All news in category "Vendor and Hyperscaler Watch"

AWS Transfer Family: Change IdP Type Without Downtime

🔁 AWS Transfer Family now lets administrators change a server's identity provider (IdP) type without service interruption. This update allows dynamic switching among service-managed, Active Directory, and custom IdP authentication for SFTP, FTPS, and FTP servers, enabling zero-downtime migrations and faster compliance adaptation. The capability is available in all AWS Regions where Transfer Family operates.

Cut IT Costs with Secure Self-Service Password Resets

🔐 Self-service password reset (SSPR) can significantly cut help desk costs and reduce downtime by letting users securely change forgotten or expired credentials without contacting support. Industry research cited in the article highlights that password-related calls are common and expensive — Gartner and Forrester figures are referenced and a Specops analysis reports average savings per user. The piece outlines security best practices including tiered risk controls, MFA, enrollment hygiene, and detection measures like rate limiting and location checks. It describes Specops uReset capabilities for Entra ID and Active Directory, automated enrollment, reporting, and a First Day Password add-on to reduce onboarding friction.

CloudWatch Adds EC2 Metrics for EBS IOPS and Throughput

🔔 Amazon introduced two new Amazon CloudWatch instance-level metrics — Instance EBS IOPS Exceeded Check and Instance EBS Throughput Exceeded Check — that flag when the driven IOPS or throughput exceeds the EBS-Optimized limits of an EC2 instance. Each metric returns 0 (not exceeded) or 1 (exceeded), enabling rapid identification of I/O bottlenecks and the creation of dashboards or alarms. These metrics are provided by default at a 1-minute frequency at no additional charge for Nitro-based EC2 instances with EBS attached and are accessible via the EC2 console, CLI, or CloudWatch API across Commercial, GovCloud (US), and China Regions.

Mozilla: New Firefox extensions must disclose data

🔒 Starting 3 November 2025, Mozilla will require new Firefox extension developers to declare data collection practices in manifest.json via a browser_specific_settings.gecko.data_collection_permissions key. Developers must adopt the framework across all extensions in the first half of 2026, and extensions that collect no personal data must state that explicitly. The declared practices will appear during installation, on the add-on listing, and in about:addons; submissions that omit the declaration will be blocked.

Passwordless Authentication: Clearing Common Myths

🔐 Passwordless authentication reduces reliance on passwords by using device-bound keys and local verification. The post explains that passwordless is inherently multi-factor: a device factor plus a local secret such as a PIN or biometric. Biometrics and PINs unlock a private key stored on the device and are not transmitted or centralized, reducing theft and replay risks. It also describes protections that make this approach highly phishing-resistant.

SageMaker Studio Integrates with Athena Workgroups

📊 Data engineers and analysts can now connect Amazon SageMaker Unified Studio to existing Amazon Athena workgroups to run SQL queries using the workgroups' default settings and properties. This lets teams reuse access controls, cost limits, and query-tracking policies already defined in Athena, reducing setup time while maintaining governance. To enable it, choose 'Add compute' → 'Connect to existing compute resources' in Unified Studio; the connected Athena workgroup then appears in the query editor and is available in all regions where Unified Studio is supported.

AWS Lambda ups asynchronous payload limit to 1 MB today

🚀 AWS has increased the maximum payload size for AWS Lambda asynchronous invocations from 256 KB to 1 MB. This change lets customers deliver richer, complex events—such as LLM prompts, telemetry batches, or detailed JSON outputs—without splitting, compressing, or externalizing data. The increase is generally available in all AWS Commercial and AWS GovCloud (US) Regions and can be used via the Lambda invoke API. Billing counts 1 request for the first 256 KB and an additional request per 64 KB chunk beyond that up to 1 MB.

CASB Buying Guide: Key Capabilities, Vendors, and Questions

🔒 A Cloud Access Security Broker (CASB) sits between enterprise endpoints and cloud services to deliver visibility, enforce access controls and detect threats. This guide summarizes core CASB functions — visibility, control, data protection and compliance — and contrasts deployment modes (API vs proxy). It profiles major vendors such as Netskope, Microsoft Defender for Cloud Apps, Palo Alto Networks and others, and presents 16 practical questions to assess internal readiness and evaluate providers against SSE/SASE roadmaps.

HP Pulls Update That Broke Entra ID Auth on AI PCs

⚠️ HP has pulled an over-the-air update to HP OneAgent for Windows 11 after a cleanup script removed Microsoft certificates required for some organizations to authenticate to Microsoft Entra ID. The silent update deployed on HP AI PCs ran package SP161710 and an install.cmd that deleted any certificate containing the substring "1E", producing false positives. Affected devices disconnected from Entra ID/Intune; HP says the update is no longer available and is assisting impacted customers.

Microsoft Unveils Mico: Copilot Avatar for Empathy

🤖 Microsoft today introduced Mico, a new avatar for its AI-powered Copilot designed to feel more personal, supportive, and empathetic. The optional visual presence listens, adapts its expressions and color to interactions, and will respectfully push back when presented with incorrect information. The Copilot Fall Release also adds features such as Copilot Groups for up to 32 collaborators, long-term memory, Deep Research Proactive Actions, and a Learn Live voice-enabled tutor. These updates begin rolling out in the United States with broader regional availability planned.

