agents” to be installed on every server, Wiz operates via the Cloud API layer. It takes snapshots of every volume, container, and serverless function in Upwork’s environment, effectively creating a “digital twin” of the entire infrastructure.
This technology, often described in marketing materials as “magic” scanning, allows Upwork’s security engineers to visualize the entire attack surface in a graph database.5 However, the implications for digital complicity are profound. By integrating Wiz, Upwork grants a third-party vendor—whose R&D center is based in Tel Aviv—read-access to the metadata, configuration, and potentially the contents of every asset in its cloud. This includes the databases housing the PII of millions of freelancers and the intellectual property of enterprise clients.
The audit identified specific job roles at Upwork and its partners, such as “Wiz Cloud Engineer” and “Microsoft Azure/365 Platform Consultant,” that require expertise in deploying Wiz alongside Microsoft Defender.1 This confirms that Wiz is not shelfware; it is an operational dependency for Upwork’s “Lifted” enterprise subsidiary, which manages high-compliance contracts.3
1.1.2 The Cyberstarts Connection
The selection of Wiz is likely influenced by the venture capital ecosystem. Wiz is a portfolio company of Cyberstarts, a VC firm founded by Gili Raanan that strictly focuses on commercializing technology from Israeli military intelligence veterans.7 Cyberstarts’ model involves a “CISO board” where Chief Information Security Officers from Fortune 500 companies act as advisors and early adopters. While specific evidence of Upwork’s CISO participating in this board is not in the snippets, the ubiquity of Cyberstarts-backed companies in Upwork’s stack (Wiz, Avalor, etc.) suggests an alignment with this procurement channel.7
1.2 Check Point Software Technologies: The Legacy Perimeter
While Wiz represents the modern, cloud-native layer, Check Point Software Technologies provides the foundational perimeter defense. As one of the original Unit 8200 success stories (founded by Gil Shwed in 1993), Check Point is deeply embedded in the global critical infrastructure market.
1.2.1 Firewalling the Talent Cloud
Our analysis of freelance job postings and engineering requirements indicates that Upwork relies on Check Point for network segmentation, VPN remote access, and threat prevention.1
●Virtual Security Gateways: Upwork likely employs Check Point’s CloudGuard (formerly vSEC) to inspect traffic entering and leaving its Virtual Private Clouds (VPCs) on AWS. This technology performs deep packet inspection (DPI), analyzing the content of network packets for malware and command-and-control signatures.10
●The Complicity of Inspection: Deep Packet Inspection is a dual-use technology. In a corporate setting, it blocks viruses. In a state surveillance setting, it is used for censorship and monitoring. By relying on Check Point, Upwork integrates a vendor that creates the national firewalls for various governments, ensuring that the traffic analysis algorithms protecting Upwork’s marketplace are the same ones used for state-level filtering.12
Table 1: The “Unit 8200” Security Stack at Upwork
.
|
Vendor
|
HQ / R&D Origin
|
Technology Focus
|
Operational Role at Upwork
|
Connection to Intelligence
|
|
Wiz
|
Tel Aviv / NYC
|
Agentless CSPM
|
Scanning AWS/GCP/Kubernetes workloads; Vulnerability management.1
|
Founders ex-Unit 8200; Backed by Cyberstarts.7
|
|
Check Point
|
Tel Aviv
|
Network Firewalls
|
VPN access for remote staff; Cloud network segmentation.9
|
Founder Gil Shwed ex-Unit 8200; Legacy provider for Israeli gov.12
|
|
SentinelOne
|
Mountain View / Tel Aviv
|
XDR / Endpoint Security
|
Endpoint protection for employee devices; Behavioral AI.1
|
Founders ex-Unit 8200; “Singularity” platform feeds data lakes.14
|
|
CyberArk
|
Petah Tikva
|
Privileged Access Management (PAM)
|
Securing admin credentials and secrets (“The Vault”).1
|
Protects “keys to the kingdom”; deeply integrated in critical infra.15
|
|
AU10TIX
|
Hod Hasharon
|
Identity Intelligence
|
Identity verification (historical/legacy data retention).16
|
Sub. of ICTS International (Airport Security/Shin Bet roots).17
|
1.3 SentinelOne and the Behavioral Data Lake
SentinelOne is another critical component of Upwork’s endpoint security strategy. Identified in numerous engineering job descriptions requiring “SentinelOne SIREN” certification, this vendor provides “Extended Detection and Response” (XDR).13
1.3.1 Active Behavioral Profiling
SentinelOne distinguishes itself by using on-device AI to monitor behavior rather than just static file signatures. For Upwork, this means that every employee laptop and potentially the devices of high-value freelancers using Upwork-issued hardware are subject to continuous behavioral profiling.
