All news in category “Vendor and Hyperscaler Watch”

🔧 Amazon SageMaker Unified Studio now automatically creates Glue connections across subnets to enable job retries when a primary subnet becomes unavailable. Administrators define a domain VPC with multiple private subnets and the system provisions connectors for new projects so retries can run on alternate subnets without manual intervention. This reduces unplanned data-pipeline downtime and helps meet SLAs across AWS Regions where SageMaker Unified Studio is available.

🧩 Amazon SageMaker Inference now supports OpenAI-compatible APIs, enabling existing tools and frameworks like the OpenAI SDK, LangChain, and Strands Agents to connect directly to SageMaker endpoints. Switching requires only changing an endpoint URL, with no custom integration code or SDK wrappers. You can continue using your current authentication approach while choosing GPU instances, keeping data in your VPC, running open source or fine-tuned models, and leveraging auto-scaling policies. This capability is available today across multiple AWS regions with AWS credentials and automatic token refresh for production use.

🔒 Cloudflare has extended its Cloud Access Security Broker (CASB) to support the Claude Compliance API, enabling security and compliance teams to monitor Claude Enterprise activity directly in the Cloudflare dashboard without endpoint agents. The integration surfaces security findings for projects, attachments, chat files, messages, and provider-generated artifacts, and groups findings by category and severity. Customers can immediately convert findings into enforcement actions via Gateway policies and use existing detection and remediation workflows. Setup requires a Claude Enterprise account and Compliance API access, and the integration begins scanning and surfacing findings within minutes.

🔒 AWS Managed Microsoft AD now supports CRUD operations on users and groups through the Directory Service Data APIs, accessible via the AWS CLI, APIs, and Management Console. This enables automation of identity lifecycle management and tighter security controls by integrating with services like Amazon GuardDuty, AWS Step Functions, and Amazon EventBridge. The blog demonstrates a practical workflow that detects unusual AD user behavior and triggers automated remediation such as disabling accounts and notifying stakeholders.

🛠️ At Google I/O 2026, Google announced expanded integration between AI Studio and Google Cloud, allowing new users to deploy up to two full-stack apps on the Starter Tier without a billing account. Developers can now choose between Firestore (non-relational) and Cloud SQL (relational) with Firebase Auth for unified authentication. The AI agent can infer or provision the appropriate database, provision resources, generate schema and code, and deploy apps directly to Cloud Run for rapid prototyping.

🔒 Amazon Aurora MySQL-Compatible Edition now supports community MySQL 8.4, aligning Aurora version numbers with community releases and managing underlying patches for customers. The release enforces stronger security defaults—TLS 1.2/1.3 only and caching_sha2_password for new accounts—and offers customizable password validation via DB cluster parameter groups. Automated upgrade prechecks reduce upgrade risk, and multiple upgrade and migration paths are supported, including Blue/Green Deployments and AWS DMS.

🔒 Microsoft announced a set of security enhancements designed to protect agents, data, and identities as organizations scale AI. Highlights include the general availability of Microsoft Purview DSPM, expanded investigation capabilities with OCR and custom examinations, and a new Entra ID Account recovery flow for restoring organizational access. Public preview of Windows 365 for Agents and integration with Microsoft Agent 365 aim to govern and secure agent workloads in managed Cloud PCs.

🚀 At Google I/O ‘26, Google Cloud announced expanded agentic capabilities, new frontier models, and developer tools to help startups move from prototype to production. Highlights include Gemini 3.5 Flash and Gemini Omni for multimodal content, Antigravity 2.0 as an agent control plane with CLI/SDK and dynamic subagents, and Managed Agents to run agent workloads securely in Google Cloud. The releases aim to accelerate development, reduce infrastructure overhead, and provide enterprise-grade security.

🔔 AppLifecycle Manager Feature Flags (ALM FF) enters public preview as a rule-based service to decouple feature releases from code deployments. By using toggles and the Common Expression Language (CEL), teams can perform gradual rollouts, instant kill-switches, and percentage-based traffic ramps. String-type flags enable dynamic configuration for applications, including LLM prompts, while OpenFeature compatibility avoids vendor lock-in.

🛡️ Apple reported blocking more than $2.2 billion in potentially fraudulent App Store transactions in 2025, and over $11 billion across the past six years. The company rejected over 2 million problematic app submissions, terminated 193,000 developer accounts for fraud, and blocked more than 1.1 billion fraudulent account creations. Apple also prevented use of 5.4 million stolen credit cards, removed tens of thousands of deceptive apps, and blocked nearly 195 million fraudulent reviews and ratings.

