All news in category “Vendor and Hyperscaler Watch”

🔐 Avnet moved away from vendor-bound SIEM, EDR and RBVM silos toward a centralized security data pipeline built on Cribl, prompted by a legacy SIEM renewal that became a strategy inflection point. The redesign gave Avnet full ownership of telemetry, enabled large-scale ETL and flexible routing, and freed analysts from vendor dashboards. Operationally, licensing and storage costs dropped dramatically to 15% of prior levels while processing capacity doubled and pipeline staffing fell from four engineers to one. With its own data layer in place, Avnet is accelerating analytics and AI use cases such as tailored LLMs and retrieval-augmented generation (RAG) to improve investigations and reduce analyst workload.

🔐 Principal Financial replaced brittle knowledge-based authentication with a digital ID verification and biometric platform to block account takeovers. Using DIVA with a focus on facial recognition and an implementation by Onfido (an Entrust company), the insurer completed rollout within months. The change has virtually eliminated fraudulent registrations and improved user success and completion rates while preserving usability.

🚀 This Cloud Next 2025 talk explains how to build fault-tolerant, multi-region services using Cloud Run, highlighting autoscaling, decoupled control/data planes, and N+1 zonal redundancy. The post previews an upcoming Service Health feature that automates cross-region failover by relying on container readiness probes and minimum-instance settings. It also outlines deployment patterns (global external ALB with Serverless NEGs) and shows a live demo of automated traffic failover.

🔐 AWS introduced three new IAM condition keys that let administrators govern API keys for Amazon Bedrock. The keys control which services can be issued service-specific credentials, the maximum allowable age of long-term Bedrock API keys at creation, and whether requests use short-term or long-term bearer tokens. These controls are available in all AWS Regions and are documented in the IAM and Bedrock User Guides.

🔒 In a world where pandemics, war, and natural disasters are inevitable, security teams must plan for continuity. The article examines two primary approaches: scaling VPN capacity for remote access or adopting a SASE framework that integrates networking and security as a cloud-delivered service. Each option has trade-offs in cost, complexity, and operational risk; readiness requires assessing user patterns, threat exposure, and recovery objectives.

🔒 Fortinet argues its long-standing, architecture-first approach uniquely positions it to address hybrid enterprise security without the operational overhead of cobbled-together point products. The company highlights early investments in AI, purpose-built ASICs, and a unified FortiOS to deliver integrated networking, SASE, SOC automation, and OT protection. Customers and Gartner Peer Insights recognition are cited as validation of lower total cost of ownership and simpler, high-performance operations.

🔍 StreamSight is an AI-driven application developed by BMG in partnership with Google Cloud to improve transparency, speed, and accuracy in digital royalty forecasting and anomaly detection. The solution leverages BigQuery ML models (including ARIMA_PLUS and BOOSTED_TREE), uses Vertex AI and Python for training, and surfaces results in Looker Studio dashboards. It flags missing sales periods, rights mismatches, and sudden streaming spikes to reduce manual review and help accelerate fairer payouts. Currently a proof of concept, StreamSight is positioned for broader DSP integrations and richer data inputs to extend its capabilities.

🔒 Prisma SASE 4.0 is positioned as a unified, cloud-delivered security platform engineered for the AI era. It combines AI-powered threat protection, frictionless data security for structured and unstructured content, and unified intelligent operations to automate deployment and troubleshooting. New capabilities include browser-based postload inspection, an Advanced DNS Resolver with Precision AI, SaaS security posture monitoring for AI agents, and Autonomous Digital Experience Management to preserve performance and resilience.

🔧 AWS Clean Rooms now lets customers configure compute size for PySpark analyses, enabling selection of instance type and cluster size at job runtime for each analysis. Customers can choose larger instances for complex datasets and higher performance or smaller instances to optimize costs. The change provides flexible, per-job resource allocation to balance scale, throughput, and budget while maintaining Clean Rooms' collaborative data protections.

🆕 Amazon RDS for PostgreSQL 18 Release Candidate 1 (RC1) is now available in the Amazon RDS Database Preview Environment, letting customers evaluate a fully managed pre-release. PostgreSQL 18 adds skip scan support for multicolumn B-tree indexes, parallel GIN index builds, improved OR/IN WHERE handling, and updated join behavior. Observability enhancements expose buffer usage counts, index lookup details during execution, and a per-connection I/O utilization metric. Preview instances are retained for up to 60 days, snapshots remain usable only within the preview, and pricing follows the US East (Ohio) region.