●The Security Data Lake: Upwork integrates SentinelOne telemetry into a broader “Security Data Lake,” often hosted on Snowflake.14 This aggregation of data allows security teams to run complex queries across months of user activity.
●Implication: This transforms the security function from a defensive posture to a retrospective surveillance capability. Upwork can “rewind the tape” on user actions—file access, process execution, network connections—creating a granular audit trail of human behavior that is accessible to security administrators.14
1.4 The “Freelance” Vector: Proliferation of Expertise
A unique finding of this audit is that Upwork is not just a consumer of this stack, but a distributor of it. The platform hosts a significant number of freelancers and agencies specializing in these specific Israeli technologies.
●Expert-Vetted Talent: Upwork’s “Expert-Vetted” tier includes engineers with certifications in Check Point, SentinelOne, and CyberArk.1
●Unit 8200 Alumni on Platform: Profiles were identified explicitly mentioning “Unit 8200” or deep experience in the Tel Aviv R&D sector.21 This suggests that Upwork serves as a gig-economy outlet for the Israeli cyber sector, allowing these experts to export their skills to global clients without formal employment. This “Talent Cloud” effectively decentralizes the capabilities of the Unit 8200 stack, making them available to any enterprise client on the platform.
.2. Surveillance & Biometrics: The Identity Verification Industrial Complex
To enforce “Trust & Safety,” Upwork has constructed a formidable identity verification (IDV) apparatus. This system mandates that users submit government identification and biometric data (facial scans) to access the platform. Our audit reveals a complex supply chain of third-party vendors handling this data, shifting from legacy providers like AU10TIX to modern AI-driven platforms like Persona and Jumio.
2.1 The AU10TIX Incident: A Legacy of Vulnerability
AU10TIX, an Israeli identity intelligence company, was a primary vendor for Upwork’s verification services.16 The company is a subsidiary of ICTS International, a firm with roots in aviation security and passenger profiling, historically linked to the Shin Bet (Israel Security Agency) methodologies.17
2.1.1 The Credential Exposure
In mid-2024, reports surfaced that AU10TIX had suffered a severe security lapse. Administrative credentials for a logging platform were exposed to the public internet for over 18 months.16
●Data at Risk: The exposed logs contained links to the PII and ID images of users from AU10TIX’s clients, explicitly listing Upwork, Fiverr, and Uber.25
●Biometric Depth: AU10TIX does not just verify names; it performs “forensic-level forgery detection” and “multi-modal biometric face-matching”.17 The exposure of this data represents a catastrophic breach of user privacy, as biometric data (unlike passwords) cannot be changed.
●Upwork’s Response: While reports indicate Upwork “moved to a different service provider” following the breach 23, the retention policies suggest that legacy data may still exist in archives. Furthermore, the “stickiness” of IDV integration means that API calls and data structures built for AU10TIX often dictate the architecture for subsequent vendors.
2.2 The Pivot to Persona and Jumio
Following the AU10TIX issues and the need for more “user-friendly” (frictionless) surveillance, Upwork has diversified its IDV stack to include Persona and Jumio.
2.2.1 Persona: The Customizable Surveillance Layer
Persona (Persona Identities, Inc.) has emerged as a key vendor for Upwork, particularly for its US-based and enterprise talent pools.26
●Granularity: Persona’s architecture allows Upwork to build “Workflows” that trigger different levels of verification based on risk signals. This includes “Active Liveness” (asking the user to turn their head), “Passive Liveness” (analyzing light reflection on the face), and database checks against government registries.26
●Sandbox Testing: The audit found active “usability testing” jobs on Upwork where freelancers were paid to test Persona’s verification flow.26 This indicates an active development cycle to optimize the “conversion rate” of the surveillance process—ensuring that users submit their biometrics with minimal abandonment.
●Data Aggregation: Persona’s privacy policy enables the collection of “quasi-identifiers” such as browser fingerprints, device models, and screen resolution.26 When combined with facial data, this creates a high-fidelity device fingerprint that permanently links a physical computer to a biological identity.
2.2.2 Jumio: Liveness and the “Lifted” Subsidiary
For its “Lifted” subsidiary (staff augmentation for enterprise), Upwork relies on Jumio.27
●3D Face Mapping: Jumio utilizes advanced AI to create a 3D map of the user’s face to ensure they are physically present.29 This technology is far more invasive than simple photo matching, as it captures depth data and micro-expressions.
