< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4606 articles · page 10 of 231

AI Adoption Is Accelerating Risks for SMEs

🔒 Small and mid-sized businesses are rapidly adopting AI, often ahead of large enterprises, and this pace is outstripping their ability to govern associated cyber risks. Shadow AI—employees using public tools without oversight—exposes customer data, financial records, and intellectual property, while attackers increasingly exploit these weaker links in supply chains. The author urges owners and CFOs to map AI use, restrict sensitive data, treat AI access like hires, and engage advisors who can secure AI adoption effectively.
read more →

Guardian Agents: The Next Layer of Identity

🛡️ This guide examines how agentic AI shifted enterprise identity risks and why existing IAM controls fall short. It explains how AI agents inherit human permissions, traverse systems at machine speed, and create an expanding population of autonomous identities often deployed without security review. The piece outlines the guardian agent concept: a purpose-built runtime control layer that inventories agents, baselines behavior, detects anomalies, and enforces least-privilege at execution time to close the governance gap.
read more →

Amazon EC2 C7a instances arrive in Singapore

🚀Starting today, compute-optimized Amazon EC2 C7a instances are available in the AWS Asia Pacific (Singapore) Region. Powered by 4th Gen AMD EPYC (Genoa) processors with up to 3.7 GHz, C7a delivers up to 50% higher performance than C6a and adds new capabilities like AVX-512, VNNI, and bfloat16. These instances use DDR5 memory for 2.25x more memory bandwidth, come in 12 sizes including bare-metal, and support up to 128 EBS attachments. C7a instances run on the AWS Nitro System and are available via On-Demand, Spot, and Savings Plans.
read more →

Amazon EC2 M8a instances now in Mumbai region

🚀 Starting today, Amazon EC2 M8a general-purpose instances are available in the AWS Asia Pacific (Mumbai) region. Powered by 5th Gen AMD EPYC CPUs with up to 4.5 GHz, M8a offers up to 30% higher performance and up to 19% better price-performance than M7a. Instances provide 45% more memory bandwidth, SAP certification, 12 sizes including 2 bare metal, and are suitable for high-throughput workloads.
read more →

Bedrock models gain FedRAMP High and DoD IL-4/5 approval

🚨 Amazon Bedrock now offers OpenAI GPT, OpenAI GPT OSS, and NVIDIA Nemotron models approved for FedRAMP High and DoD CC SRG IL-4/IL-5 in AWS GovCloud (US), enabling compliant generative AI deployments for federal and public sector customers. These models run on Mantle, Bedrock’s distributed inference engine, providing serverless, high-performance inference with zero operator access and OpenAI API compatibility. Agencies and enterprises with stringent compliance needs can use Bedrock in GovCloud to build and scale secure AI applications.
read more →

VisionHeight managed rules added for AWS Network Firewall

🛡️ AWS Network Firewall now offers two new managed rule groups from VisionHeight in AWS Marketplace: Zero-Day Threat Protection and Noisy Scanners and Tor Protection. These rule groups use VisionHeight's Pulse telemetry to provide proactive blocking of malicious IP infrastructure and suppression of noisy Tor and scanner traffic. Daily refresh cycles reduce SOC alert volume and SIEM ingestion costs while improving protection for targeted workloads.
read more →

Microsoft extends free Windows 10 ESU to 2027

📰 Microsoft quietly extended free Windows 10 Extended Security Updates (ESU) for consumer devices by one year, now covering devices through October 12, 2027. The change appeared in documentation updates and an editor's note on the Windows Experience Blog dated June 25, 2026. Enrolled users will remain covered automatically, and the consumer ESU remains unavailable for domain-joined or MDM-managed systems. The extension aims to give consumers more time to upgrade to Windows 11 or newer devices.
read more →

Amazon EC2 C8in Instances Expand to Ireland, Ohio

⚙️ Amazon EC2 C8in instances are now available in the AWS US East (Ohio) and Europe (Ireland) regions. These instances use custom sixth generation Intel Xeon Scalable processors and the latest sixth generation AWS Nitro cards, offering up to 43% higher performance over prior C6in instances. C8in supports up to 384 vCPUs and provides 600 Gbps network bandwidth, suited for network-intensive workloads. Availability spans multiple regions and purchasing models including Savings Plans, On-Demand, and Spot.
read more →

Kiro Achieves FedRAMP High and DoD IL-4/IL-5 on AWS

🔒 Kiro is now authorized for FedRAMP High and DoD CC SRG Impact Levels 4 and 5 within the AWS GovCloud (US) Regions. This enables federal agencies and public sector organizations with stringent compliance requirements to adopt Kiro for sensitive workloads. Kiro combines an IDE and CLI for agentic AI-driven, spec-driven development, translating prompts into code, documentation, and tests. It also supports native MCP integration to connect with documentation, databases, APIs, and enterprise resources.
read more →

Amazon Redshift adds upfront RI payment options

🔔 Amazon Redshift now offers All Upfront and Partial Upfront payment options for 1- and 3-year reserved instances (RG instances). These join the existing No Upfront option and give customers more flexibility to optimize compute costs. All Upfront provides the largest discount by paying the full term up front, while Partial Upfront splits cost between an initial payment and lower monthly installments. The new options are available across many AWS Regions globally.
read more →

