All news in category "Vendor and Hyperscaler Watch"

AWS Organizations Enables Direct Account Transfers

🔁 AWS Organizations now supports direct transfers of accounts between organizations, removing the prior need to convert an account to a standalone entity during moves. The simplified transfer preserves governance controls, consolidated billing, and account settings and uses the same console and APIs (invite and accept). This capability is available in all commercial AWS Regions and the AWS GovCloud (US) Regions.

Amazon S3 Adds Post-Quantum TLS Key Exchange Support

🔐 Amazon S3 now supports post-quantum TLS key exchange on regional S3, S3 Tables, and S3 Express One Zone endpoints using the NIST-standardized Module Lattice-Based Key Encapsulation Mechanism (ML-KEM). PQ-TLS key exchange is available at no additional cost across all AWS regions and will be negotiated automatically when clients are configured for ML-KEM. Combined with server-side AES-256 encryption by default, S3 offers quantum-resistant protection for data both in transit and at rest.

Amazon API Gateway Adds Enhanced TLS Security Policies

🔐 Amazon API Gateway now supports enhanced TLS security policies for REST APIs and custom domain names, giving customers more granular control over encryption, cipher selection, and endpoint access. Policy options include TLS 1.3-only, Perfect Forward Secrecy, FIPS-compliant cipher suites, and Post Quantum Cryptography choices. The update, available in many AWS commercial Regions, aims to simplify compliance with stricter regulations and strengthen cryptographic posture.

AWS Lambda Introduces Tenant Isolation Mode for Multi-Tenant

🔒 AWS announced a new tenant isolation mode for AWS Lambda, enabling customers to isolate request processing per tenant or end-user invoking the same function. By providing a unique tenant identifier on invocation, Lambda routes requests to execution environments dedicated to that tenant and ensures those environments are never used for other tenants. This simplifies building multi-tenant SaaS workloads and reduces the need for custom per-tenant function routing.

AWS Network Firewall Log Analysis Using OpenSearch

📊 The post describes a new Amazon CloudWatch and Amazon OpenSearch Service dashboard that simplifies analysis of AWS Network Firewall logs by removing previous multi-step setup and streamlining integration. It explains prerequisites, creating an OpenSearch integration and dashboard, selecting log groups, sync intervals, and IAM roles. The overview covers widgets, filters, CSV export, common use cases, and cost considerations to improve visibility and troubleshooting.

Thunderbird Gains Native Microsoft Exchange Support

📧 Thunderbird 145 introduces built-in support for Microsoft Exchange email via the Exchange Web Services (EWS) protocol, eliminating the need for third-party add-ons in Exchange-hosted environments. The client auto-detects account settings and uses Microsoft’s OAuth2 for authorization to simplify migration from Outlook. Initial capabilities include full folder listings, message synchronization, message operations (view, send, reply, forward, move, copy, delete), attachment handling, subject/body search and quick filtering for Microsoft 365 domains with standard OAuth2 and for on-premise Exchange using basic password authentication. The Thunderbird team says additional features such as calendar syncing, address book support, Microsoft Graph integration and expanded authentication options (NTLM, tenant-specific OAuth2) are planned but not yet available.

Windows 11 Introduces Cloud Rebuild and PITR Recovery

☁️ Microsoft unveiled two Windows 11 recovery capabilities — Point-in-Time Restore (PITR) and Cloud Rebuild — designed to reduce downtime and simplify device recovery. PITR builds on System Restore by capturing full system snapshots, enabling admins and users to roll a device back to a known-good state, including local files and applications. Cloud Rebuild allows remote reinstallation through Intune, leveraging Autopilot, OneDrive, and Windows Backup for Organizations to restore settings and data.

AWS launches EC2 P6-B300 with NVIDIA Blackwell Ultra

🚀 Amazon Web Services has announced general availability of Amazon EC2 P6-B300 instances powered by NVIDIA Blackwell Ultra B300 GPUs. The p6-b300.48xlarge delivers eight GPUs, 2.1 TB of high-bandwidth GPU memory, 6.4 Tbps EFA networking, 300 Gbps ENA throughput, and 4 TB of system memory. It targets training and deploying trillion-parameter foundation models and LLMs, offering higher memory, compute, and networking versus P6-B200.

Amazon Bedrock adds Priority and Flex inference tiers

🔔 Amazon Bedrock introduces two new inference tiers—Priority and Flex—to help customers balance cost and latency for varied AI workloads. Flex targets non-time-critical jobs like model evaluations and summarization with discounted pricing and lower scheduling priority. Priority offers premium performance and preferential processing (up to 25% better OTPS vs. Standard) for mission-critical, real-time applications. The existing Standard tier remains available for general-purpose use.

EC2 Auto Scaling adds synchronous LaunchInstances API

🔔 Today, EC2 Auto Scaling launched a synchronous LaunchInstances API that gives customers precise control over where instances are provisioned and provides immediate feedback on capacity availability. The API supports overrides for any Availability Zone and/or subnet in an Auto Scaling group and includes optional asynchronous retries to help reach desired capacity. It is available now in US East (N. Virginia), US West (Oregon), Europe (Ireland), and Asia Pacific (Singapore) at no additional cost beyond standard EC2 and EBS usage. Use the AWS CLI or SDKs to get started.