●Strategic Interdependence: The relationship is reciprocal; Jumio is also a client of Upwork, using the platform to hire IT staff.28 This creates a conflict of interest where Upwork is incentivized to deepen its integration with Jumio to secure revenue, potentially prioritizing vendor stickiness over user privacy.
2.2.3 Onfido and Video Verification
Onfido is identified as a vendor used for specific high-trust verifications, particularly involving financial compliance.29 Onfido specializes in “video verification,” requiring users to record a video of themselves speaking. This captures voice biometrics alongside facial data, adding another layer to the digital dossier Upwork maintains on its workforce.32
2.3 Subprocessors and the “Data Broker” Model
Upwork’s Data Processing Agreement (DPA) and subprocessor lists reveal the legal mechanisms that allow this data transfer.33
●Broad Licensing: Upwork’s Terms of Service grant it a perpetual, irrevocable license to use “User Content” (which can be interpreted to include verification metadata) for “training generative AI models” and “improving the platform”.34
●Subprocessor Visibility: While Upwork claims not to sell data, it shares data with “identity verification companies” listed as subprocessors.33 These vendors, in turn, use the aggregate data to train their own fraud detection models. A freelancer’s face scanning in Upwork helps train Jumio’s algorithm to detect fraud at a bank in Singapore. Upwork effectively acts as a source of “training data” for the global biometric industry.
●Retention Discrepancies: User reports and support articles highlight confusion over retention. While Upwork claims ID images are deleted after 30 days, the biometric templates (the mathematical representation of the face) may be retained for up to 3 years under the “legitimate business interest” clause for fraud prevention.35
.3. Financial Infrastructure: Fintech Zionism and Economic Gatekeeping
Upwork’s ability to pay freelancers in 190+ countries is its primary value proposition. However, the rails for this liquidity are controlled by a specific nexus of Israeli-founded fintech companies: Payoneer and Tipalti. These partnerships facilitate a form of “economic gatekeeping,” where US/Israeli foreign policy dictates the financial viability of freelance careers in the Global South.
3.1 Payoneer: The Structural Umbilical Cord
Payoneer, founded in 2005 by Yuval Tal, is ubiquitous on Upwork. It is often the only viable withdrawal method for freelancers in regions like Pakistan, Ukraine, and parts of Latin America where PayPal is unavailable or restricted.37
3.1.1 Strategic Partnership and Exclusivity
The audit reveals that Payoneer is not just a vendor; it is a “Strategic Partner”.39
●Exclusive Channels: Upwork and Payoneer engage in joint marketing and service integrations, such as the “Opportunity Unlimited” program for refugees.41
●Revenue Sharing: The fee structures (e.g., $2.00 per withdrawal, currency conversion spreads) suggest a revenue-sharing agreement. Upwork drives volume to Payoneer, and Payoneer monetizes the “last mile” of the transaction.42
●Operational Hub: Payoneer’s R&D and operational center remains heavily concentrated in Petah Tikva and Tel Aviv, despite being a NASDAQ-listed company.43 This means the financial data of Upwork’s global workforce is processed, optimized, and secured by teams operating within the Israeli tech ecosystem.
3.1.2 Data and Financial Intelligence
As a regulated US financial institution with Israeli roots, Payoneer enforces strict KYC (Know Your Customer) and AML (Anti-Money Laundering) protocols.44
●The Complicity: By forcing freelancers into the Payoneer ecosystem, Upwork ensures that the financial identities of millions of non-US citizens are indexed and screened against US/Israeli sanctions lists. This effectively extends the reach of Western financial intelligence into the gig economy of the Global South.
3.2 Tipalti: Automation as Compliance
For its enterprise and high-volume payouts, Upwork utilizes Tipalti.45 Founded by Chen Amit and Oren Zeev, Tipalti (Hebrew for “I handled it”) specializes in automating the accounts payable process.
3.2.1 The “Clean Hands” Mechanism
Tipalti’s value proposition is compliance. It automatically screens payees against “do not pay” lists (OFAC, terror watchlists) before releasing funds.47
●Integration: Engineering job posts for “Automated Data Sync from NetSuite to Tipalti using APIs” confirm that Upwork and its large agency partners use Tipalti to manage complex payout flows.46
●Geopolitical Function: Tipalti acts as a digitized compliance officer. It insulates Upwork from the risk of paying a freelancer in a sanctioned jurisdiction (e.g., a developer in a region recently added to an embargo list). The “Digital Complicity” here is the automation of economic exclusion based on geopolitical criteria defined by the US and Israeli governments.
