All news in category "Vendor and Hyperscaler Watch"

Amazon Bedrock AgentCore Browser Adds Web Bot Auth Preview

🔐 Amazon Bedrock AgentCore Browser now previews Web Bot Auth, a draft IETF protocol that cryptographically identifies AI agents to websites. The feature automatically generates credentials, signs HTTP requests with private keys, and registers verified agent identities to reduce CAPTCHA interruptions and human intervention in automated workflows. It streamlines verification across major providers such as Akamai, Cloudflare, and HUMAN Security, and is available in nine AWS Regions on a consumption-based pricing model with no upfront costs.

Amazon ECS Service Connect Adds Envoy Access Logs Support

🔍 Amazon ECS Service Connect now captures per-request telemetry with Envoy access logs to improve visibility into service-to-service traffic for tracing, debugging, and compliance. Access logging is enabled via the ServiceConnectConfiguration and emits Envoy logs to STDOUT alongside application logs, flowing through the existing ECS log pipeline without extra infrastructure. Query strings are redacted by default and the feature supports HTTP, HTTP/2, gRPC, and TCP protocols. The capability is available in all regions where Service Connect is supported.

Amazon OCSF Ready Specialization for AWS Partners Program

🔒 Amazon today introduced the Amazon OCSF Ready Specialization to recognize AWS Partners that have technically validated their software to integrate with OCSF-compatible Amazon services and demonstrated customer success in production. The designation helps customers find pre-validated partner solutions that send or receive logs and security events in the OCSF schema, reducing integration complexity. Partners earn AWS Specialization Program benefits and signature support, including private strategy sessions and AWS guest speaker assistance. The specialization replaces and expands the prior Amazon Security Lake Specialization to broaden standardized security data interoperability.

AWS releases AI agent context pack for Greengrass developers

🤖 AWS announced an open-source AI agent context package for AWS IoT Greengrass that provides ready-to-use instructions, examples, and templates to accelerate edge device application development. The package is published on GitHub under the Creative Commons Attribution Share Alike 4.0 license and is designed to integrate with generative AI tools such as Amazon Q. Developers can clone the repository to jumpstart creation, testing, and fleet-wide deployment workflows across supported Regions.

AWS Cloud Map Adds Cross-Account Support in GovCloud

🔁 AWS Cloud Map now supports cross-account service discovery in AWS GovCloud (US) Regions through integration with AWS Resource Access Manager (AWS RAM). By sharing namespaces, you can allow individual accounts, Organizational Units, or an entire AWS Organization to discover resources such as Amazon ECS tasks, EC2 instances, and DynamoDB tables across accounts. The capability is available now in GovCloud (US-East) and GovCloud (US-West) via Console, API, SDK, CLI, and CloudFormation.

AWS Backup: Single-step Cross-Region Snapshot Copy

🔁 AWS Backup now supports a single-action copy of database snapshots across AWS Regions and accounts for Amazon RDS, Amazon Aurora, Amazon Neptune, and Amazon DocumentDB. This eliminates the previous two-step process and removes the need for intermediate copies, custom scripts, or Lambda automation. The change reduces operational complexity and helps achieve faster RPOs while removing costs associated with intermediate snapshot storage. You can use the feature today via the AWS Management Console, AWS CLI, or AWS SDKs.

TwelveLabs Marengo 3.0 Now on Amazon Bedrock Platform

🎥 TwelveLabs' Marengo Embed 3.0 is now available on Amazon Bedrock, providing a unified video-native multimodal embedding that represents video, images, audio, and text in a single vector space. The release doubles processing capacity—up to 4 hours and 6 GB per file—expands language support to 36 languages, and improves sports analysis and multimodal search precision. It supports synchronous low-latency text and image inference and asynchronous processing for video, audio, and large files.

Stability AI Image Tools Expanded in Amazon Bedrock

🖼 Amazon Bedrock now offers four new image-editing tools in Stability AI Image Services: Outpaint, Fast Upscale, Conservative Upscale, and Creative Upscale. These additions expand the platform's Edit, Upscale, and Control capabilities, enabling creators to perform targeted edits and resolution enhancements with greater precision. The tools are accessible via the Bedrock API and are initially supported in US West (Oregon), US East (N. Virginia), and US East (Ohio).

Microsoft DNS Outage Disrupts Azure and Microsoft 365

⚠️ Microsoft is experiencing a global DNS outage that began about an hour ago, causing widespread access problems to Azure and Microsoft 365 services. Customers worldwide report they cannot log into corporate networks or reach portals including Azure, Intune, and the Exchange admin center, and some report the Azure Front Door CDN is also unavailable. Microsoft attributes the interruptions to DNS failures, warns of intermittent request failures and latency, and is reviewing telemetry while working on mitigation; it recommends programmatic access (PowerShell/CLI) when portals are unreachable.

Chrome to Enable HTTPS-First Mode by Default in 2026

🔒 Beginning in April 2026 and completing in October 2026, Google will make the Always Use Secure Connections feature the default in Chrome, attempting HTTPS for all public site navigations and prompting users before loading non-HTTPS pages. The phased rollout starts with Enhanced Safe Browsing users in Chrome 147 and expands to all global users in Chrome 154. Internal addresses such as routers and intranets will be exempt, and Google reports early tests showed warnings on fewer than 3% of navigations, typically under one alert per week, while the browser will avoid repeatedly warning about frequently visited sites.

