< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4612 articles · page 25 of 231

Amazon EKS Capabilities add CloudWatch Vended Logs

🟣 Amazon EKS Capabilities can now be configured as log delivery sources using Amazon CloudWatch Vended Logs to capture logs from managed controllers such as Argo CD, AWS Controllers for Kubernetes (ACK), and kro. Customers can enable delivery via CloudWatch APIs or the AWS Console and send logs to CloudWatch Logs, Amazon S3, or Amazon Kinesis Data Firehose. The feature is available in all Regions that support EKS Capabilities and incurs standard CloudWatch Vended Logs pricing with no additional EKS charge.
read more →

Amazon Cognito adds multi-Region replication support

🔁 Amazon Cognito now supports multi-Region replication, allowing near real-time synchronization of user and machine identity data — including credentials, user pool configurations, and federation setups — to a standby user pool in a designated secondary Region. This feature improves authentication resilience by providing a replica that can accept traffic during regional disruptions, preserving signed-in sessions and enabling users to authenticate with existing credentials. Multi-Region replication is offered as an add-on for user pools in the Essentials or Plus tiers and is available across multiple AWS Regions. Administrators can configure replication through the AWS Console, CLI, or SDKs; pricing and implementation guidance are provided in AWS documentation.
read more →

AWS Deadline Cloud adds plugin sync for workers

🔔 AWS Deadline Cloud now automates delivery of plugins to cloud workers for service-managed fleets. Previously requiring custom scripts or manual setup per DCC application and version, you can now upload plugin files to a specific path in your queue's job attachments Amazon S3 bucket and Deadline Cloud will sync them to workers at job start. This feature is GA for Blender and Autodesk Maya and is available in all Regions where the service is offered.
read more →

Google Cloud enhances Managed Spark clusters

⚙️ This announcement details Google Cloud’s updates to Managed Service for Apache Spark, now offered as Managed Spark clusters with serverless and managed modes. Key enhancements include Lightning Engine, a native C++ vectorized execution engine delivering up to 4.9x faster Spark performance, Flexible VMs for improved capacity resilience, and FinOps features like zero-scale clusters and scheduled stops. The release also adds the Model Context Protocol server and Data Agent Kit integrations to connect LLMs and developer tools securely to clusters, plus Lakehouse interoperability and Cluster Image 3.0 with Spark 4.1 preview.
read more →

AI and Evasion Force Rethink of Network Prevention

🔍 For years network security relied on content inspection and static threat intelligence, but the rise of agentic AI and evasive techniques has upended that model. Unit 42 research shows attackers exploit the IP layer and use anonymizers, rapid infrastructure rotation, and AI-enabled stealth to bypass legacy controls. Security strategies must augment deep inspection with real-time IP-layer monitoring and continuous verification to defend at machine speed.
read more →

Customize Federated Sign‑In with Cognito Lambda Trigger

🔐 This post introduces the new inbound federation Lambda trigger for Amazon Cognito, which intercepts external IdP responses so you can transform, filter, and enrich attributes before a user profile is created. It explains how the trigger receives SAML and OIDC attributes, and outlines common B2B and B2C problems such as oversized group lists and duplicate accounts from different social sign-ins. The article shows how to normalize group attributes, filter excessive data, and implement automated account linking to maintain a single primary identity. It also covers performance and error-handling best practices for Lambda functions.
read more →

Fortinet Earns AV‑Comparatives EDR Detection Certification

🛡️ Fortinet announces that FortiEDR earned certification in the AV‑Comparatives 2026 EDR Detection Validation Test, with the same EDR capabilities available via FortiEndpoint. The product demonstrated validated visibility across 12 of 14 attack stages, combining active alerts with telemetry to support investigation and threat hunting. AV‑Comparatives evaluated detection visibility mapped to the MITRE ATT&CK framework, highlighting strong coverage for service‑based staging, process injection, and server lateral movement.
read more →

Microsoft attributes unexpected driver updates to caching error

🔧 Microsoft acknowledged and fixed an issue where a Windows Update caching misconfiguration caused some devices to install driver updates despite policies preventing auto-updates. The company said the caching service temporarily dropped device enrollment information, causing driver-approval controls to be bypassed. Microsoft updated the service cache and enrollment status, confirmed remediation, and is investigating root causes to prevent recurrence.
read more →

Proton’s Balance Between Privacy and Abuse Control

🔒 Proton struggles to block criminals while preserving its core privacy guarantees. COO Raphael Auphan explained that the service cannot access encrypted message contents or geolocate users due to its end-to-end encryption model. Instead, Proton invests in account-level and behavioral defenses, including ML models to detect bot-driven sign-ups and abuse. Lawful takedown requests are handled only after Swiss authorities vet and validate them.
read more →

Balancing Cyber Product Leadership and Endurance

🔥 Tony Giandomenico of Cisco Talos discusses how endurance from Ironman training informs his approach to leading major cybersecurity product launches. He highlights rapid advances in frontier AI models, the evolving threat landscape, and the need to apply similar AI-driven speed to defensive tools. Tony explains Cisco Talos Threat Hunting, its focus on endpoint telemetry and expansion into firewalls and identity, and stresses communication, influence, and purpose as keys to sustaining focus across long careers.
read more →

