All news in category "Vendor and Hyperscaler Watch"

Using Chaos Engineering to Validate Disaster Recovery Plans

🔬 Chaos engineering converts disaster recovery assumptions into measurable facts by running controlled experiments that simulate realistic failures and quantify impact. Instead of relying on audits or tabletop drills, teams define a steady state, form testable hypotheses, inject targeted failures, and use automated probes to measure effects on SLOs. This approach exposes gaps such as failover delays or error spikes and provides data to iterate DR procedures. Start small, build confidence, and consider engaging Google Cloud professional services for guidance.

Microsoft and Beazley Partner to Strengthen Cyber Resilience

🤝 Microsoft announced a collaboration with Beazley that designates Microsoft Incident Response as an approved incident response provider for Beazley’s InfoSec and Media Tech policies. This alignment brings technical responders, insurers, brokers, and legal counsel together to accelerate detection, containment, and recovery. Microsoft Incident Response, supported by Microsoft Threat Intelligence and direct engineering access, offers streamlined invoicing aligned to insurance standards. Eligible incident response services used during a cyber event are considered reimbursable, helping customers secure faster claims and recovery.

Amazon Quick Suite adds Quick Research to Flows for Reports

📢 Amazon Quick Suite now integrates Quick Research as a step within Quick Flows, enabling automated generation of verified, source-traced research reports as part of multi-step workflows. Teams can schedule or trigger research flows to create reusable, shareable outputs that automatically kick off downstream actions—updating CRM records, creating tickets, or assigning tasks—reducing manual work and scaling proven analysis methods. Pre-configured flows accept creator instructions and optional user inputs to deliver consistent analysis across enterprise data sources.

Debunking Common Cloud Security Misconceptions Today

🔒 In a December 8, 2025 Fortinet post, Ali Bidabadi and Carl Windsor dispel persistent myths about cloud security and emphasize the shared responsibility model. They warn that simple misconfigurations — not sophisticated attacks — often cause large exposures and that cloud-native controls alone leave gaps. The authors recommend adopting CNAPP, third-party NGFW and WAF solutions, and continuous visibility to reduce risk across multi-cloud and hybrid environments.

MedGemma DICOM and FHIR Integration for Clinical Workflows

🩺 Google Health AI Developer Foundations has added DICOMweb support to MedGemma, releasing a public Docker container, container source code, and API specifications so teams can deploy DICOM-aware services that accept medical images as DICOMweb links. The update pairs with pre-built Vertex Model Garden resources for GCP users and leverages existing MedSigLIP containers that already understood DICOM. The post also demonstrates a FHIR navigation agent that uses the model’s awareness of FHIR to retrieve patient context without ingesting full records.

AWS launches Spatial Data Management (SDMA) solution

🗺️ Spatial Data Management on AWS (SDMA) centralizes multimodal spatial assets — 3D, geospatial, behavioral, and temporal data — into a secure, highly available cloud repository. It automates metadata extraction for formats such as .LAZ, .E57, .GLB, and .GLTF, provides REST APIs and customizable connectors, and offers web and desktop interfaces with auto-generated previews to accelerate validation without large downloads. SDMA is designed to simplify integrations, governance, and discoverability to speed operational insights across AWS regions.

Falcon Shield Expands AI Agent Visibility and Governance

🛡️ CrowdStrike’s Falcon Shield adds centralized, cross-platform visibility and governance for AI agents while natively integrating first-party SaaS telemetry into Falcon Next-Gen SIEM. The update automatically inventories and classifies agents, maps privileges to human and service identities, and detects risky configurations and agent-to-agent misuse. Teams can alert or suspend agents and associated accounts through Falcon Fusion SOAR, applying human identity controls to AI-driven automation.

Cloudflare Advances Python Workers with Faster Starts

🚀 Cloudflare has significantly upgraded Python Workers to support any package compatible with Pyodide, delivering a more complete Python-native developer experience. Rather than shipping a limited set of built-ins, developers can install pure-Python and many dynamic-library packages using the integrated uv tooling and pywrangler. Cloudflare also uses dedicated memory snapshots and its isolate-based architecture to achieve markedly faster cold starts than competing serverless options while keeping easy, global deployment and free-tier options.

Microsoft named Leader in 2025 Gartner Email Security

🔒 Microsoft has been named a Leader in the 2025 Gartner® Magic Quadrant for Email Security, recognizing advances in Microsoft Defender for Office 365. The announcement highlights agentic AI innovations and automated workflows—including an agentic email grading system and the Microsoft Security Copilot Phishing Triage Agent—that reduce manual triage and speed investigations. Microsoft also cites new protections like email bombing detection and expanded coverage across collaboration surfaces such as Microsoft Teams, while committing to greater transparency through in-product benchmarking and reporting.

Amazon SES Mail Manager Expands to 10 More Regions

📢 Amazon SES Mail Manager is now available in 10 additional commercial AWS Regions, bringing total coverage to 27 Regions and aligning Mail Manager availability with where SES Outbound is offered. Mail Manager centralizes email routing, governance, and compliance controls for domain-based sending, helping organizations replace legacy relays and streamline integrations with mailbox providers and email security vendors. It also supports onward delivery to WorkMail, built-in archiving with search and export, and console-based third-party security add-ons to simplify operations.

