All news in category “Vendor and Hyperscaler Watch”

🔒 Databricks has introduced Data Intelligence for Cybersecurity, an AI-driven platform that unifies fragmented security telemetry on its Lakehouse architecture to provide real-time, context-rich threat detection. The offering includes Agent Bricks to build governed AI agents, conversational dashboards, and natural-language queries for nontechnical stakeholders. Early adopters such as Arctic Wolf, Palo Alto Networks, and SAP report sharper detection, lower costs, and faster operations, while Databricks expands integrations across a broad partner ecosystem to challenge established SIEM and analytics vendors.

🛡️ Microsoft announced expanded agentic security capabilities in Microsoft Sentinel, including the general availability of the Sentinel data lake and public preview of Sentinel Graph and the Model Context Protocol (MCP) server to enable AI agents to reason over unified security data. Sentinel ingests structured and semi-structured signals, builds vectorized, graph-based context, and integrates with Microsoft Defender and Microsoft Purview. Security Copilot now offers a no-code agent builder and developer workflows via VS Code/GitHub Copilot, while enhanced governance controls (Entra Agent ID, PII guardrails, prompt shields) aim to secure agent lifecycles.

🔒 Microsoft announced the general availability of the Sentinel data lake and public previews of Sentinel Graph and the Sentinel Model Context Protocol (MCP) server. The release broadens Sentinel from a traditional SIEM into a unified, agentic security platform designed to ingest and correlate structured and semi-structured signals at scale. It is intended to give AI agents such as Security Copilot and developer tools in VS Code with GitHub Copilot richer contextual access for detection, retroactive hunting, and automated response while integrating with Defender and Purview.

🛡️ Wing Security outlines how enterprises must evolve defenses to protect the modern AI application supply chain. The article explains that rapid AI sprawl, interapplication integrations, and new data exposure vectors create blind spots traditional controls were not built to handle. By extending its SaaS Security Posture Management foundation, Wing Security offers continuous discovery, real-time monitoring, vendor analytics, and adaptive governance to reduce supply chain, data leakage, and compliance risk.

🌐 Amazon Web Services now supports IPv6 access for Amazon FSx for NetApp ONTAP file systems. Customers can connect using IPv4, IPv6, or dual-stack clients without requiring translation infrastructure, simplifying IPv6 adoption and compliance with mandates such as OMB M-21-07. IPv6 is available for new file systems across all AWS Commercial and GovCloud regions; existing systems will receive support during an upcoming maintenance window.

🌐 Amazon FSx for Windows File Server now supports IPv6, enabling new file systems to be accessed over IPv4, IPv6, or dual‑stack clients without requiring address translation. The capability is available immediately in all AWS Commercial and AWS GovCloud (US) regions where FSx is offered; existing file systems will receive IPv6 during an upcoming maintenance window. This change helps customers address IPv4 exhaustion and comply with mandates such as the US OMB M‑21‑07. See the FSx user guide for configuration and migration details.

📣 Amazon has expanded second-generation Amazon FSx for NetApp ONTAP to four additional AWS Regions: Europe (Spain, Zurich), Asia Pacific (Seoul), and Canada (Central). Second-generation file systems increase performance scalability and flexibility over first-generation deployments by supporting up to 12 HA pairs per file system, delivering up to 72 GBps of throughput and 1 PiB of provisioned SSD storage. Customers can provision Multi‑AZ file systems with a single HA pair or Single‑AZ file systems with up to 12 HA pairs to better match workload requirements.

🚀 AWS has released ParallelCluster 3.14, adding support for the new P6e-GB200 and P6-B200 instance types and introducing prioritized allocation strategies to improve instance placement. The update also adds NICE DCV support for Amazon Linux 2023 and brings kernel 6.12. Administrators gain chef-client log visibility in the instance system console. The release enhances ParallelCluster’s ability to provision and manage HPC clusters on AWS.

🔍 AWS has added transformation status reporting to the AWS B2B Data Interchange console, enabling operators to view processing outcomes and validation results for EDI transformations in a single interface. The console presents timelines and statuses for up to 10,000 recent input–output pairs per partnership and highlights errors and validation details to speed troubleshooting. This capability covers ANSI X12 and other EDI flows to and from JSON and XML and is available in all Regions where the service runs; AWS provides a user guide and a self-paced workshop to help teams get started.

⚡ Customers can now create Amazon FSx for Lustre file systems in the AWS US West (Phoenix) Local Zone, bringing managed high-performance shared storage closer to compute and end users. The service supports demanding workloads such as machine learning, high performance computing (HPC), video processing, financial modeling, and electronic design automation. This local-zone availability reduces latency, improves throughput for data-intensive workloads, and can lower cross-zone or cross-region transfer overhead for applications that require fast, parallel I/O.

