All news in category “Vendor and Hyperscaler Watch”

🔔 AWS IAM Identity Center is now deployable in 36 AWS Regions, including Asia Pacific (Bangkok) and Mexico Central (Querétaro). The service provides centralized workforce access, single sign-on, and integration with existing identity sources to streamline account and application access across AWS. It powers personalized experiences in AWS applications such as Amazon Q and supports user-aware access auditing for services like Amazon Redshift. IAM Identity Center is available at no additional cost in these Regions.

🔒 AWS now supports attaching VPC endpoint policies to Transfer Family interface VPC endpoints, enabling administrators to apply granular access controls to Transfer Family APIs. Administrators can restrict specific API actions, designate which principals may call them, and limit target resources. The capability integrates with existing IAM policies and organizational service control policies, and Transfer Family also supports FIPS 140-3 enabled VPC endpoints across all AWS Regions.

🔐 This post explains how to design defense-in-depth network architectures for generative AI workloads using AWS services. It outlines common external threats — including layer 4 and layer 7 DDoS, web request floods, application-specific exploits, and malicious bots — and maps mitigations to AWS capabilities. The guidance recommends private connectivity via Amazon Bedrock and AWS PrivateLink, edge protections with AWS WAF and AWS Shield, subnet-level controls using AWS Network Firewall, and continuous detection and response with GuardDuty, Inspector, and CloudWatch.

🌐 Amazon EC2 Auto Scaling (ASG) now supports IPv6, enabling dual‑stack (IPv4 and IPv6) configurations for Auto Scaling groups. IPv6 provides a vastly larger address space, letting you assign contiguous ranges to microservices and achieve near‑unlimited scale. Support is available in all commercial AWS regions (except New Zealand) and in GovCloud regions where ASG is offered. Configure networks and addressing via AWS documentation.

🚀 Amazon Elastic Container Service (Amazon ECS) now supports running tasks and services in IPv6-only subnets, eliminating the prior requirement for IPv4 addresses. This enables containerized applications to scale without IPv4 address constraints and helps organizations meet IPv6 compliance mandates. The capability works across all ECS launch types and networking modes; create IPv6-only VPC subnets and ECS will provision networking automatically. See the task networking documentation and a blog walkthrough for launch-specific details and migration guidance.

🚀 Anthropic’s Claude Sonnet 4.5 is now generally available on Vertex AI, delivering advanced long-horizon autonomy for agents across coding, finance, research, and cybersecurity. The model can operate independently for hours, orchestrating tools and coordinating multiple agents to complete complex, multi-step tasks. Vertex AI provides orchestration, provisioning, security controls, and developer tooling, and includes Claude Code upgrades like a VS Code extension and an improved terminal interface.

🔒 Amazon EC2 Auto Scaling now supports FIPS 140-3 validated VPC endpoints via AWS PrivateLink, enabling regulated workloads to use cryptographic modules that meet federal requirements. This update allows customers to create FIPS-compliant VPC endpoints in select US and Canada regions to satisfy government and regulated-industry encryption mandates. Refer to AWS guidance for setting up VPC endpoints and integrating AWS PrivateLink with EC2 Auto Scaling.

🚀 This roundup highlights how leading organizations are using Google Cloud to optimize networks, accelerate AI, and scale mission-critical services. From Uber reducing edge latency with Hybrid NEGs to Target rebuilding search with AlloyDB AI hybrid search, customers report measurable gains in performance, cost, and reliability. Healthcare, finance, media, and telecommunications teams also describe operational wins — faster inference, seamless migrations, and stronger real-time experiences.

⚙️ Google Cloud outlines a practical approach to adopt Gen4 VM families by pairing GKE compute classes with Compute Flexible CUDs, enabling prioritized machine-family fallbacks and spend-based discounts. Compute classes let teams define prioritized machine families (for example, N4 then N2) so the cluster autoscaler can provision preferred hardware while preserving availability. Flex CUDs apply discounts across eligible VM families and follow consumption, protecting committed discounts when fallbacks occur. Together these features reduce migration risk and simplify platform operations.

🔔 Broadcom is changing its VMware Cloud Foundation (VCF) licensing for hyperscalers to an exclusive bring-your-own subscription model effective November 1, 2025. For Google Cloud VMware Engine (GCVE) customers this means future clusters will require purchasing portable VCF subscriptions directly from Broadcom and using GCVE’s existing BYOL option. Google introduced a BYOL path for GCVE in 2024 and notes the managed service itself remains unchanged. Transition rules and timing differ for committed use discounts and on-demand nodes, so customers should review their commitments.