Amazon OpenSearch Service Adds Automatic Semantic Enrichment

🔍 Amazon OpenSearch Service now provides automatic semantic enrichment for managed domains, extending an earlier capability from OpenSearch Serverless to managed clusters and enabling semantic search with minimal configuration. The feature performs semantic processing automatically so customers do not need to manage ML models. It supports English-only and multilingual variants across 15 languages (including Arabic, French, Hindi, Japanese, and Korean) and is billed based on ingestion usage as OpenSearch Compute Unit (OCU) - Semantic Search. The capability requires OpenSearch 2.19 or later and is currently available for non‑VPC domains in selected AWS Regions; see the OpenSearch Service documentation for setup and configuration details.

Amazon SageMaker enables self-service notebook migration

🔁 Amazon SageMaker Notebook instances now support self-service migration via the PlatformIdentifier parameter in the UpdateNotebookInstance API. You can update unsupported platform identifiers (notebook-al1-v1, notebook-al2-v1, notebook-al2-v2) to supported versions (notebook-al2-v3, notebook-al2023-v1) while preserving data and configurations. The capability is available through AWS CLI (v2.31.27+) and SDKs in all Regions where Notebook instances are supported. This simplifies keeping instances current and reduces manual migration effort.

Amazon Connect Outbound Campaigns Adds WhatsApp Support

📣 Amazon Connect Outbound Campaigns now supports WhatsApp, enabling proactive, automated messaging for appointment reminders, payment notifications, order updates, and product recommendations. Administrators can configure WhatsApp campaigns in the existing Amazon Connect interface—define target audiences, personalize message templates, schedule delivery, and apply compliance guardrails alongside SMS, voice, and email. Messages can leverage real-time customer data and include delivery and engagement tracking as well as frequency controls to maintain compliance. This capability is available in all AWS Regions that support Outbound Campaigns.

Pegasus 1.2 Available with Global Cross-Region Inference

📣 Amazon Bedrock now offers TwelveLabs Pegasus 1.2 via Global cross-Region inference, expanding availability by 23 new Regions in addition to the seven where it was already supported. You can also access the model in all EU Regions using Geographic cross-Region inference to meet data-residency requirements. Pegasus 1.2 is a video-first model for long-form video-to-text generation and temporal understanding, enabling lower latency and simplified architecture for video-intelligence applications.

Amazon SES Adds VPC Endpoints for API Access in All Regions

🔒 Amazon Simple Email Service (SES) now supports accessing SES API endpoints via Virtual Private Cloud (VPC) endpoints. Customers can use VPC endpoints to send email and manage SES resource configuration without routing API traffic through an internet gateway, reducing exposure of VPC activity to the public internet. The capability is available in all AWS Regions where SES is offered, simplifying private network architectures.

AWS Elastic Beanstalk: Node.js 24 on AL2023 Now Available

🚀 AWS Elastic Beanstalk now supports Node.js 24 on Amazon Linux 2023 (AL2023), enabling developers to deploy applications that benefit from the latest V8 engine updates, npm 11, and platform-level security and performance improvements. You can create environments via the Elastic Beanstalk Console, CLI, or API. The platform is available in all commercial AWS Regions, including AWS GovCloud (US).

Securing Web3 Agents: MCP Transaction Models & Practices

🔐 This post from Adrien Delaroche at Google Cloud outlines three architectures for AI agents that interact with blockchains: the agent-controlled custodial model, a self-hosted variant, and the non-custodial transaction-crafter model. It explains security, performance, and malice risks when agents hold private keys and recommends returning unsigned transactions so users sign locally. The author demonstrates a sample implementation using Google ADK, Gemini 2.0 Flash, Cloud Run, and an Ethereum faucet, and urges MCP servers to support both signing and unsigned flows to balance automation with user safety.

Back Market Migrates to Google Data Cloud, Cuts Costs

🔁 Back Market migrated its data and core tech stack from AWS-based Snowflake and Databricks to Google Cloud, consolidating all historical and operational data in BigQuery. The team executed a two-week proof of concept and a live double-run migration that kept production on Databricks while writing to cloned BigQuery tables until outputs matched. They replaced AWS DMS with Datastream, implemented hourly batching to control small-file costs, and completed critical switchover in six months. The move halved data processing times, cut CDC costs by 90%, reduced technical debt, and improved observability, governance, and developer productivity.

Amazon Connect Customer Profiles adds Spark SQL segments

🔍 Amazon Connect Customer Profiles now offers Beta segmentation powered by Spark SQL, enabling analysts to build sophisticated customer segments from both custom and standard profile objects. You can join objects, apply statistical functions such as percentiles, and standardize date fields for complex temporal analysis, or use the Segment AI assistant to translate natural language into Spark SQL. AI-generated queries include plain-language explanations and automatic membership estimates so you can review and validate results before deployment. These capabilities work alongside existing segmentation features and integrate with segment membership calls, Flow blocks, and Outbound Campaigns, and are available in all AWS regions where Customer Profiles is offered.

Practical Guide to Continuous Attack Surface Visibility

🔍 Modern security teams can no longer rely solely on static, passive internet-scan datasets to understand their external attack surface. Continuous, automated, active reconnaissance verifies what is actually exposed daily, catching ephemeral assets, misconfigurations, and shadow IT that periodic scans miss. Sprocket Security presents an ASM-driven approach that emphasizes validation, ownership attribution, and prioritized, actionable findings to reduce noise and speed remediation. This defensive, non-intrusive enumeration is environment-aware and designed to map changing cloud footprints in near real time.