Microsoft named Leader in Forrester Wave 2026

🔒 Microsoft is recognized as a Leader in The Forrester Wave™: Endpoint Management Platforms, Q2 2026, reflecting Intune’s role in connecting identity, security, compliance, and AI governance across endpoints. The report highlights Intune’s cross-platform management, AI-powered Endpoint Privilege Management, and integrated Security Copilot features that enable faster remediation and device onboarding. Forrester also cited Microsoft’s partner strategy and licensing value as factors supporting enterprise adoption.
read more →

Fortinet launches product carbon footprint calculator

🌱 Fortinet has introduced a Product Carbon Footprint (PCF) Calculator that provides greenhouse gas emissions estimates for more than 790 products. The publicly accessible, free tool uses internationally recognized standards like ISO 14040 and ISO 14067 and includes country-specific emission factors. It supports lifecycle analysis across manufacturing, use, and end-of-life stages to help customers and partners incorporate environmental data into procurement and reporting.
read more →

Cloudflare Workflows adds durable saga rollbacks

🛠️ Cloudflare Workflows now supports saga rollbacks, letting developers declare per-step compensation logic directly in step.do() calls. This feature simplifies undoing partial work when later steps fail by running rollback handlers in reverse step-start order and preserving idempotency via idempotency keys. Rollback handlers are durable, configurable with retries and timeouts, emit lifecycle events, and execute only when the Workflow fails terminally.
read more →

ClickFix: New social engineering that forces execution

🛡️ The ClickFix technique tricks users into executing malicious commands themselves by presenting convincing prompts like fake CAPTCHAs, Cloudflare checks, or “browser update” notices. Attackers rely on clipboard copy and instruct victims to paste commands into the Windows Run dialog, bypassing endpoint defenses that see the activity as legitimate user action. Check Point’s ThreatCloud AI team developed the ClickFix Engine, integrated into Gateways, Email Security, and Browse Security, to detect behavioral signals in page HTML and block such attacks irrespective of domain reputation.
read more →

AWS GovCloud (US) adds default US-based support

🔒 AWS GovCloud (US) now routes technical support cases by default to US-based, US-citizen cloud support engineers, requiring no opt-in. This change covers both AWS GovCloud (US-East) and (US-West) Regions and is designed to maintain ITAR compliance and other GovCloud requirements. Support is available 24/7 via the AWS GovCloud (US) Console, API, click-to-call, and live chat. Engineers have the required permissions to work directly within regulated customer environments for faster issue resolution.
read more →

AWS Backup boosts Amazon S3 copy performance

🚀 AWS Backup now performs S3 backup copy operations up to 8x faster for buckets with millions of objects and low change rates by using enhanced change tracking. This removes the need to scan all objects in the destination account or Region, reducing copy time across accounts and AWS Regions. The improvement records object events as they occur and applies automatically to new cross-account and cross-Region copy jobs at no additional cost in supported Regions.
read more →

FedRAMP 20x and the rise of GRC engineering

🔍 The author argues that much of traditional compliance has become theatrical—focused on curated, point-in-time evidence rather than continuous operational truth. FedRAMP 20x and the broader GRC engineering movement push assurance toward automation, machine-readable evidence and continuous telemetry, shifting audits from static snapshots to ongoing validation. The writer recounts their organization’s FedRAMP 20x pilot, describing early setbacks as iterative learning rather than failure.
read more →

Amazon RDS Custom adds latest Microsoft SQL Server updates

🛈 Amazon RDS Custom for SQL Server now supports the latest Cumulative Updates (CU) and General Distribution Release (GDR) updates for Microsoft SQL Server, including SQL Server 2019 CU32+GDR (KB5090407) and SQL Server 2022 CU25 (KB5081477). These GDR updates address vulnerabilities described in CVE-2026-40370. You can apply the updates via the Amazon RDS Management Console, AWS SDK, or AWS CLI, and guidance is available in the Amazon RDS Custom User Guide.
read more →

Amazon RDS Adds Latest Microsoft SQL Server GDRs

🔄 Amazon RDS for SQL Server now supports the latest General Distribution Release (GDR) updates across SQL Server 2016 SP3, 2017, 2019, and 2022, corresponding to specific RDS engine versions. These GDRs address vulnerabilities identified as CVE-2026-32167 and CVE-2026-32176. AWS recommends upgrading instances via the Amazon RDS Management Console, AWS SDK, or CLI and refers users to the RDS SQL Server User Guide for upgrade instructions.
read more →

Amazon OpenSearch Ingestion now in Paris region

🚀 Amazon OpenSearch Ingestion is now available in the Europe (Paris) Region (eu-west-3). This fully managed ingestion tier enables no-code filtering, transformation, redaction, and routing of data into Amazon OpenSearch Service managed clusters or serverless collections, automatically provisioning and scaling resources to match workload demands. The service is now generally available in 17 AWS regions worldwide, expanding customers' options for regional data ingestion and processing.
read more →