< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4606 articles

AWS adds OAuth support for MCP Server access

🔐 AWS Sign-In now supports OAuth for connecting agents to the AWS MCP Server, enabling browser-based and headless authentication that leverages existing IAM, IAM Identity Center, and federated sign-in methods. The update includes dynamic client registration, token introspection and revocation, new CloudTrail elements, global condition keys, and a headless OAuth API. Agents discover OAuth endpoints, register via DCR, and use authorization code or client credentials flows to obtain short-lived tokens. Administrators can govern OAuth access using standard IAM policies plus OAuth-specific condition keys and monitor activity via CloudTrail.
read more →

OAuth support for the AWS MCP Server released

🔐 You can now connect AI agents directly to the AWS MCP Server using AWS Sign-In and industry-standard OAuth. Agents may authenticate without extra software and reuse existing AWS identities, sign-in methods, IAM permissions, and governance controls. Developers can authorize agents interactively via a browser or programmatically with headless flows, while administrators govern access with IAM policies and new OAuth features.
read more →

Timestream for InfluxDB emits events to EventBridge

🔔 Amazon Timestream for InfluxDB now publishes lifecycle events to Amazon EventBridge for instance and cluster state changes, including creation, deletion, scaling, parameter updates, maintenance, and reboots. Events cover both successes and failures and are sent to the default event bus with source aws.timestream-influxdb. This enables programmatic automation, alerting, and audit/event routing to targets like AWS Lambda, Step Functions, SQS, SNS, and cross-account buses.
read more →

AWS Client VPN adds four more regions globally

🔒 AWS Client VPN is now available in Canada West (Calgary), Mexico (Central), New Zealand, and Taipei. The fully managed service lets remote workers securely connect to AWS and on-premises resources without hardware VPN appliances. It uses a pay-as-you-go model and provides centralized management and monitoring through a single console. Customers can consult AWS product, documentation, and pricing pages for details.
read more →

Microsoft warns of more Windows security updates ahead

🛡️ Microsoft says AI-driven discovery is increasing the pace of vulnerability identification in Windows, leading to a likely rise in monthly security updates. The company uses its MDASH system to scan critical binaries and validate potential issues with multiple AI models, then runs a Windows-specific validation pipeline to reduce false positives. Microsoft also applies AI to accelerate triage, suggest fixes, and find similar bugs, while keeping humans in the review loop. The firm is updating its Secure Development Lifecycle to address AI-enabled attack techniques as adversaries also leverage AI.
read more →

npm 12 defaults disable risky install scripts

🔒 GitHub released npm v12 which disables install scripts by default and deprecates 2FA-bypass granular access tokens. The update makes lifecycle scripts, Git dependencies, and remote URL deps opt-in, requiring an explicit approval workflow and an allowlist committed to package.json. It also restricts GAT capabilities for account and publishing actions, with staged publishing and OIDC recommended for automation.
read more →

Google Cloud Run Sandboxes Enter Public Preview

🛡️ Cloud Run sandboxes are now in public preview, offering a native, secure, and ultra-fast runtime to execute untrusted code and agent workloads in milliseconds. These lightweight, isolated execution boundaries can spawn within existing Cloud Run service instances and enforce credential isolation, deny-by-default network egress, and a safe read-only filesystem overlay. Enabling sandboxes requires a single deployment flag and integrates with the Agent Development Kit and ComputeSDK for streamlined use.
read more →

SageMaker Unified Studio adds custom asset types

🛠️ Amazon SageMaker Unified Studio now supports custom asset types for IAM-based domains, allowing administrators to catalog diverse asset formats such as medical images, PowerBI dashboards, or PDF reports. Administrators define a type with name, description, and optional metadata forms; assets created from those types can include glossary terms and README documentation. Published assets are discoverable and subscribable through the same governed workflow used for other catalog items and are available in all Regions where Unified Studio is offered.
read more →

SageMaker HyperPod adds Slurm deep health checks

🔍 Amazon SageMaker HyperPod now supports deep health checks for Slurm clusters created with continuous provisioning, enabling proactive verification of GPU accelerator health on running instances. Continuous provisioning allows asynchronous scaling of instance groups without all-or-nothing failures, and deep health checks validate hardware as nodes come online. Results and progress are visible via the SageMaker console and APIs, and failing instances are isolated and recovered automatically.
read more →

SageMaker Feature Store adds batch ingest and listing

🚀 Amazon SageMaker Feature Store now supports high-throughput ingestion and record discovery with new APIs and offline-store naming options. Data scientists can use BatchWriteRecord to write multiple records across feature groups in one request, and ListRecords to page through record identifiers without prior knowledge. Offline-store configuration now allows creating Glue and Iceberg tables with custom names, simplifying cataloging and management.
read more →

