< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4609 articles · page 23 of 231

Amazon RDS Preview: PostgreSQL 19 Beta 1 Available

🔔 Amazon RDS for PostgreSQL 19 Beta 1 is available in the Amazon RDS Database Preview Environment, enabling evaluation of the pre-release with managed database benefits. PostgreSQL 19 introduces native graph query support via SQL/PGQ, concurrent table repacking, and improved logical replication features. Preview instances are retained for up to 60 days and snapshots are limited to the preview environment.
read more →

AWS rebrands Application Migration Service to Transform MGN

🔁 AWS Application Migration Service (MGN) has been rebranded as AWS Transform MGN to reflect its role as the replication engine for the agentic AWS Transform migration service. Customers can choose between the AWS Transform MGN console for manual control of replication and cutover or the AWS Transform agentic workflow for automated discovery, wave planning, and rehosting or containerization. AWS Transform MGN keeps existing compliance certifications (FedRAMP High, HIPAA, PCI DSS, ISO, SOC 1/2/3) and is available in all commercial and GovCloud (US) Regions. Refer to the product page and documentation for implementation details.
read more →

AWS Lambda Managed Instances Region Expansion

🔧 AWS Lambda Managed Instances (LMI) is now available in all commercial AWS Regions except Israel (Tel Aviv), Middle East (Bahrain), Middle East (UAE), and Asia Pacific (Auckland). LMI lets you run Lambda functions on managed Amazon EC2 instances to access specialized compute configurations and EC2 pricing benefits while maintaining Lambda's operational simplicity. It fully manages instance lifecycle, OS and runtime patching, routing, load balancing, and auto-scaling, and supports parallel request processing per execution environment. Customers can leverage EC2 pricing models such as Compute Savings Plans and Reserved Instances and integrate LMI with existing Lambda workflows, event sources, and observability tools.
read more →

Amazon Aurora DSQL adds JSONB with compression

🆕 Amazon Aurora DSQL now supports the PostgreSQL JSONB data type with optional compression. You can create or modify tables to store semi-structured data such as configuration metadata, API parameters, and event logs alongside relational data. With PostgreSQL compression enabled by default, larger JSONB payloads are stored more efficiently to help reduce storage costs. Get started with Aurora DSQL via the AWS Free Tier and check Regional availability in the AWS Region table.
read more →

AWS adds AI cost-investigation with Amazon Q

🧭 AWS Cost Anomaly Detection now includes AI-powered cost investigation using Amazon Q to analyze root causes of detected cost anomalies. The feature delivers plain-language explanations in minutes by correlating cost data with CloudTrail events and resource activity, identifying whether changes are usage- or rate-driven and pinpointing contributing services, accounts, regions, API calls, and IAM principals. Cross-account investigations work automatically for organizations with an organization CloudTrail trail, and the capability is available in all commercial AWS Regions at no extra charge, though CloudWatch Logs Insights charges may apply for data scanned.
read more →

Operationalizing AWS security: a maturity roadmap

🔒 This post outlines a practical, phased maturity roadmap for organizations that have enabled AWS Security Hub and Amazon GuardDuty. It emphasizes moving from enabled tooling to operational security practices by assessing current state, tuning signal quality, routing findings, automating safe remediations, and establishing a recurring operational cadence. Each phase includes goals, timelines, deliverables, and decision criteria to measure progress and reduce alert fatigue.
read more →

Amazon Connect adds AI agent trace visibility

🔍 Amazon Connect Customer now provides AI agent traces for self-service voice interactions, letting operators inspect how AI agents reasoned, acted, and responded during conversations. The feature displays step-by-step traces alongside full transcripts in the Connect web UI so teams can confirm correct behavior, diagnose failures, or spot tool and parameter issues. It is available in all AWS Regions that support Amazon Connect Customer AI Agents and is documented in the Amazon Connect Customer Administrator Guide.
read more →

Alcidion modernizes Miya Precision with AlloyDB

🔍 Alcidion migrated its Miya Precision platform from Microsoft SQL Server to Google Cloud's AlloyDB for PostgreSQL to improve stability, performance, and operational overhead. The move used Database Migration Service and custom synchronization tools to achieve a rapid cutover, reducing transition time to about 15 minutes. The new architecture enabled dramatic speedups in JSON processing and reduced administrative burden for SREs.
read more →

Amazon Redshift lowers manual snapshot storage costs

📣 Amazon Redshift now charges manual snapshot storage based on unique data blocks stored across snapshots rather than the full size of each snapshot. This change applies to Amazon Redshift Serverless and Amazon Redshift RG instances and reduces costs for customers who keep multiple manual snapshots. The billing model automatically applies to both existing and new manual snapshots in all AWS commercial and AWS GovCloud (US) Regions where these services are available. Customers can take more frequent snapshots to improve RPOs without incurring proportional cost increases.
read more →

Fortinet Q1 2026 Results and Strategic Momentum

📈 Fortinet reported a strong Q1 2026 driven by broad-based demand across Secure Networking, Unified SASE, and AI-Driven Security Operations. Leadership highlighted 31% billings growth, 20% total revenue growth, record non-GAAP operating margin, and $1.01B free cash flow, attributing performance to platform integration, FortiASIC technology, and FortiOS innovation. Executives noted large AI, OT, and distributed infrastructure wins and raised full-year guidance.
read more →