📦 Amazon ECR now supports repository creation templates in AWS GovCloud (US) Regions. Templates let you preconfigure encryption, lifecycle policies, access permissions, and tag immutability for repositories that ECR creates during pull-through cache and replication operations. Templates use a prefix to automatically match and apply settings to new repositories, reducing manual setup and helping enforce consistent registry governance across environments.

🔔 AWS CloudFormation Hooks now supports managed proactive controls, allowing teams to validate resource configurations against AWS best practices without writing custom Hook logic. Customers can select controls from the AWS Control Tower Controls Catalog and apply them during CloudFormation operations, and run them in warn mode for nonblocking evaluation before enforcing policies. A new Hooks Invocation Summary page provides a centralized historical view of control executions and outcomes to simplify compliance reporting and troubleshooting.

🔐 The AWS Management Console now supports ECS Exec, allowing operators to open secure, interactive shell sessions to running containers directly from the console. This removes the need to switch to the CLI, API, or SDKs for troubleshooting and avoids opening inbound ports or managing SSH keys. You can enable ECS Exec when creating or updating services and standalone tasks, and configure encryption and logging at the cluster level. Sessions launch through CloudShell, and the console displays the underlying AWS CLI command for reuse in a local terminal.

📞 Amazon Connect now provides expanded disconnect reasons that map outbound call failures to standard telecom error codes. These enhanced reasons appear in Contact Trace Records and reporting, giving contact center teams real-time visibility into granular disconnection data to speed troubleshooting and reduce support tickets. The feature is available in all AWS regions where Amazon Connect is offered; refer to the public documentation and best practice guide for implementation details.

🔒 CrowdStrike has been named a Leader in The Forrester Wave™: Managed Detection and Response (MDR) Services in Europe, Q3 2025, receiving the highest possible scores in 16 evaluation criteria spanning detection surfaces, managed response, threat hunting and analyst experience. Falcon Complete Next-Gen MDR combines AI-accelerated detection and investigation with expert-led response across endpoint, cloud, identity and third-party telemetry. The service uses CrowdStrike Charlotte AI to triage alerts and accelerate analysis, and emphasizes end-to-end remediation actions that remove persistence and contain intrusions without costly reimaging. CrowdStrike positions this recognition as validation of its platform-led, AI-plus-human approach to stopping breaches.

🧬 AWS HealthOmics private workflows are now available in the Asia Pacific (Seoul) Region, providing fully managed bioinformatics pipelines for healthcare and life sciences customers in Korea. The HIPAA-eligible service supports domain-specific languages such as Nextflow, WDL, and CWL and offers features like call caching, dynamic run storage, Git integrations, and ECR pull-through cache. These capabilities simplify pipeline migration, accelerate genomics development, and help maintain data provenance and compliance.

🔐 Amazon MQ now supports OAuth 2.0 authentication and authorization for RabbitMQ brokers, allowing client and user authentication via JWT-encoded access tokens in single-instance and Multi-AZ cluster deployments. You can enable OAuth 2.0 through the AWS Console, CloudFormation, CLI, or CDK, and the feature is available in all regions where Amazon MQ is offered. Compatibility with standard RabbitMQ OAuth 2.0 implementations helps ensure a smooth migration for existing deployments.

🌐 AWS announced a new AWS Direct Connect location at East African Data Centres NBO1 near Nairobi, Kenya. The site is the first Direct Connect location in Kenya and offers dedicated 10 Gbps and 100 Gbps connections with MACsec encryption available. From this location customers can establish private, physical connections to all public AWS Regions (except China), AWS GovCloud Regions, and AWS Local Zones, providing a more consistent network experience than the public internet.

🔍 Target rebuilt its on-site search to combine lexical keyword matching with semantic vector retrieval, using AlloyDB AI to power filtered vector queries at scale. The engineering team implemented a multi-index architecture and a multi-channel relevance framework so hybrid queries can apply native SQL filters alongside vector similarity. The overhaul produced measurable gains — ~20% improvement in product discovery relevance, halved "no results" occurrences, and large latency reductions — while consolidating the stack and accelerating development.

🔔 Amazon CloudWatch now supports creating a single alarm that evaluates and acts on multiple individual metrics dynamically. By authoring a Metrics Insights (SQL) query with GROUP BY and ORDER BY clauses, the alarm automatically includes matching metrics as resources are created or removed, eliminating manual per-resource alarm management. You can configure these alarms via the CloudWatch console, AWS CLI, CloudFormation, or CDK; the capability is available in all commercial AWS regions, AWS GovCloud (US) Regions, and China Regions, and Metrics Insights query alarm pricing applies.