Amazon MSK Replicator adds Standard broker support

🔁 Amazon MSK Replicator now supports replication from external Apache Kafka clusters to Amazon MSK Standard brokers. This expands prior capability that targeted MSK Express brokers and enables migration, disaster recovery, and hybrid or multi-cloud data distribution. The feature supports SASL/SCRAM and mutual TLS (mTLS) for authenticating to external clusters and is available in all Regions where MSK Replicator is offered. It preserves topic names, prevents replication loops, and syncs consumer group offsets bidirectionally.
read more →

UK unveils AI-driven national Cyber Shield

🔒 The UK’s NCSC and DSIT unveiled a blueprint called Cyber Shield to deploy autonomous AI agents that detect and neutralize cyberattacks at machine speed. The plan uses cooperating “red” and “blue” agents to identify weaknesses, detect threats and progressively automate remediation while operating under organizational control. The initiative emphasizes explainable and federated AI, industry partnerships, and a staged rollout beginning with government and critical sectors.
read more →

AWS Config adds 191 new managed rules

🛡️ AWS Config has expanded its set of managed rules with 191 additional checks covering services such as Amazon Bedrock, SageMaker, ECS, EKS, RDS, Redshift, S3, and CloudTrail. The new rules evaluate encryption, logging, public access, network security, data protection, and operational best practices. You can deploy rules individually or as part of a conformance pack in supported AWS Regions.
read more →

Microsoft to retire OWA Light from Exchange Server

📰 Microsoft will remove the OWA Light experience from on-premises Exchange Server in an upcoming update. The Exchange Team says retiring OWA Light reduces legacy surface area, simplifies engineering, and lets them focus on the full Outlook on the web experience. Administrators can proactively disable OWA Light via PowerShell using Set-OwaMailboxPolicy and Set-OwaVirtualDirectory commands. The change is expected in August 2026 after OWA Light was deprecated in August 2024.
read more →

GKE Autopilot Clusters with Managed DRANET

🛠️ This blog explains how to configure GKE Autopilot clusters to use GKE managed DRANET for GPU and TPU workloads. It outlines the setup flow: create a VPC, deploy an Autopilot cluster, define a custom ComputeClass, create a ResourceClaimTemplate for RDMA (GPUs) or netdev (TPUs), and deploy workloads that reference those resources. Examples and YAML snippets demonstrate GPU and TPU ComputeClasses, resource claim templates, and a deployment that binds pods to accelerators.
read more →

AWS Builder Center adds free time-limited sandboxes

🧩 AWS Builder Center now offers free, time-limited sandbox environments that builders can request directly from eligible workshops. These sandboxes remove the need for a personal AWS account, credit card, or worry about unexpected charges, allowing safe deployment of resources and experimentation in a pre-provisioned AWS account. Each sandbox grants 8 hours of access from activation, auto-cleans afterward, and most are ready within 15 minutes. Builders may request one sandbox per week (resets Sunday), and availability will expand to more workshops over time.
read more →

SageMaker Studio Workflows Adds 19 New Operators

🔔 Amazon SageMaker Unified Studio Workflows now includes 19 new operators for Amazon Bedrock, Amazon S3 Tables, S3 Vectors, AWS Glue Data Catalog, and Amazon MWAA Serverless. These operators let users add tasks via the visual workflow creator to orchestrate services without writing custom integration code. The capabilities include managing Bedrock guardrails, provisioning and deleting S3 Tables and S3 Vectors, managing Glue Data Catalog assets, and triggering MWAA Serverless runs. This feature is available in all Regions where SageMaker Unified Studio is offered.
read more →

AWS Security Hub adds internet Network Scanning

🔍 AWS Security Hub now includes Network Scanning to identify resources that are actually reachable from the public internet. The feature probes public IPs, VMs, and load balancers across AWS and Azure, detects reachable ports, and identifies services running behind them. Findings are created per reachable port and correlated by Security Hub Exposures to assess broader risk. Existing customers can enable the feature per account, region, or organization; it is enabled by default for new customers and included with Security Hub Essentials at no extra cost in supported commercial Regions.
read more →

Google Cloud unveils C4N network and storage VMs

🚀 C4N is Google Cloud’s new network- and block-storage-optimized Compute Engine instance family, now generally available after its Next ’26 preview. Built on a custom Titanium offload architecture and 5th Gen Intel Xeon CPUs, C4N delivers up to 400 Gbps network bandwidth, 95M PPS, and up to 25 GiB/s with Hyperdisk Extreme. It targets network-intensive, storage-heavy, and latency-sensitive workloads without requiring premium add-ons.
read more →

Amazon Redshift RG instances on trailing track

🚀 Amazon Redshift now supports Graviton-based RG instances on the trailing track (P201) as of July 7, 2026. Customers can choose rg.4xlarge and rg.xlarge instance types for production workloads prioritizing stability, using the AWS Management Console, AWS CLI, or AWS SDKs. RG instances deliver up to 2.4x faster query performance than RA3 at 30% lower price per vCPU. Provision a new cluster or resize an existing cluster to migrate to RG on the trailing track.
read more →