All news in category “Vendor and Hyperscaler Watch”

🧠 You can now run asynchronous batch AI inference inside Amazon OpenSearch Ingestion pipelines to enrich and ingest very large datasets for Amazon OpenSearch Service domains. The same AI connectors previously used for real-time calls to Amazon Bedrock, Amazon SageMaker, and third parties now support high-throughput, offline jobs. Batch inference is intended for offline enrichment scenarios—generating up to billions of vector embeddings—with improved performance and cost efficiency versus streaming inference. The feature is available in regions that support OpenSearch Ingestion on domains running 2.17+.

📡 AWS now supports IPv6 addressing for Amazon Kinesis Video Streams, providing dual-stack endpoints that accept both IPv4 and IPv6 clients for video streaming at scale. Existing IPv4 implementations continue to work unchanged, while organizations can adopt IPv6 to address private IPv4 exhaustion, eliminate reliance on NAT translation, and simplify long-term network transitions. IPv6 support is available in all commercial Regions where KVS runs except ap-southeast-1 and GovCloud.

🔗 Google has released an open-source Python library, Dataproc ML, to streamline running ML and generative-AI inference from Apache Spark on Dataproc. The library uses a SparkML-style builder pattern so users can configure a model handler (for example, GenAiModelHandler) and call .transform() to apply Gemini or other Vertex AI models directly to DataFrames. It also supports loading PyTorch and TensorFlow model artifacts from GCS for large-scale batch inference and includes performance optimizations such as vectorized data transfer, connection reuse, and automatic retry/backoff.

🔔 AWS End User Messaging now sends SMS onboarding progress notifications to Slack, Email, or any Amazon EventBridge destination. Instead of manually checking phone number or sender ID registration status in the console, customers can receive immediate alerts when registrations are created, submitted, denied, or require updates. Support is available in all Regions where End User Messaging is offered. This capability helps developers accelerate onboarding workflows, reduce manual tracking, and improve operational visibility for messaging infrastructure.

📧 Amazon Connect now provides generative AI-powered email conversation overviews, suggested actions, and draft responses to help agents resolve customer emails faster and more consistently. Administrators enable the capability by adding the Amazon Q in Connect block to contact flows before an email is assigned to an agent. Outputs can be customized with knowledge bases and tailored prompts to align responses with company tone and policies. The feature is available in all regions where Amazon Q in Connect is offered.

🌐 AWS Clean Rooms now supports cross-region collaboration, letting organizations analyze partner data stored in different AWS and Snowflake Regions without copying or sharing underlying datasets. Collaboration creators can specify allowed result regions to help meet data residency and sovereignty requirements. This reduces integration work—no new pipelines or replication—and enables faster, secure joint analyses across advertising, investment, and R&D use cases.

🔐 Passwork 7 is an on‑premises unified platform that consolidates password and secrets management with a redesigned interface and reworked core workflows to improve usability and security. The update introduces hierarchical vaults, custom vault types, role‑based access, and comprehensive logging, plus API, Python connector, CLI and Docker support for DevOps automation. Built on a zero‑knowledge AES‑256 model with MongoDB storage and ISO 27001 certification, it targets organizations needing centralized, compliant credential control.

🔒 Gmail enterprise users can now send end-to-end encrypted emails to recipients on any email platform by enabling the Additional encryption option when composing a message. Non-Gmail recipients receive a secure link to view and reply via a guest Google Workspace account, while Workspace-to-Workspace messages decrypt automatically for subscribers. The feature uses client-side encryption (CSE) so organizations can hold keys outside Google's servers to support data sovereignty and regulatory controls. Google began beta testing in April 2025 and will roll the feature out to Enterprise Plus customers with the Assured Controls add-on.

🌐 AWS Directory Service now supports IPv6 connectivity for both Managed Microsoft AD and AD Connector, allowing deployments in IPv4-only, IPv6-only, or dual-stack configurations. This capability is available in all Directory Service regions and accessible via the Console, CLI, and API. Customers can upgrade existing IPv4-only directories to dual-stack by enabling IPv6 in VPC subnets and adding IPv6 support through the Directory Service Management Console. The update helps organizations meet regulatory requirements, including U.S. federal IPv6 transition mandates, while reducing operational complexity associated with maintaining dual protocol stacks.

⚙️ EC2 Image Builder pipelines can now be automatically disabled after a configurable number of consecutive failures, and you can assign custom log groups with retention and encryption settings to meet organizational policies. This prevents unnecessary resource creation and repeated failed builds, reducing costs and operational noise. These capabilities are available at no extra charge across all AWS commercial regions and are usable via Console, CLI, API, CloudFormation, or CDK.