OpenSearch Serverless: CloudTrail data-plane audit logging

🔒 Amazon has added detailed audit logging for OpenSearch Serverless data-plane requests through AWS CloudTrail. Customers can now record and retain user actions on collections — including authorization attempts, index changes, and search queries — to support compliance and incident investigations. Logs can be filtered with read-only or write-only options or captured using advanced event selectors for granular control. Data events are delivered to Amazon S3 and can be forwarded to Amazon CloudWatch Events for real-time monitoring and response.

Microsoft to Natively Integrate Sysmon in Windows 11

🛡️ Microsoft will integrate Sysmon natively into Windows 11 and Windows Server 2025, removing the need to deploy the standalone Sysinternals tool. The built-in functionality will preserve Sysmon’s capabilities, including support for custom configuration files and advanced event filtering, and logs events to the Windows Event Log. Administrators can enable it via Optional Features or run sysmon -i (or sysmon -i <config>) to load a custom configuration, and updates will be delivered through Windows Update to simplify management and improve coverage in large environments.

Automating Session Manager Preferences with CloudFormation

🔐 This post explains how to centrally manage AWS Systems Manager Session Manager preferences across multiple accounts and Regions using CloudFormation StackSets and an AWS Lambda function. The solution automates updates to the SSM-SessionManagerRunShell document, provisions optional logging destinations (Amazon S3 or CloudWatch Logs), and can create KMS keys for session and log encryption. It aims to reduce manual configuration errors and ensure consistent security and compliance at scale.

Microsoft Teams adds false-positive threat report option

🔔 Microsoft is adding a user-driven false-positive reporting capability to Microsoft Teams, allowing users to flag chat or channel messages they believe were incorrectly marked as security threats. The feature began a targeted rollout in September and is scheduled to reach general availability worldwide by the end of November 2025. It will be available to organizations using Microsoft Defender for Office 365 Plan 2 or Microsoft Defender XDR, and accessible on desktop, mobile, and web. Administrators can enable or disable the feature from the Teams admin center or the Microsoft Defender portal.

Using Private NAT for Overlapping Private IP Spaces

🔒 Google Cloud's Private NAT enables secure private-to-private translation to connect networks with overlapping or non-routable IPv4 ranges without running NAT appliances. As a managed Cloud NAT feature, it delivers high availability, automatic scalability, and centralized control for hybrid and multi‑VPC topologies. The post includes practical gcloud examples and Network Connectivity Center use cases to guide implementation.

Google Cloud launches 30-day Cloud SQL free trial edition

🚀 Google Cloud today announced a 30-day free trial for Cloud SQL, offering preconfigured MySQL and PostgreSQL instances to evaluate enterprise-grade features without upfront commitment. The trial exposes Performance, High Availability, and Data Cache capabilities and mirrors production-oriented SKUs (Enterprise and Enterprise Plus). Users can one-click upgrade to paid instances at any time; after 30 days instances are suspended and kept stopped for an additional 90 days at no charge. The offer is available in all Google Cloud regions.

TimesFM Integration Brings Forecasting to BigQuery

🕒 Google is integrating the TimesFM time-series foundation model into BigQuery and AlloyDB, enabling zero-shot forecasting on customer data without retraining. AI.FORECAST and AI.EVALUATE are now Generally Available in BigQuery, while AI.DETECT_ANOMALIES is in public preview. TimesFM 2.5 offers improved accuracy and lower latency, supports dynamic context windows up to 15K, and can return historical data with forecasts. AlloyDB preview lets users call TimesFM endpoints hosted on Vertex AI so operational data can be forecasted in-place, preserving data residency and reducing export overhead.

AWS Releases Responsible AI and Updated ML Lenses at Scale

🔔 AWS has published one new Responsible AI lens and updated Generative AI and Machine Learning lenses to guide safe, secure, and production-ready AI workloads. The guidance addresses fairness, reliability, and operational readiness while helping teams move from experimentation to production. Updates include recommendations for Amazon SageMaker HyperPod, Agentic AI, and integrations with Amazon SageMaker Unified Studio, Amazon Q, and Amazon Bedrock. The lenses are aimed at business leaders, ML engineers, data scientists, and risk and compliance professionals.

Security Copilot Agents Included with Microsoft 365 E5

🛡️ Microsoft is including Security Copilot agents in Microsoft 365 E5, embedding AI-driven assistants across Defender, Entra, Intune, and Purview to accelerate investigations and automate routine tasks. The rollout begins today for existing Security Copilot customers on E5 and will expand to all E5 tenants in the coming months with a 30-day notification. The announcement adds 12 Microsoft-built preview agents, 30+ partner agents, and support for customer-built agents to tailor workflows.

Azure Ignite 2025: Azure's Agentic AI and Data Innovations

🚀 At Microsoft Ignite 2025, Azure introduced a coordinated set of agentic and data-first capabilities to accelerate enterprise AI adoption. Announcements include Microsoft Agent Factory (available), previews of Fabric IQ and Foundry IQ, expanded Foundry model choices (Anthropic, Cohere), and new database offerings like Azure HorizonDB and Azure DocumentDB. The updates emphasize unified data, model choice, and integrated security to simplify building, running, and governing AI agents at scale.