All news in category “Vendor and Hyperscaler Watch”

🎉 Microsoft announced that, starting today, individual Windows developers can publish applications to the Microsoft Store without paying registration fees. The policy covers Win32 (including .NET WPF and WinForms), UWP, PWA, .NET MAUI, and Electron apps; Microsoft will host MSIX-packaged binaries, sign apps for free, and pay for distribution so developers don't need their own CDN. Developers of non-gaming apps may also implement their own in-app payment systems and retain all revenue. To publish, creators sign in with a personal Microsoft account and must verify identity with a government ID and a selfie; no credit card is required.

🔁 The AWS Cloud Development Kit (CDK) CLI introduces cdk refactor (Preview), a new command that enables safe renaming, moving, and reorganization of constructs while preserving the state of deployed resources. It leverages CloudFormation refactor capabilities and automated mapping computation to prevent unintended resource replacement during code changes. Typical use cases include breaking up monolithic stacks, moving resources between stacks, and upgrading to higher-level constructs. The feature is available in all regions where AWS CDK is supported.

🔁 AWS announced native anomaly detection enhancements for AWS IoT SiteWise, including automated model retraining, flexible promotion modes, and exposed model metrics. Retraining can be scheduled between 30 days and one year to keep models current with changing equipment conditions. Customers can choose automatic service-managed promotion or manual customer-managed promotion using exposed metrics such as precision, recall, and AUC. Multivariate detection is available in N. Virginia, Ireland, and Sydney.

🔒 Amazon Interactive Video Service (Amazon IVS) now supports media ingest via interface VPC endpoints using AWS PrivateLink. This lets customers broadcast RTMP(S) streams privately to IVS Low-Latency channels and IVS Real-Time stages without traversing the public internet. Interface VPC endpoints can be created from within your VPC or from on-premises environments over AWS Direct Connect, providing private and reliable connectivity for live video workflows. The feature is available in US West (Oregon), Europe (Frankfurt), and Europe (Ireland); standard PrivateLink pricing applies.

⚡ This post announces a reproducible recipe to deploy NVIDIA Dynamo for disaggregated LLM inference on Google Cloud’s AI Hypercomputer using Google Kubernetes Engine, vLLM, and A3 Ultra (H200) GPUs. The recipe separates prefill and decode phases across dedicated GPU pools to reduce contention and lower latency. It includes single-node and multi-node examples and step-by-step deployment actions. The repository provides configuration guidance and future plans for broader GPU and engine support.

🚀 GKE Inference Gateway and GKE Inference Quickstart are now generally available, bringing production-ready inferencing features built on AI Hypercomputer. New capabilities include prefix-aware load balancing, disaggregated serving, vLLM support on TPUs and Ironwood TPUs, and model streaming with Anywhere Cache to cut model load times. These features target faster time-to-first-token and time-per-output-token, higher throughput, and lower inference costs, while Quickstart offers data-driven accelerator and configuration recommendations.

🔁 Google describes its Central Fleet program as a centralized, fungible pool of compute, memory, and storage that replaces team-level machine procurement. Teams request intent-based quotas rather than specific servers, and the fleet uses software-level orchestration via Borg to allocate and reallocate resources dynamically. Google reports that in 2024 the program avoided procurement with an embodied impact of roughly 260,000 metric tons CO2e, highlighting reductions in e-waste, embodied carbon, and improved energy efficiency while promoting a circular-economy approach.

🛒 Google Cloud announced general availability of the Conversational Commerce agent on Vertex AI, a shopping-focused conversational assistant designed to guide customers from intent to purchase. The agent uses Gemini to interpret complex queries, supports context retention across sessions and devices, and offers administrative controls to boost, bury, or restrict products. Albertsons Cos. reports increased basket size in early use. Onboarding is presented as quick with minimal development effort via the Vertex AI console.

📷 Google announced Pixel 10 phones will embed C2PA Content Credentials in every photo captured by the native Pixel Camera and display verification in Google Photos. The Pixel Camera app achieved Assurance Level 2 by combining Tensor G5, the certified Titan M2 security chip, and Android hardware-backed attestation. A privacy-first model uses anonymous enrollment, a strict no-logging policy, and a one-time certificate-per-image strategy to prevent linking. Pixel 10 also supports an on-device trusted timestamping mechanism so credentials remain verifiable offline.

🔗 Azure's Agent Factory blog emphasizes that interoperability is the key to moving agentic AI from isolated prototypes to enterprise-scale solutions. The post promotes open standards like Model Context Protocol (MCP) and Agent2Agent (A2A) to enable shared context, reusable tools, and cross-framework collaboration across runtimes such as Semantic Kernel. It explains how Azure AI Foundry combines these protocols with thousands of connectors, unified observability, and governance so agents can act across SaaS, legacy systems, and custom APIs without costly rewrites.