📄 AWS has made a self-service invoice correction feature generally available, enabling customers to update core invoice attributes and receive corrected PDFs instantly. Accessible from the AWS Billing and Cost Management console, the guided workflow supports edits to purchase order numbers, legal business names, and billing and physical addresses on select invoices. The capability is intended to reduce support cycles, lower administrative friction, and speed reconciliation. The feature is available in all AWS Regions except GovCloud (US) and China (Beijing and Ningxia).

🔒 Microsoft will no longer display inline SVG images in Outlook for Web and the new Outlook for Windows; users will instead see blank spaces where those images would have appeared. The global rollout began in early September 2025 and is expected to complete by mid‑October 2025, with Microsoft estimating the change will affect less than 0.1% of images. SVG files sent as classic attachments will continue to be viewable from the attachment well to limit user disruption.

🔁 AWS now lets customers upgrade Managed Microsoft AD from Standard to Enterprise Edition programmatically using the UpdateDirectorySetup API. The self-service workflow removes the need to open support tickets and automates pre-upgrade snapshots and sequential domain controller upgrades to preserve availability. Edition upgrades are available via the AWS SDK in all Directory Service regions and can be integrated with existing automation and infrastructure-as-code pipelines for on-demand scaling.

🔒 Microsoft has been named a Leader in the IDC MarketScape: Worldwide Extended Detection and Response Software 2025 assessment. Microsoft Defender XDR is highlighted for broad signal coverage across endpoints, identities, email and collaboration, SaaS apps, cloud workloads, and data, plus AI-driven automation and native SIEM integration that consolidate visibility and accelerate response. IDC also cited Microsoft Security Copilot and automatic attack disruption as key differentiators that reduce dwell time and free SOC teams to focus on higher-value tasks.

🎥 Amazon Connect now supports agent screen recording for ChromeOS devices, enabling supervisors and quality teams to capture agents' on-screen activity while handling voice calls, chats, and tasks. The capability complements audio recordings and chat transcripts to surface coaching opportunities and identify process non‑compliance. Screen recording is available in all AWS Regions where Amazon Connect operates. Refer to documentation and the pricing page for technical and billing details.

🔒 In September, attackers used stolen maintainer credentials to inject malicious payloads into widely used npm packages such as chalk and debug, followed by the self‑propagating Shai‑Hulud worm that harvested npm tokens, GitHub PATs, and cloud credentials. The compromised packages and postinstall scripts allowed silent interception of cryptocurrency activity and automated propagation across developer environments. AWS recommends immediate actions: audit dependencies, rotate secrets, inspect CI/CD pipelines for unauthorized workflows or injected scripts, and use Amazon Inspector to detect malicious packages and share validated intelligence with OpenSSF.

🔒 AWS has expanded AWS Direct Connect capacity at the ePLDT data center near Makati City, Philippines, adding 10 Gbps and 100 Gbps dedicated connections with MACsec encryption. Customers at this Direct Connect location can establish private, direct access to all public AWS Regions (except those in China), AWS GovCloud Regions, and AWS Local Zones. The update delivers higher throughput and enhanced in‑flight protection for hybrid and colocated workloads, improving performance and security compared with internet-based connectivity.

⚠️ Microsoft is addressing a logic bug in Microsoft Defender for Endpoint that causes some Dell devices' BIOS firmware to be incorrectly marked as outdated, prompting unnecessary update alerts to users. The company says a fix has been developed and is being prepared for deployment, but it has not disclosed the regions or number of customers affected. Microsoft also recently resolved macOS black screen crashes linked to a deadlock in the Apple enterprise security framework and has been correcting several anti-spam and machine-learning false positives impacting Teams and Exchange Online.

🔐 The service desk is now a primary enterprise perimeter for attackers, with social-engineering groups like Scattered Spider converting routine requests into broad access — as seen in high-impact incidents such as MGM Resorts and Clorox. Training matters but is not enough; verification must be a security-owned, auditable workflow rather than an agent’s discretionary call. Implement mandatory controls so agents never view credentials, apply role-based verification depths, and use points-based contingency checks when MFA fails. Integrate the flow with ITSM so tickets launch verification automatically, returning results and telemetry for alerting and audit.

🔔 AWS has expanded AWS Config advanced queries and configuration aggregators to the Asia Pacific (New Zealand) region. Advanced queries provide a single query endpoint and a query language to retrieve current resource configuration and compliance state without issuing service-specific describe API calls. Aggregators enable centralized visibility by collecting configuration and compliance data from multiple accounts and Regions or across an AWS Organization. These capabilities are accessible from the AWS Console and AWS CLI and, with this expansion, are now available in all supported regions.