All news in category "Vendor and Hyperscaler Watch"

Partners Fuel Innovation with Cortex XSIAM & Prisma SASE

🚀 Palo Alto Networks announced that partners voted Cortex XSIAM as CRN’s 2025 Product of the Year for Security Operations Platform/SIEM and Prisma SASE as a 2025 Tech Innovator. Solution providers credited XSIAM’s AI-driven approach for sweeping the evaluation — leading in technology, revenue and customer need — and praised its ability to shift SOCs from tool management to outcome delivery. Partners highlighted Prisma SASE’s multicloud architecture, unified policies and AI copilot as essential for securing hybrid workforces, informed by feedback from over 70,000 customers and the recent Prisma SASE 4.0 release. Palo Alto frames these awards as validation of platform convergence and continued partner enablement.

Amazon EC2 C8gn Instances Expand to Ohio and UAE Regions

🚀 Amazon EC2 C8gn instances, powered by AWS Graviton4 processors, are now available in US East (Ohio) and Middle East (UAE). They deliver up to 30% better compute performance versus Graviton3-based C7gn instances, include 6th-generation Nitro Cards, and provide up to 600 Gbps of network bandwidth. C8gn supports sizes up to 48xlarge (up to 384 GiB memory), up to 60 Gbps EBS bandwidth, and Elastic Fabric Adapter (EFA) on select large sizes to improve cluster latency and throughput.

Further Hardening of Mali GPU Drivers with SELinux

🔒 Google’s Android Security and Privacy team collaborated with Arm to analyze the Mali GPU driver and implement SELinux-based IOCTL filtering that reduces the kernel driver's attack surface. The team categorized IOCTLs as unprivileged, instrumentation, and restricted, and used a staged rollout—first opt-in testing via a gpu_harden attribute, then opt-out with a gpu_debug domain—to validate behavior in real devices. The post provides step-by-step guidance for vendors to adopt a platform-level macro, define device-specific IOCTL lists, and enforce policy to keep deprecated and debug IOCTLs unreachable in production.

Maintaining Enterprise IT Hygiene with Wazuh SIEM/XDR

🔒 Wazuh's IT hygiene capability delivers centralized, real-time inventory and configuration monitoring across all endpoints by leveraging the Syscollector module and dedicated indices. Security teams can quickly query hardware, OS, installed packages, running processes, user accounts, browser extensions, and open ports through an interactive dashboard. The feature supports detection of outdated software, unauthorized extensions, dormant or privileged accounts, and unexpected services, and it integrates with alerting and remediation workflows to enforce baselines and reduce attack surface.

VMO2 and Google Cloud: Data Contracts for Scalable AI

🔒 VMO2, with Google Cloud, implemented data contracts as machine-readable agreements to guarantee dataset quality, schema, semantics, and SLOs for individual assets like BigQuery tables and Cloud Storage buckets. Defined in YAML and managed via GitLab, contracts are validated and operationalized by Dataplex Universal Catalog, which provisions Data Quality Scan jobs and profiling. The platform uses Cloud Composer, Pub/Sub, and BigQuery to orchestrate scans, surface results, and provide dashboards for real-time observability.

AlphaEvolve on Google Cloud: Gemini-driven evolution

🔬 AlphaEvolve is a Gemini-powered coding agent on Google Cloud that automates evolutionary optimization of algorithms for complex, code-defined problems. It takes a problem specification, evaluation logic, and a compile-ready seed program, then uses Gemini models to propose mutated code variants and an evolutionary framework to select and refine the best candidates. Early internal results at Google demonstrate measurable efficiency improvements, and the AlphaEvolve Service API is available through a private Early Access Program for interested organizations.

Changing the Physics of Cyber Defense with Graphs Today

🔍 John Lambert of MSTIC argues defenders should model infrastructure as directed graphs of credentials, entitlements, dependencies and logs so they can trace the attacker’s “red thread.” He introduces the algebras of defense—graphs, relational tables, anomalies, and vectors over time—that let analysts and AI ask domain-specific questions like blast radius or path to crown jewels. Lambert also emphasizes preventative hygiene: asset and entitlement management, deprecating legacy systems, segmentation, and phishing-resistant MFA. He urges collaborative intelligence and AI-enabled tooling to shift advantage back to defenders.

Why AI Security Requires an Integrated Platform and Governance

🔒 Gartner and Palo Alto Networks argue that AI security must be treated as a platform problem to manage accelerating generative AI risk, cost and complexity. The post recommends a two‑phase path: start with AI usage control to govern third‑party GenAI consumption, then extend protections into AI application development and runtime. Prisma Browser, Prisma SASE and Prisma AIRS are presented as the integrated tooling to discover, govern and protect AI usage and models. Palo Alto highlights Unit 42, Huntr and autonomous red teaming as sources of continuous validation.

Amazon EC2 X8g Instances Now Available in Stockholm

🚀 These instances, powered by AWS Graviton4 processors, are now available in the Europe (Stockholm) region and provide up to 3 TiB of memory with increased memory per vCPU compared to prior Graviton4 instances. X8g targets memory-intensive workloads such as EDA, in-memory and relational databases, real-time analytics, and memory-heavy containerized applications. They offer larger sizes (up to 48xlarge), enhanced networking (up to 50 Gbps), EBS bandwidth up to 40 Gbps, and EFA/ENA Express support on larger sizes.