🔒 Fortinet explains how partners can guide customers from secure SD-WAN to a full Unified SASE platform to address hybrid work, multi-cloud adoption, and rising cyberthreats. The article emphasizes that Secure SD-WAN is an on-ramp to SASE because it is natively integrated into Fortinet's SASE architecture, enabling expansion without replacing existing deployments. It outlines operational benefits, market growth projections, and partner opportunities around differentiated services, consolidated policy management, and simplified licensing.

📊 Amazon Connect dashboards now let you select and compare arbitrary time ranges — up to 35 days within the past three months — and include Week to Date and Month to Date presets. This makes it easier for contact center teams to focus on specific periods and run side-by-side comparisons of metrics such as handle time or contact volume. For example, managers can compare a current campaign’s metrics to the same range last week to decide if additional staffing is required. Amazon Connect Contact Lens dashboards are available in all AWS commercial regions and AWS GovCloud (US-West).

🚀 Cloudflare’s Birthday Week 2025 summarized a broad set of product, policy, and community initiatives designed to strengthen the open Internet and prepare for AI-era and quantum threats. Highlights included a goal to hire 1,111 interns in 2026, new startup hubs, and expanded free developer access for students and non‑profits, plus sponsorships of open-source projects like Ladybird and Omarchy. Technical announcements ranged from post‑quantum upgrades and a Rust-based core proxy to R2 SQL, the Cloudflare Data Platform, Workers performance and security hardening, and new AI safety and bot-management tools.

🚀 The U.S. Air Force, working with Google Public Sector and GDIT, deployed the Google Distributed Cloud air-gapped appliance to run classified workloads at the tactical edge in DDIL environments. The rugged, transportable system demonstrated secure, Zero Trust-capable processing up to Secret, delivering on-device AI for transcription, OCR, translation, and summarization during Mobility Guardian 2025 in Guam. It also supported containerized IL2 collaboration, Luna AI integration for low-latency air-defense data, a Jupyter-based edge dev environment, and AI-enabled tele-maintenance to convert manuals and visual data into actionable maintenance insights.

🔐 The Cloud Security Alliance has published the SaaS Security Capability Framework (SSCF) to establish technical minimum requirements that help SaaS providers and customers apply Zero-Trust principles and address rising third-party risks highlighted by recent Salesforce attacks. The SSCF defines controls across six domains, including identity and access management, data lifecycle, and logging and monitoring, and translates business requirements into concrete, configurable security functions such as log forwarding, SSO enforcement and incident notification. CSA positions the SSCF as a complement to, not a replacement for, frameworks like ISO 27001, while vendors stress that continuous validation and operational implementation are essential to reduce real-world risk.

🔒 Kaspersky has added a Notification Protection layer to Kaspersky for Android that detects and blocks malicious links embedded in app notifications. The feature automatically hides suspected links and replaces them with a Kaspersky notice titled 'Dangerous link detected,' preserving the original text minus the link. Kaspersky says scanning is automated and no employee reads private messages. Users must enable Accessibility and notification permissions and can combine this with Safe Messaging and Safe Browsing for fuller protection.

🔐 Agent Payment Protocol (AP2) is an open trust layer that enables AI shopping agents to complete purchases without ever handling raw payment credentials. AP2 enforces a role-based separation—shopping agent, merchant endpoint, credential provider, and payment processor—and relies on verifiable credentials to produce cryptographic proof of intent and approval. It defines three mandate types (Cart, Intent, Payment) to support both human-present and human-not-present flows. Developers can adopt AP2 as an extension to A2A and MCP to reduce PCI scope and improve accountability.

🚀 TELUS modernized its global digital workplace by deploying ChromeOS, Google Workspace, Cameyo, and Chrome Enterprise Premium to create a browser-first, zero-trust app streaming platform. The TELUS Desktop Stream replaced costly VDI, avoided a $15 million infrastructure refresh, and cut login times by threefold. More than 100 applications now run through Cameyo, improving call-center throughput and agent productivity. IT teams report simplified management, stronger contextual security, and reduced reliance on VPNs.

🚀 Amazon has launched Amazon Bedrock in the Asia Pacific (Thailand), Asia Pacific (Malaysia), and Asia Pacific (Taipei) regions, enabling local customers to build and scale generative AI applications using a range of foundation models and developer tools. The managed service supports deploying agents and productionizing models to shorten the path from experimentation to real-world deployment. Customers can expect improved latency, regional data residency options, and integration with AWS operational and security services.

🔒 AWS Network Firewall now supports Reject and Alert actions for stateful domain list rule groups via the console, enabling more granular control over domain-based traffic. The Reject action blocks specified domains, while the Alert action logs and monitors traffic without disrupting flows. This feature is available in all Regions and supports TLS inspection configuration through the VPC Console or the Network Firewall API, helping organizations refine policy enforcement and observability.