Hypothesis-Driven Threat Hunting at Cisco Talos

🔍 Cisco Talos Threat Hunting adopts a hypothesis-first approach: rather than waiting for alert thresholds, analysts formulate theories about adversary behavior and search telemetry to validate them. Using AI for scale and human expertise for context, continuous hunts run across global telemetry to surface candidates that automated detection misses. Confirmed findings are reported with remediation guidance and feed back into detection tuning and product improvements.
read more →

Amazon MQ for RabbitMQ in EU Sovereign Cloud

🔔 Amazon MQ for RabbitMQ is now available in the AWS European Sovereign Cloud (Germany) Region, an independent cloud located fully within the EU to help regulated and public sector customers meet sovereignty requirements. Amazon MQ is a managed message broker service that handles provisioning, patching, and maintenance so you can focus on applications. This launch supports RabbitMQ engine 4.2 and Graviton3-based m7g instance types from m7g.medium to m7g.16xlarge for high-performance messaging.
read more →

AWS IoT Device Management adds MQTT session visibility

🔧 AWS IoT Device Management now surfaces MQTT session data in its connectivity status API, helping teams troubleshoot device connectivity and audit connection patterns across IoT fleets. The update provides session timeout and expiry values and, optionally, socket-level details like source/destination IPs, ports, and client VPC endpoint IDs. Access to socket information is controlled by granular IAM policies. The API keeps connection records indefinitely, exceeding the 30-minute retention of AWS IoT Core's GetConnection API.
read more →

SageMaker Data Agent adds conversation history

💬 Amazon SageMaker Data Agent in SageMaker Unified Studio now supports conversation history, enabling practitioners to maintain continuity across analytical sessions. Data analysts and scientists can reference prior agent-generated code, resume multi-step analyses, and review past troubleshooting interactions within notebooks and the Query Editor. Conversation history appears as a scrollable list via the clock icon, with auto-generated titles and timestamps for quick identification.
read more →

SageMaker Unified Studio adds notebook scheduling

🧭 Amazon SageMaker Unified Studio now allows scheduling, parameterizing, and orchestrating notebook runs directly from the notebook interface without external orchestration infrastructure. Users can run notebooks in the background on dedicated compute, create recurring schedules, and reuse parameterized notebooks across different inputs. The Notebook Operator enables chaining multi-notebook workflows, and AI-assisted troubleshooting with SageMaker Data Agent helps diagnose failures and create schedules using natural language.
read more →

Step Functions adds AgentCore AI reasoning steps

🤖 AWS Step Functions now integrates with the Amazon Bedrock AgentCore managed harness (preview) to add AI agent reasoning steps to workflows. The integration lets you declare agents via configuration, run agents in parallel or sequence, add human approvals, and view execution history with agent inputs, outputs, token usage, and CloudWatch links. You can reuse or create harnesses from Workflow Studio, apply per-invocation overrides, and persist agent context with session IDs. The harness preview and integration are available in select regions and standard Step Functions and Bedrock pricing applies.
read more →

OpenAI GPT-5.4 Now in AWS GovCloud (US‑West)

🛡️ Amazon Bedrock now offers OpenAI GPT‑5.4 in AWS GovCloud (US‑West), enabling government and regulated industry customers to use OpenAI's most capable frontier model with the security and compliance of GovCloud. GPT‑5.4 delivers native computer-use capabilities and advanced reasoning across coding, documents, and multi-step agentic tasks, running on Bedrock's high-performance inference engine. Data remains in-partition and is not used to train models.
read more →

Kaspersky on Safety-Aware Automotive Security

🔒 This article outlines Kaspersky’s approach to securing modern connected and autonomous vehicles, emphasizing the need to combine functional safety with cybersecurity. It highlights standards such as ISO/SAE 21434, UNECE R155/R156, and China’s GB 44495-2024, and explains the role of security gateways and SecOC for CAN bus protection. The piece also discusses distributed IDS monitoring, fleet-wide SIEM integration, and Kaspersky’s KASG and Unified Monitoring and Analysis Platform as implementations.
read more →

Compute Optimizer adds 32-day lookback for rightsizing

🛠️ AWS Compute Optimizer now supports extending the default 14-day lookback period to 32 days for Amazon EBS volume and Amazon ECS service rightsizing recommendations at no extra cost. The longer lookback captures monthly utilization patterns such as month-end processing to improve optimization decisions for cost and performance. The 32-day option is available for EC2 instance, EC2 Auto Scaling group, RDS database, EBS volume, and ECS service recommendations. You can set the lookback at organization, account, or resource level via the console, AWS SDK, or AWS CLI, and it’s available in all AWS Regions where Compute Optimizer is offered except GovCloud (US) and China.
read more →

ARC Region Switch adds Aurora and Neptune blocks

🔔 Amazon Application Recovery Controller (ARC) Region switch introduces three new execution blocks: Amazon Aurora serverless scaling, Amazon Aurora provisioned scaling, and Amazon Neptune global database failover. These blocks automate database scaling and failover for multi-Region workloads, eliminating manual steps that add recovery time. They support cross-account orchestration so a single plan can coordinate operations across multiple accounts and Regions.
read more →