Microsoft Expands U.S. Cloud Infrastructure and Regions

☁️ Microsoft is expanding its U.S. cloud footprint with a new East US 3 region in the Greater Atlanta Metro, scheduled to open in early 2027, and by adding capacity and Availability Zones across multiple existing U.S. regions. The East US 3 region is designed for resilience with Availability Zones, support for advanced AI workloads, and sustainability goals including LEED Gold and water conservation. Microsoft is also increasing zone redundancy in North Central US, West Central US, and the US Government Arizona region to boost capacity, compliance, and mission readiness.

AWS Partner Central Adds AI Deal Sizing for Opportunities

🔍 AWS Partner Central now includes AI-powered deal sizing within APN Customer Engagements (ACE) Opportunities, giving partners estimated monthly recurring revenue (MMR) and recommended AWS services when creating or updating opportunities. Partners can import AWS Pricing Calculator URLs to auto-populate service selections and spend estimates, with enhanced insights such as pricing optimization, cost-savings analysis, MAP eligibility, and modernization pathways. The feature is available worldwide via the console and the AWS Partner Central API for Selling.

Nutanix NC2 Now Generally Available on Google Cloud

🚀 Nutanix Cloud Clusters (NC2) is now generally available on Google Cloud, enabling organizations to run their Nutanix hybrid cloud directly on Google Compute Engine bare metal without refactoring workloads. NC2 supports the Z3 and C4 machine families with high-density NVMe local SSDs, integrates Nutanix Flow virtual networking, and maintains unified management via Prism Central. The solution connects to Google data and AI services like BigQuery and Vertex AI, supports license portability, and will be purchasable through Google Cloud Marketplace.

Microsoft Investigates Copilot Outage Affecting Europe

⚠️Microsoft is mitigating an incident that has blocked or degraded access to its AI-powered Copilot service for users in the United Kingdom and parts of Europe. The company says telemetry points to an unexpected traffic surge that prevented service autoscaling, and engineers are manually scaling capacity to restore availability. A related admin-facing issue is also affecting some Microsoft Defender for Endpoint features.

Streamlining Zero Trust with a Shared Signals Framework

🔐 This guide shows how to operationalize the Shared Signals Framework (SSF) to deliver continuous device posture signals into identity platforms. It details a proof‑of‑concept workflow using Tines to receive webhooks from Kolide, enrich and map device data, generate and sign Security Event Tokens (SETs), and forward them to Okta as CAEP events. The approach enables real‑time policy enforcement and simplifies SSF adoption when endpoints lack native support. Steps and required credentials are summarized for quick deployment.

Amazon GameLift Servers Adds AI Assistance in Console

🤖 Amazon GameLift Servers now offers AI-powered assistance within the AWS Console, leveraging Amazon Q Developer to deliver tailored guidance for game developers. The integrated assistant helps with game server integration, fleet configuration, and performance optimization by surfacing in-console recommendations and troubleshooting steps. It is intended to streamline decision making, reduce troubleshooting time, and improve resource utilization for cost savings and better player experiences. The feature is available in all supported regions except AWS China.

AWS: Tagging for RDS and Aurora Automated Backups Released

🔖 Amazon Web Services now supports resource tagging for automated backups and cluster automated backups in Amazon RDS and Aurora. You can tag automated backups independently from the parent DB instance or DB cluster using the AWS Management Console, API, or SDK. Use these tags with IAM policies to implement attribute-based access control and to organize, manage, and track backup costs. This capability is available in all AWS Regions, including AWS GovCloud (US).

Shifting Left at Enterprise Scale for Cloudflare Governance

🔐 Cloudflare describes how its Customer Zero team moved internal production account management from manual dashboard changes to a centralized Infrastructure as Code model to reduce human error and accelerate secure change. The effort uses Terraform, an Atlantis-driven CI/CD pipeline, and a custom tfstate-butler backend to securely manage state at scale. Policy enforcement relies on Open Policy Agent Rego policies executed through Conftest on every merge request, with warnings or deny gates and a formal exceptions workflow.

IAM Policy Autopilot: Open-source IAM Policy Generator

🔧 IAM Policy Autopilot is an open-source static analysis tool that generates baseline AWS IAM identity-based policies by analyzing application code locally. Available as a CLI and an MCP server, it integrates with MCP-compatible AI coding assistants to produce syntactically correct, dependency-aware policies and to troubleshoot Access Denied errors. The tool favors functionality during initial deployments and recommends reviewing and tightening generated policies to meet least-privilege principles as applications mature.

AWS unveils AI-driven security enhancements at re:Invent

🔒 AWS announced a suite of AI- and automation-driven security features at re:Invent 2025 designed to shift cloud protection from reactive response to proactive prevention. AWS Security Agent and agentic incident response add continuous code review and automated investigations, while ML enhancements in GuardDuty and near real-time analytics in Security Hub improve multi-stage threat detection. Agent-centric IAM tools, including policy autopilot and private sign-in routes, streamline permissions and enforce granular, zero-trust access for agents and workloads.

Microsoft and Beazley Partner to Strengthen Cyber Resilience

🤝 Microsoft announced a collaboration with Beazley that designates Microsoft Incident Response as an approved incident response provider for Beazley’s InfoSec and Media Tech policies. This alignment brings technical responders, insurers, brokers, and legal counsel together to accelerate detection, containment, and recovery. Microsoft Incident Response, supported by Microsoft Threat Intelligence and direct engineering access, offers streamlined invoicing aligned to insurance standards. Eligible incident response services used during a cyber event are considered reimbursable, helping customers secure faster claims and recovery.