All news in category "Vendor and Hyperscaler Watch"

Automated AWS Integration: CrowdStrike Falcon Next-Gen SIEM

🛡️ AWS and CrowdStrike have launched an automated integration experience for CrowdStrike Falcon Next-Gen SIEM in AWS Marketplace that streamlines cloud-native security monitoring. The guided wizard automates connector configuration and provisions least-privilege IAM roles, Amazon SQS queues, EventBridge rules, and SNS topics. Security teams can quickly enable agentic AI-assisted investigation, advanced correlation, and automated response across their AWS Organization, and subscribe via new pay-as-you-go pricing.

AWS Expands Resilience Software Competency Program

🔧 AWS has expanded its Resilience Competency to include Technology Partners, enabling customers to identify validated software for high availability and recovery. The program evaluates solutions across Design, Recovery, and Operate categories through expert technical validation to meet strict performance and operational requirements. Qualified partners and solutions are discoverable via the AWS Resilience Competency and purchasable through AWS Marketplace, aligning with AWS's shared responsibility model. This aims to help organizations build always-on applications with lower cost and higher availability than on-premises alternatives.

AWS previews MCP Server for AI agents across AWS ecosystem

🔧 The AWS MCP Server is now in preview and offers a managed remote Model Context Protocol (MCP) interface that consolidates the prior AWS API MCP and AWS Knowledge servers into a single endpoint. It enables AI agents and AI-native IDEs to access AWS documentation, generate and execute calls to over 15,000 APIs, and follow pre-built Agent SOPs to perform multi-step tasks. Authentication and authorization use AWS IAM, and audit logging is provided via CloudTrail; the service is available at no additional cost in US East (N. Virginia), with customers paying only for resources and data transfer.

AWS launches Interconnect - last mile preview with Lumen

🔌 AWS Interconnect - last mile is a fully managed connectivity service launched in a gated preview with Lumen, letting customers connect branch offices, data centers, and remote sites to AWS in a few clicks. Users enter a location, select bandwidth (1–100 Gbps), and pick an AWS Region while AWS automates BGP peering, VLAN configuration, and ASN assignment, supporting dynamic scaling and zero‑downtime maintenance. The service is architected for high availability, backed by SLAs, and enables MACsec encryption by default; it is available in the US through Lumen.

AWS AI League 2026 Championship Expands Challenges

🤖 AWS has launched the AWS AI League 2026 Championship, expanding its flagship AI tournament with new challenge tracks and a doubled prize pool of $50,000 to drive builder innovation. The program pairs a brief orientation with two competition tracks: a Model Customization track using Amazon SageMaker AI to fine-tune foundation models for domain-specific tasks, and an Agentic AI track using Amazon Bedrock AgentCore to build planning and execution agents. Enterprises can apply to host internal tournaments and receive AWS credits to run team competitions, while individual developers can compete at AWS Summits to test skills and build with AWS AI services.

AWS Marketplace Adds Variable Payments for Services

📢 AWS Marketplace now offers variable payments, a general-availability billing option that lets professional services sellers invoice customers as work is delivered while enforcing a predetermined contract cap. Sellers can create private offers and submit payment requests tied to outcomes, milestones, or time-and-materials. Customers receive email notifications and can approve each request manually or enable auto-approval for streamlined processing. The feature increases engagement flexibility and buyer transparency and reduces the need for full upfront payments or rigid installment schedules.

AWS IAM Policy Autopilot generates baseline IAM policies

🔒 AWS announced IAM Policy Autopilot, an open-source MCP server and CLI that analyzes Python, TypeScript, and Go code locally to generate baseline, identity-based IAM policies for application roles. It integrates with AI coding assistants such as Kiro, Claude Code, and Cursor to speed policy creation. The tool stays current with AWS services and is available at no additional cost for local use. Generated policies are intended as starting points that require review and least-privilege refinement.

Microsoft Teams guest access can bypass Defender protections

⚠️ Researchers warn a cross-tenant blind spot in Microsoft Teams can allow attackers to sidestep Microsoft Defender for Office 365 when users accept guest access in another tenant. Protections follow the hosting tenant, not the user's home organization, enabling attackers to create protection-free malicious tenants using low-tier licenses. Organizations should restrict B2B invitations, enable cross-tenant access controls, and train users to reject unsolicited guest invites.

Microsoft to Block Unauthorized Scripts in Entra ID

🔒 Microsoft will update its Content Security Policy to block unauthorized script injection during browser-based Entra ID sign-ins at login.microsoftonline.com. The policy will permit script downloads only from Microsoft-trusted CDN domains and allow inline execution solely from trusted Microsoft sources. Rolled out globally in mid-to-late October 2026 under the Secure Future Initiative, the change excludes Microsoft Entra External ID. Organizations should test sign-in flows and avoid browser extensions or tools that inject code to prevent authentication friction.

GreyNoise launches free IP scanner to detect botnet

🔍 GreyNoise Labs has launched GreyNoise IP Check, a free scanner that lets users determine whether an IP address has been observed performing malicious scanning activity, including botnets and residential proxy traffic. The web tool returns one of three statuses — Clean, Malicious/Suspicious, or Common Business Service — and, when applicable, provides a 90-day activity timeline to help pinpoint potential infection points. A rate-limit-free JSON API is available for integration, and GreyNoise recommends conducting malware scans, updating device firmware, securing router credentials, and disabling unneeded remote access when an IP appears suspicious.