Amazon Aurora DSQL Now Available in Frankfurt Region

🚀 Amazon Aurora DSQL is now available in Europe (Frankfurt), expanding AWS’s global footprint for its serverless distributed SQL engine. The managed service provides active-active high availability, multi-Region strong consistency, and automatic, virtually unlimited scaling so teams can build always-on applications without infrastructure management. Aurora DSQL is advertised as offering the fastest distributed SQL reads and writes, and is already available across US, Asia Pacific, and European Regions. Customers can trial it via the AWS Free Tier.

Amazon Connect Adds Preview Dialing to Outbound Campaigns

📞 Amazon Connect outbound campaigns introduces a preview dialing mode that gives agents customer context—name, balance, and prior interactions—before placing calls. Campaign managers can set review time limits, optionally remove contacts, and use new dashboards to monitor agent behavior, discard rates, and engagement trends. By reserving an agent prior to dialing, teams gain operational control and help support TCPA and OFCOM compliance.

Amazon Connect Introduces Granular Recording Permissions

🔒 Amazon Connect now offers granular UI permissions for conversation recordings and transcripts, enabling administrators to control access to playback, copying and downloads separately. Administrators can allow users to listen to calls while preventing transcript copying, and set download rules that permit redacted recordings but block unredacted downloads. The capability supports complex scenarios where sensitive conversations remain redacted while other interactions remain fully available.

Practical Guide to Google Cloud Parameter Manager Overview

🔒 Google Cloud's Parameter Manager centralizes application configuration to avoid hard-coded credentials and fragile config files, supporting validated JSON and YAML payloads as well as arbitrary unformatted data. It integrates with Secret Manager using a __REF__ syntax to keep confidential values separate and uses versioned, immutable parameter versions to prevent accidental changes. The post walks through storing an API key in Secret Manager, granting the Parameter Manager IAM principal access, and calling renderParameterVersion from a Node backend. A sample React/Node weather app demonstrates runtime configuration, fallback dummy data, and advanced patterns such as regional parameters and feature rollouts.

Google Cloud Cross-Site Interconnect Now Generally Available

🔗 Google Cloud announced that Cross-Site Interconnect is now generally available, providing a cloud-delivered, transparent layer 2 connectivity overlay for global WANs. The service uses Google’s global backbone to deliver high-bandwidth, on-demand links with a 99.95% SLA, dynamic consumption pricing, and support for MACsec encryption and VLAN-based multi-destination handoffs. It exposes operational metrics via dashboards and APIs so teams can monitor latency, loss, and utilization while abstracting failover and resiliency management.

AWS Outposts 2U Server Now Available in GovCloud Regions

🔒 AWS now supports the Outposts 2U server in AWS GovCloud (US-East) and GovCloud (US-West). The fully managed, industry-standard 2U form factor delivers up to 128 vCPUs and extends AWS infrastructure, services, APIs, and tools to on-premises or edge locations with limited space. Customers can run Amazon EC2, Amazon ECS, and AWS IoT Greengrass locally while connecting to the parent GovCloud region for broader management and operations.

Azure Storage Mover: Cloud-to-Cloud S3 to Blob Migrations

🚀 Azure Storage Mover is now generally available for direct cloud-to-cloud migrations from AWS S3 to Azure Blob Storage. The fully managed service performs high-speed, server-to-server parallel transfers without requiring self-hosted agents, preserving file metadata and supporting incremental syncs to minimize downtime. Integrated automation via the Azure portal, CLI, and REST API removes the need for custom scripts or third-party tools, while RBAC, Azure Active Directory, Multicloud Arc connectivity, and encryption in transit address security and compliance. Customers who tested the preview moved petabytes of data and reported reduced infrastructure overhead and faster access to Azure analytics and AI capabilities.

Harden Identity Defense: Richer Context and Correlation

🔒Microsoft outlines expanded Identity Threat Detection and Response (ITDR) capabilities designed for modern, hybrid environments. The post highlights general availability of unified identity and endpoint sensors, broad on‑premises sensors for Domain Controllers, AD FS, and AD CS, and native integration with Microsoft Entra ID. It emphasizes an identity‑centric approach that correlates accounts across platforms, integrates with PAM, and links identity signals into Defender XDR to enable contextualized alerts, coordinated response, and automatic attack disruption across devices and sessions.

Amazon QuickSight Adds Visual Data Preparation Experience

📊 Amazon QuickSight now provides a visual data preparation experience that enables business users to clean, transform, and combine data without writing code. The interface supports multi-step workflows—appends, aggregations, flexible joins—and records each transformation step to improve traceability and shareability. It increases dataset source depth from 3 to 10 levels and boosts cross-source join capacity 20× (1GB to 20GB), and is available to Author, Author Pro, and select Quick Suite Enterprise subscribers across multiple regions.

DynamoDB Zero-ETL Integration with Redshift in Taipei

🔁 The Amazon DynamoDB zero-ETL integration with Amazon Redshift is now available in the Asia Pacific (Taipei) region, enabling analytics on production DynamoDB tables without impacting operational workloads. Customers can run high-performance SQL, leverage built-in ML and Spark integrations, and use materialized views with automatic incremental refresh and data sharing. History mode provides built-in support for analyzing historical data and building Type 2 Slowly Changing Dimension (SCD 2) tables without custom ETL code.