Google advisory on evolving global fraud and scams

🛡️ Google outlines recent global scam trends and mitigation efforts, highlighting sophisticated Adversary-in-the-Middle (AITM) phishing, QR-code and calendar-based scams, AI-driven cryptocurrency fraud, mobile extortion apps, and government impersonation campaigns. The advisory describes technical responses, policy enforcement, and legal actions to disrupt abuse, plus practical safety tips for users.
read more →

OpenAI adds Lockdown Mode and session auditing

🔒 OpenAI has rolled out two new security controls for ChatGPT: Lockdown Mode and Active Sessions. Lockdown Mode restricts outbound network access to prevent data exfiltration via prompt injection, at the cost of disabling live connectors and certain features. Active Sessions gives users visibility into and control over signed-in devices, with the ability to end single or all sessions. Both controls target account security and sensitive-data use cases, though SSO accounts and some logins remain unsupported.
read more →

Cloudflare adds realtime threat intel to WAF

🛡️ Cloudflare now exposes live Threat Events signals directly to its WAF engine, enabling security teams to create proactive rules using attacker names, target industries, countries, attack types, and dataset sources. The integration enriches HTTP request metadata in real time without adding noticeable latency, supporting both UI and Infrastructure-as-Code workflows via API and Terraform. Matches are logged in Security Analytics for auditing, and Saved Views can be exported directly into WAF rules for streamlined operations.
read more →

The Hardest Fork: Securing Open Source Supply

🔐 Mythos and emergent AI capabilities are creating a new class of supply-chain threats that chain many low-level findings into high-impact exploits. Washington is watching, but open source is globally distributed and not directly governable, so policy focus must be on consumption and mitigation. The author—an industry veteran who helped create Sigstore and other initiatives—argues for a dual plan: scale coordinated disclosure and provide a neutral, funded maintainer of last resort to manage trusted forks.
read more →

DSIT Rethinks Remediation to Simplify Vulnerability Fixes

🔍 The UK's DSIT manages security for over half a million government domains and is streamlining how vulnerabilities are communicated and fixed. Nick Woodcraft explained at Infosecurity Europe 2026 that DSIT focuses on clear, outcome-oriented guidance so non-experts can prioritise remediations. The department uses SIEM integration and NCSC channels to distribute trusted data and avoids overwhelming organisations by staging issue disclosures. Emphasis remains on basics like patching to mitigate faster-emerging threats.
read more →

AWS Transform Adds RDS for SQL Server Cost Assessment

🔎 Amazon RDS for SQL Server now integrates cost assessment into AWS Transform, enabling customers to estimate migration costs from on-premises SQL Server to RDS for SQL Server. AI-powered agents analyze environments and recommend optimal instance types while supporting BYOM and License Included options. The tool includes what-if cost comparisons, Database Savings Plans guidance, and MAP eligibility to help reduce migration expenses.
read more →

Amazon OpenSearch Serverless Adds Agentic Search

🔍 Amazon OpenSearch Serverless now supports Agentic Search, enabling natural-language queries over users' data. The system interprets intent, plans searches, generates DSL queries, and returns results with transparent reasoning. A built-in QueryPlanningTool powered by LLMs translates requests and orchestrates retrieval; behavior can be customized via APIs or OpenSearch Dashboards. Agentic Search is available in all AWS Commercial Regions where OpenSearch Serverless operates.
read more →

VS Code introduces two‑hour extension update delay

🔒 Microsoft will delay automatic extension updates in Visual Studio Code by two hours to reduce exposure to potentially compromised releases. The feature, available in VS Code 1.123, allows immediate manual updates via the "Update" button and shows reasons and scheduled times for pending updates. Trusted publishers such as Microsoft, GitHub, and OpenAI are exempt and continue to update immediately. The change follows similar cooldown controls added across package managers to curb software supply chain threats.
read more →

Amazon Bedrock AgentCore adds interactive shells

🖥️ Amazon Bedrock AgentCore Runtime introduces the InvokeAgentRuntimeCommandShell API, providing a persistent, PTY-backed terminal over WebSocket into running agent sessions. This complements existing one-shot execution via InvokeAgentRuntimeCommand and delivers a full terminal experience inside an isolated microVM with features like colors, tab completion, Ctrl+C, resize, and automatic reconnect. Developers hosting coding agents (for example, Claude Code, OpenAI Codex, Amazon Kiro) can now authenticate, drop into the agent microVM, inspect files, run ad-hoc commands, and debug while retaining session state across reconnects. Each interactive session uses a runtime session ID and shell ID for resume; up to 10 concurrent shells are supported per runtime.
read more →

Simplified S3 Tables and Iceberg permissions in GovCloud

🔒 AWS Glue Data Catalog now supports IAM-based authorization for Amazon S3 Tables and Apache Iceberg materialized views in AWS GovCloud (US) Regions. This change lets you consolidate required permissions for storage, catalog, and query engines into a single IAM policy. The capability eases integration with analytics services such as Amazon Athena, Amazon EMR, Amazon Redshift, and AWS Glue. You can still opt in to AWS Lake Formation for fine-grained access controls.
read more →