AWS Private CA Adds Partitioned CRLs for Scale, Compliance

🔒 AWS Private Certificate Authority now supports partitioned Certificate Revocation Lists (CRLs) to scale revocation handling up to 100 million certificates per CA. Partitioning breaks revocation data into ~1 MB CRL partitions and binds certificates to partitions using a critical Issuer Distribution Point (IDP) extension, allowing validators to match CDP and IDP URIs for accurate checks. The feature is backward compatible, RFC5280-compliant, configurable in the console (including S3 setup), and carries no charge beyond AWS Private CA and Amazon S3 usage.

Hardening Microsoft Exchange SE for 2026 and Beyond

🔒 The article by Stan Kaminsky summarizes practical hardening steps for on-premises Microsoft Exchange, emphasizing that Exchange Server Subscription Edition (Exchange SE) will be the only supported on-premises option in 2026 following the end of support for Exchange Server 2019. It outlines common attacker techniques — from password spraying and web shells to mail-flow rule abuse — and highlights immediate actions like migrating to Exchange SE or obtaining Extended Security Updates, applying regular Cumulative Updates, and enabling the Emergency Mitigation service. Recommendations also cover baseline configuration, EDR/EPP deployment, modern authentication, Kerberos adoption, TLS and HSTS, administrative access controls, PowerShell stream signing and protections for forged mail headers.

NordVPN Black Friday Deal: Up to 77% Off VPN Plans

🔒 The NordVPN Black Friday promotion offers up to 77% off select plans, including a highlighted 27‑month Basic package priced at $80.73 and a 2‑year plan with three extra months free. Running from October 16 through December 10, the deal activates automatically via the article link with no promo codes. NordVPN emphasizes fast NordLynx speeds, a strict no‑logs policy, and bundled extras like Threat Protection and NordPass.

SageMaker HyperPod: Managed Tiered KV Cache Launch

⚡ Amazon SageMaker HyperPod now offers Managed Tiered KV Cache and Intelligent Routing to optimize LLM inference for long-context prompts and multi-turn conversations. The two-tier cache combines local CPU memory (L1) with disaggregated cluster storage (L2) — with AWS-native tiered storage recommended and Redis optional — to reuse computed key-value pairs and reduce recomputation. Intelligent Routing directs requests using prefix-aware, KV-aware, or round-robin strategies, while built-in observability integrates with Amazon Managed Grafana and deployment is enabled via InferenceEndpointConfig or SageMaker JumpStart.

AWS Secrets Store CSI Driver Add-on for Amazon EKS

🔐 This post introduces the AWS provider for the Secrets Store CSI Driver and the new Amazon EKS add-on that mounts Secrets Manager secrets and Systems Manager parameters as files in Kubernetes pods. The add-on simplifies installation compared with Helm or kubectl, supports EC2 and hybrid nodes, and includes security patches and FIPS endpoint options. The walkthrough covers prerequisites, creating a test secret, installing the add-on, configuring an IAM role and EKS Pod Identity association, deploying an example pod that mounts the secret at /mnt/secrets-store, validating retrieval, and cleaning up resources.

SageMaker HyperPod Adds Custom Kubernetes Labels and Taints

🛠️ Amazon SageMaker HyperPod now supports custom Kubernetes labels and taints configured at the instance group level via the CreateCluster and UpdateCluster APIs. You can specify up to 50 labels and 50 taints per instance group using the KubernetesConfig parameter. HyperPod automatically applies and preserves these settings across node creation, replacement, scaling, and patching, eliminating manual kubectl work and ensuring device plugin pods (EFA, NVIDIA) schedule correctly while allowing NoSchedule taints to protect costly GPU nodes.

AWS Adds Warm Storage Tier to Kinesis Video Streams

📦 AWS announced a new warm storage tier for Amazon Kinesis Video Streams, offering lower-cost storage for extended media retention while preserving sub-second access latency. The existing standard tier is now designated the hot tier and remains optimized for real-time, short-term use. Developers can configure fragment sizes to trade latency for ingestion cost, and both tiers integrate with Amazon Rekognition Video and Amazon SageMaker for continuous video analytics. The warm tier is available in all supported regions except AWS GovCloud (US).

Amazon Aurora adds PostgreSQL minor versions and DDM support

🔒 Amazon Aurora PostgreSQL-Compatible Edition now supports PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22, bringing community fixes plus Aurora-specific enhancements. The release introduces database-level Dynamic Data Masking (DDM) for 16.10 and 17.6 to mask sensitive column values at query time using role-based policies without altering stored data. Additional updates include a shared plan cache, improved performance and recovery-time-objective (RTO), and more reliable Global Database switchovers. New clusters can be created in the Amazon RDS console or existing databases upgraded; releases are available across all commercial AWS Regions and AWS GovCloud (US).

AWS Compute Optimizer: Unused NAT Gateway Recommendations

🔔 AWS announced that AWS Compute Optimizer now provides idle resource recommendations for NAT Gateways, helping identify unused NAT Gateways and realize potential cost savings. The feature flags NAT Gateways that show no traffic over a 32-day analysis period by evaluating CloudWatch metrics such as active connection count and incoming packet metrics. Compute Optimizer also checks Route Table associations to avoid recommending critical backup resources and surfaces estimated savings and utilization details for validation before remediation.

Organization-Level S3 Block Public Access Enforcement

🔒 Amazon S3 Block Public Access now supports organization-level enforcement via AWS Organizations, enabling centralized standardization of public-access settings across member accounts. When attached at a root or OU the single policy configuration propagates to existing and new accounts, or it can be targeted to specific accounts for granular control. Policy attachment and enforcement are auditable through AWS CloudTrail, and the feature is available in the console and via CLI/SDK in supported regions at no additional charge.