Fortinet Expands Unified SASE with Global POPs and AI

🚀 Fortinet announced enhancements to Fortinet Unified SASE, expanding its global footprint to over 170 points of presence and embedding AI-powered operations. FortiAI-Assist automates diagnostics and remediation to accelerate mean time to resolution, while an agentless Secure Browser and SaaS Security Posture Management extend DLP and compliance controls across 80+ SaaS apps. These updates aim to boost performance, simplify operations, and strengthen data protection for distributed workforces.

Visibility Gaps in Patching and Vulnerability Remediation

🔍 Modern patch management demands centralized visibility, faster prioritization, and accountable remediation to close growing exposure gaps. The article highlights how legacy systems such as WSUS and SCCM struggle with mixed environments, remote endpoints, and third-party applications, producing inconsistent patch states and unnoticed failures. Action1 is presented as a cloud-native platform that inventories endpoints, maps missing updates to CVEs, automates targeted deployments and retries failures, and provides audit-ready reporting to unify security and IT workflows.

AWS Elastic Beanstalk: Corretto 25 with Tomcat 11 on AL2023

🚀 AWS Elastic Beanstalk now supports building and deploying Tomcat 11 applications using Amazon Corretto 25 on Amazon Linux 2023 (AL2023). The platform enables developers to leverage Java 25 and Jakarta EE 11 features such as compact object headers, ahead‑of‑time (AOT) caching, and structured concurrency while benefiting from AL2023’s security and performance improvements. Environments can be created through the Elastic Beanstalk Console, CLI, or API and are generally available in commercial and GovCloud regions.

Amazon S3 Adds Conditional Copy Support for Writes

🔐 Amazon S3 now supports conditional copy operations via the CopyObject API, enabling verification of an object's existence or content in the destination bucket before copying. You can supply the HTTP If-None-Match header to ensure the destination object does not exist, or If-Match with an ETag to validate content prior to copy. Administrators can enforce these checks using s3:if-match and s3:if-none-match bucket policy condition keys. This capability is available at no additional charge in all AWS Regions and removes the need for additional client-side coordination or pre-copy validation calls.

Amazon EBS adds per-minute avg IOPS and throughput metrics

📈 Amazon EBS now emits two new per-volume CloudWatch metrics—VolumeAvgIOPS and VolumeAvgThroughput—providing one-minute average I/O and throughput visibility. These metrics are enabled by default at no extra charge for all EBS volumes attached to EC2 Nitro instances in Commercial Regions, including AWS GovCloud (US) and AWS China. Use them to monitor trends, troubleshoot performance bottlenecks, tune provisioned performance, and build dashboards or alarms to automate responses.

Amazon EC2 High-Memory U7i-8tb Instances in London

🚀 AWS has launched Amazon EC2 U7i-8tb (u7i-8tb.112xlarge) instances in the Europe (London) region, offering 8 TiB of DDR5 memory and 448 vCPUs for memory-intensive workloads. Powered by custom fourth-generation Intel Xeon Scalable processors (Sapphire Rapids), these 7th-generation instances deliver up to 135% more compute than prior U-1 instances and support up to 100 Gbps for EBS and networking with ENA Express. They are aimed at mission-critical in-memory databases like SAP HANA, Oracle, and SQL Server.

Building a High-Performance VPN with Linux for WARP

🛡️ Cloudflare explains how it initially implemented WARP as a Layer‑3 VPN by leveraging the Linux networking stack to egress arbitrary user packets from edge machines. They used a TUN device, nftables/Netfilter rules and the conntrack module to perform NAT, mark flows, and distinguish client traffic from locally‑originated traffic. Core tunnel handling was written in Rust (boringtun/WireGuard) and paired with MASQUE and defense‑in‑depth controls. The approach worked but required one IPv4 address per server, creating a scalability and cost challenge that led them to explore IP sharing.

How We Escaped the Linux Networking Stack for Soft-Unicast

🐟 Cloudflare describes building "fish" (SLATFATF), a service to egress packets using soft-unicast address space and the challenges encountered with the Linux networking stack. They found that conntrack and Netfilter interactions can silently rewrite source ports and break connections, so they evaluated several approaches including Netlink manipulation, TCP_FASTOPEN_CONNECT sockets, and routing fixes. Ultimately they preferred terminating and proxying TCP locally to avoid fragile kernel workarounds, after testing that disabling early demux produced only modest CPU effects.

Amazon Web Grounding for Nova Models Now Generally Available

🌐 Web Grounding is now generally available as a built-in tool for Nova models, usable today with Nova Premier via the Amazon Bedrock tool use API. It retrieves and incorporates publicly available information with citations to support responses, enabling a turnkey RAG solution that reduces hallucinations and improves accuracy. Cross-region inference makes the tool available in US East (N. Virginia), US East (Ohio), and US West (Oregon). Support for additional Nova models will follow.

Lower Your TCO with Check Point's SASE Platform

🔒 Check Point’s SASE offering and its TCO savings calculator explain how consolidating security and networking into a cloud-delivered SASE reduces operational complexity and costs compared with traditional VPN-based architectures. The article explains product, operational and performance savings and quantifies ROI improvements when replacing hardware-heavy VPN backhauling. It highlights benefits such as simplified management, faster time-to-value, improved throughput and reduced exposure to risk for distributed users.