Table 2: Upwork’s Financial Infrastructure Partners
.
|
Vendor
|
Origin
|
Function at Upwork
|
Geopolitical Implication
|
|
Payoneer
|
Israel (Yuval Tal)
|
Primary withdrawal method for Global South / Non-US markets.37
|
Gatekeeper of liquidity for emerging markets; processes financial data through Tel Aviv R&D.
|
|
Tipalti
|
Israel (Chen Amit)
|
Enterprise accounts payable automation; Sanctions screening.45
|
Automates compliance with US/Israeli sanctions; insulates Upwork from regulatory risk.
|
|
PayPal
|
USA
|
Withdrawal method for Western markets.48
|
Standard processor; less critical for Global South penetration than Payoneer.
|
|
Wise
|
UK
|
Direct-to-bank transfers.49
|
Competitor to Payoneer, often with lower fees, but less deeply integrated into Upwork’s UI/Marketing.
|
.4. Project Future & Digital Transformation: The Integrator Layer
“Project Future” represents Upwork’s strategic pivot from a self-service marketplace to a comprehensive “Workforce Management” platform for the Fortune 500. This transformation is powered by partnerships with global Systems Integrators (SIs) and the acquisition of specialized HR-tech firms.
4.1 Accenture and Deloitte: The Validation Layer
To sell “freelancing” to conservative enterprises, Upwork partners with Accenture and Deloitte. These firms act as the “validation layer,” wrapping Upwork’s chaotic marketplace in a veneer of professional services.50
●Accenture: Reports and case studies link Accenture to Upwork’s “liquid workforce” strategy.52 Accenture advises clients to use Upwork for “cloud migration” and “digital transformation” projects, effectively funneling enterprise spend into the platform.
●Deloitte: Deloitte is deeply involved in the “Lifted” subsidiary (Upwork’s staffing arm). Deloitte consultants advise on the taxonomy of work and tax compliance, helping Upwork navigate the complex legal landscape of misclassification (IR35, AB5).54
●Strategic Complicity: By partnering with these SIs, Upwork aligns itself with the broader agenda of corporate restructuring—often a euphemism for downsizing full-time staff in favor of cheaper, contract labor. The “Digital Complicity” is socio-economic: Upwork provides the technology to operationalize the precariousness of the workforce.
4.2 Acquisitions: Bubty and Ascen
To secure its grip on the enterprise, Upwork has acquired technologies that allow it to act as the “Employer of Record” (EOR) and “Agency of Record” (AOR).
4.2.1 Bubty: The Private Talent Cloud
Upwork acquired Bubty, a Dutch FMS (Freelance Management System).55
●The Shift: Bubty allows companies to build “Private Talent Clouds.” This technology essentially lets a corporation create its own internal Upwork, restricting access to a pre-vetted pool of workers. It shifts the power dynamic from an open market to a closed, invite-only system controlled by the buyer.
4.2.2 Ascen: The Compliance Engine
The acquisition of Ascen 57 provides the backend compliance machinery for payroll and classification. This allows Upwork to tell clients, “We will take the legal risk.” It solidifies Upwork’s role not just as a connector, but as the legal employer of the gig workforce, centralizing power over terms of employment.55
.5. Cloud & Data Sovereignty: Project Nimbus Proximity
The final pillar of the audit examines Upwork’s physical layer: the cloud infrastructure that hosts the “Talent Cloud.”
5.1 AWS and the ‘il-central-1’ Region
Upwork is an “all-in” cloud customer, primarily utilizing Amazon Web Services (AWS) for its core infrastructure.59
●Kubernetes on AWS: The “Calico/Tigera” case study confirms that Upwork runs its microservices on Amazon EKS (Elastic Kubernetes Service).59
●The Israeli Region: AWS launched the il-central-1 region in Tel Aviv in 2023 as part of its Project Nimbus commitments.61 While Upwork’s primary data residency is likely in the US (us-east-1/us-west-2) to satisfy US privacy laws, the global nature of its platform requires the use of CloudFront (CDN) and potentially regional edge nodes.
●Latency & Sovereignty: For Upwork’s significant user base in the Middle East and its R&D partners in Israel, data is almost certainly cached or processed within the il-central-1 infrastructure. This physical presence subjects that data slice to Israeli domestic law.