🛡️ Check Point explains why GenAI chatbots create new security risks by acting as a front door to internal systems and data. The post highlights real incidents—prompt injection, data exposure, and misleading responses—that demonstrate legal, financial, and reputational impacts. It describes how Check Point WAF extends unified application and API security into the conversational layer to detect and block malicious prompts, prevent data leaks, and control unsafe outputs.

🚀 Flipper Devices is soliciting community help to develop Flipper One, a high-performance, ARM Linux platform for networking, SDR analysis, and local LLMs. Unlike the Flipper Zero, One is a different project built around a Rockchip RK3576 SoC paired with an RP2350 MCU in a dual-processor design. It targets modular expansion via M.2, PCIe, USB 3.1 and other interfaces. Prototypes exist but significant kernel, firmware, and hardware work remains.

🔐 This post explains why API keys are sensitive credentials for accessing Google AI and Cloud services and why careless handling leads to misuse or billing abuse. It outlines simple, actionable steps: create keys in dedicated projects, apply API and application restrictions, and store keys in Secret Manager or equivalent. The article also covers detection and response—how to list keys, monitor usage metrics, delete compromised keys, and rotate keys to reduce risk.

🔔 Amazon RDS Custom for SQL Server now supports the latest General Distribution Release (GDR) updates for Microsoft SQL Server, including SQL Server 2019 CU32+GDR KB5084816 and SQL Server 2022 CU24+GDR KB5083252. These updates address vulnerabilities tracked as CVE-2026-32167 and CVE-2026-32176. You can apply the updates via the Amazon RDS Management Console or programmatically with the AWS SDK or CLI, and guidance is available in the Amazon RDS Custom User Guide.

🛈 Amazon Bedrock now supports request-level usage attribution on the InvokeModel and InvokeModelWithResponseStream APIs, enabling customers to tag individual model inference calls with attributes such as team, project, and environment. This capability extends existing attribution options like application inference profiles, IAM principal attribution, project-level tracking on bedrock-mantle, and workspace tracking for Anthropic Claude models. Customers can enable model invocation logging in their AWS Region and include metadata in requests to analyze usage in Bedrock model invocation logs. The feature is available in all AWS commercial Regions where Amazon Bedrock is offered.

🔒 Amazon explains how AgentCore Gateway enforces a centralized authorization layer between autonomous agents and external tools, treating the LLM as an untrusted actor. Policies are expressed in the open-source Cedar language for readability, bounded execution, and mathematical analyzability, enabling deterministic enforcement and formal verification during policy authoring and attachment. A neuro-symbolic workflow translates natural-language rules into Cedar, validates them with Cedar Analysis, and enforces decisions at runtime to constrain tool invocations and filter unavailable actions.

🔐 AWS Security Hub now brings identity risk into the same unified console where central security teams manage threats, exposures, and posture findings. It detects unused IAM permissions, roles, and credentials across an AWS organization and correlates those identity findings with exposure context. When enabled, Security Hub automatically creates a service‑linked IAM Access Analyzer in each member account and evaluates 90 days of actual access activity. It also offers on‑demand recommended least‑privilege policies and is included in Security Hub Essentials at no additional cost.

🚀 Amazon DocumentDB (with MongoDB compatibility) Serverless is now available on DocumentDB 8.0. This on-demand, auto-scaling configuration automatically adjusts capacity based on application demand and can deliver up to 90% cost savings versus provisioning for peak load. DocumentDB 8.0 also offers up to 7x improved query latency, up to 5x better compression, broader MongoDB API compatibility (6.0–8.0), enhanced vector search, and other new features.

🔒 AWS Security Hub Extended adds 21 curated partner solutions across nine security categories, including SentinelOne, CyberArk, Sublime, Varonis, LayerX, Native Security, and Zenity. The plan centralizes procurement, billing, and support with pay-as-you-go pricing, a single AWS bill, automatic Enterprise Discount Program eligibility, unified Level 1 support for Enterprise customers, and no long-term commitments. Findings from participating solutions are emitted in the OCSF schema and aggregated in AWS Security Hub to accelerate cross-domain detection and response.

🛠️ Amazon SageMaker Unified Studio now integrates data quality rule authoring and evaluation powered by AWS Glue Data Quality. Data engineers, analysts, and data scientists can define rules, run evaluations, and view results for both data at rest and data in transit. The feature supports catalog table checks and Visual ETL job evaluations to detect issues before they impact analytics or ML workloads.