🔒 AWS announced that Amazon Bedrock AgentCore Gateway now supports AWS PrivateLink for private VPC access and adds invocation logging to Amazon CloudWatch, Amazon S3, and Amazon Data Firehose. These updates allow agent traffic to avoid the public internet while sending per-invocation logs to common observability and storage services. The combination improves network isolation, governance, and operational visibility. AgentCore Gateway is currently in preview in US East (N. Virginia), US West (Oregon), Asia Pacific (Sydney), and Europe (Frankfurt).

🔒 AWS Labs published a Model Context Protocol (MCP) server for CloudTrail that enables AI assistants to perform security and compliance analysis via natural‑language queries. The server provides direct access to CloudTrail events and CloudTrail Lake, allowing searches of 90‑day management event histories and Trino SQL queries on Lake data spanning up to 10 years. By exposing these capabilities through a conversational interface, the MCP server removes the need for bespoke API integrations and streamlines investigation and compliance workflows. The component is available in regions that support CloudTrail LookupEvents or CloudTrail Lake and is available with code and documentation in the AWS Labs repository.

🚀 Google is previewing two Gemini CLI extensions that bring security analysis and Cloud Run deployment directly into your terminal. The security extension introduces /security:analyze to scan local git diffs for issues such as hardcoded secrets, injection flaws, broken access control, and insecure data handling, and returns clear remediation guidance or optional fixes. The Cloud Run extension adds /deploy, a one-command flow to build, containerize, push, and configure services on Cloud Run, returning a public URL and supporting terminal, VS Code agent mode, and Cloud Shell.

🔒 Apple introduced Memory Integrity Enforcement (MIE) on the new iPhone 17 and iPhone Air, implemented in the A19 and A19 Pro chips to deliver always-on memory safety across the kernel and more than 70 userland processes. MIE combines secure memory allocators, an enhanced synchronous Memory Tagging system called EMTE, and Tag Confidentiality Enforcement (TCE) to detect and block buffer overflows and use-after-free bugs. Apple says the design preserves performance while hardening devices against targeted mercenary spyware and exploitation of memory-corruption vulnerabilities.

🔧 This guide explains how managed service providers (MSPs) and managed security service providers (MSSPs) can use automation and AI to cut manual effort, improve consistency, and scale services. It highlights five high-impact use cases—risk assessments, policy generation, compliance tracking, remediation planning, and progress reporting—and shows how platforms like Cynomi's vCISO Platform can reduce workloads by up to 70%. Practical steps for piloting, training, and measuring ROI complete the roadmap.

🧪 AWS announced that Fault Injection Service (FIS) is now available in the Europe (Zurich) Region. FIS is a fully managed service for running controlled fault injection experiments to validate application performance, observability, and resilience under scenarios such as AZ power interruptions and cross-region connectivity failures. Customers can create reusable experiment templates, integrate them into CI/CD pipelines, and generate detailed experiment reports stored in Amazon S3 for audit and compliance needs. This launch expands FIS to 24 regions globally.

🌐 AWS Elastic Beanstalk now supports dual-stack configuration for Application Load Balancers (ALB) and Network Load Balancers (NLB). By setting the IpAddressType option to dualstack, Elastic Beanstalk automatically configures your load balancer to serve both IPv4 and IPv6 and creates corresponding A and AAAA DNS records. Existing IPv4 environments can be upgraded to dual-stack or reverted back as needed. The feature is available in all AWS regions that support Elastic Beanstalk and ALB/NLB and simplifies deployment to IPv6-only networks while retaining IPv4 compatibility.

🔒 AWS Backup now lets you choose whether to include Access Control Lists (ACLs) and ObjectTags when backing up Amazon S3 buckets. Previously, these metadata elements were included for all objects by default; the new option lets administrators include only the metadata required for their recovery or compliance needs. This capability is available in all Regions where AWS Backup for Amazon S3 is offered; review pricing and regional availability on the AWS Backup pricing page.

🔐 AWS HealthImaging now supports OpenID Connect (OIDC) authentication for DICOMweb REST APIs, enabling OAuth 2.0–compatible identity providers to issue JWTs to authorize requests. You can integrate existing IdPs such as Amazon Cognito, Okta, or Auth0 to manage user accounts and access to DICOM resources. OIDC support is limited to DICOMweb REST API requests while native AWS IAM authentication remains available for all API calls and the feature is available in all regions where HealthImaging is generally available.

🚀 Amazon Web Services has announced general availability of Amazon EC2 I8g storage-optimized instances in the US East (Ohio) region. Powered by AWS Graviton4 processors and third-generation Nitro SSDs, I8g delivers up to 60% better compute and up to 65% improved real-time storage performance per TB, with lower I/O latency and variability. Built on the AWS Nitro System, these instances target I/O-intensive, low-latency workloads such as transactional databases, real-time analytics and AI pre-processing. Ten sizes, including a metal option, provide up to 45 TB local NVMe storage and high network and EBS bandwidth.