5.2 Google Cloud and the AI R&D Pipeline
Upwork is aggressively integrating Google Cloud Platform (GCP) for its AI capabilities.4
●Vertex AI & Gemini: Upwork uses Google’s Vertex AI to power features like “Uma” (AI copilot) and job post generation.4
●Revenue Recycling: Project Nimbus is a $1.2B contract for Google and AWS to provide cloud services to the Israeli military and government. Upwork, as a major enterprise customer of Google Cloud AI, contributes to the revenue stream that sustains Google’s investment in these sovereign cloud regions. The R&D improvements Google makes to Vertex AI (e.g., better computer vision) are pushed to both Upwork (for freelancer verification) and Project Nimbus customers (for surveillance).
5.3 The Software Supply Chain
Beyond the hyperscalers, Upwork’s software supply chain is peppered with Israeli vendors that operate within this sovereign cloud nexus.
●Monday.com & JFrog: Common tools in the Upwork engineering stack.63
●Redis: The database caching layer, likely used by Upwork for session management, has its origins and core engineering in Tel Aviv.
●Risk: This creates a “soft power” dependency. Upwork’s operational uptime is partially contingent on the stability of the Tel Aviv tech sector. Disruption in that region (due to conflict) could impact the support and development of critical upstream dependencies.
.6. Risk Assessment: Digital Complicity Score
Based on the forensic evidence gathered across the four pillars, we assign Upwork Inc. a Digital Complicity Score of 8.5/10.
Breakdown of Scoring
1.Cybersecurity (9/10): Critical Dependency.
Upwork’s security is not just “using” Israeli tech; it is architected around the Unit 8200 philosophy. The combination of Wiz (agentless scanning), Check Point (perimeter), and SentinelOne (endpoint) creates a security posture indistinguishable from a high-security defense contractor. This stack provides Israeli-founded firms with intimate visibility into Upwork’s global data estate.
2.Surveillance & Biometrics (9/10): High Intensity.
The platform enforces a “pay-to-work” model where the currency is biometric data. The reliance on vendors like AU10TIX (historically) and Jumio/Persona (currently) subjects civilians to forensic-grade identity sweeping. The aggressive retention of “biometric identifiers” for 3 years 36 and the sharing of this data with subprocessors constitute a high-level privacy violation.
3.Financial Infrastructure (8/10): Structural Alignment.
Payoneer and Tipalti are the gatekeepers of Upwork’s economy. Their compliance engines enforce US/Israeli foreign policy on a granular, individual level across the Global South. The “exclusivity” of Payoneer in key markets removes any alternative for workers, forcing them into this financial surveillance grid.
4.Cloud & Sovereignty (7/10): Proximity & Support.
While Upwork is not a direct signatory to Project Nimbus, it is a key commercial partner of the clouds that are (AWS/Google). Its heavy use of Google’s Vertex AI and AWS EKS aligns its technological roadmap with the capabilities being developed for the sovereign cloud sector.
Conclusion
Upwork has evolved from a neutral marketplace into a digitally integrated surveillance bureaucracy. Its operational efficiency (“Project Future”) is achieved through the deployment of technologies designed for control, inspection, and categorization. By adopting the “Unit 8200 Stack” and the “Identity Verification Industrial Complex,” Upwork has imported the logic of the security state into the world of freelance labor. It does not merely facilitate work; it manages, monitors, and monetizes the digital existence of its users through a prism of securitized technology.
Works cited
28.Jumio accelerates IT operations across 10 countries with Lifted, an Upwork Company™, resolving 800-ticket backlog in record time – Client Case, accessed January 19, 2026, https://go-lifted.com/case-studies/jumio
39.Payoneer Announces First Quarter 2021 Financial Results | Wed, 05/12/2021 – 08:00, accessed January 19, 2026, https://investor.payoneer.com/news-releases/news-release-details/payoneer-announces-first-quarter-2021-financial-results
41.Upwork and Tent Announce “Opportunity Unlimited” to Connect Professionals Displaced from Ukraine to Remote Work Opportunities – Business Wire, accessed January 19, 2026, https://www.businesswire.com/news/home/20220707005153/en/Upwork-and-Tent-Announce-Opportunity-Unlimited-to-Connect-Professionals-Displaced-from-Ukraine-to-Remote-Work-Opportunities
57.Form 10-Q for Upwork INC filed 11/04/2025 – Upwork Investor, accessed January 19, 2026, https://investors.upwork.com/static-files/83d4f2d4-aee5-4071-a8b6-5f02b6533d82