⚙️ AWS today introduced Amazon ECS Managed Instances, a fully managed compute option that provisions, configures, and operates Amazon EC2 instances on behalf of customers to reduce infrastructure overhead. You specify task requirements (vCPUs, memory, CPU architecture) or desired instance types and ECS automatically selects and manages optimal instances. The service dynamically scales capacity, optimizes task placement, and applies security patching on a 14-day cadence with support for scheduled EC2 event windows.

🔔 AWS IAM Identity Center is now deployable in 36 AWS Regions, including Asia Pacific (Bangkok) and Mexico Central (Querétaro). The service provides centralized workforce access, single sign-on, and integration with existing identity sources to streamline account and application access across AWS. It powers personalized experiences in AWS applications such as Amazon Q and supports user-aware access auditing for services like Amazon Redshift. IAM Identity Center is available at no additional cost in these Regions.

🔒 AWS now supports attaching VPC endpoint policies to Transfer Family interface VPC endpoints, enabling administrators to apply granular access controls to Transfer Family APIs. Administrators can restrict specific API actions, designate which principals may call them, and limit target resources. The capability integrates with existing IAM policies and organizational service control policies, and Transfer Family also supports FIPS 140-3 enabled VPC endpoints across all AWS Regions.

🔐 This post explains how to design defense-in-depth network architectures for generative AI workloads using AWS services. It outlines common external threats — including layer 4 and layer 7 DDoS, web request floods, application-specific exploits, and malicious bots — and maps mitigations to AWS capabilities. The guidance recommends private connectivity via Amazon Bedrock and AWS PrivateLink, edge protections with AWS WAF and AWS Shield, subnet-level controls using AWS Network Firewall, and continuous detection and response with GuardDuty, Inspector, and CloudWatch.

🌐 Amazon EC2 Auto Scaling (ASG) now supports IPv6, enabling dual‑stack (IPv4 and IPv6) configurations for Auto Scaling groups. IPv6 provides a vastly larger address space, letting you assign contiguous ranges to microservices and achieve near‑unlimited scale. Support is available in all commercial AWS regions (except New Zealand) and in GovCloud regions where ASG is offered. Configure networks and addressing via AWS documentation.

🚀 Amazon Elastic Container Service (Amazon ECS) now supports running tasks and services in IPv6-only subnets, eliminating the prior requirement for IPv4 addresses. This enables containerized applications to scale without IPv4 address constraints and helps organizations meet IPv6 compliance mandates. The capability works across all ECS launch types and networking modes; create IPv6-only VPC subnets and ECS will provision networking automatically. See the task networking documentation and a blog walkthrough for launch-specific details and migration guidance.

🚀 Anthropic’s Claude Sonnet 4.5 is now generally available on Vertex AI, delivering advanced long-horizon autonomy for agents across coding, finance, research, and cybersecurity. The model can operate independently for hours, orchestrating tools and coordinating multiple agents to complete complex, multi-step tasks. Vertex AI provides orchestration, provisioning, security controls, and developer tooling, and includes Claude Code upgrades like a VS Code extension and an improved terminal interface.

🔒 Amazon EC2 Auto Scaling now supports FIPS 140-3 validated VPC endpoints via AWS PrivateLink, enabling regulated workloads to use cryptographic modules that meet federal requirements. This update allows customers to create FIPS-compliant VPC endpoints in select US and Canada regions to satisfy government and regulated-industry encryption mandates. Refer to AWS guidance for setting up VPC endpoints and integrating AWS PrivateLink with EC2 Auto Scaling.

⚙️ Google Cloud outlines a practical approach to adopt Gen4 VM families by pairing GKE compute classes with Compute Flexible CUDs, enabling prioritized machine-family fallbacks and spend-based discounts. Compute classes let teams define prioritized machine families (for example, N4 then N2) so the cluster autoscaler can provision preferred hardware while preserving availability. Flex CUDs apply discounts across eligible VM families and follow consumption, protecting committed discounts when fallbacks occur. Together these features reduce migration risk and simplify platform operations.

🔔 Broadcom is changing its VMware Cloud Foundation (VCF) licensing for hyperscalers to an exclusive bring-your-own subscription model effective November 1, 2025. For Google Cloud VMware Engine (GCVE) customers this means future clusters will require purchasing portable VCF subscriptions directly from Broadcom and using GCVE’s existing BYOL option. Google introduced a BYOL path for GCVE in 2024 and notes the managed service itself remains unchanged. Transition rules and timing differ for committed use discounts and on-demand nodes, so customers should review their commitments.