All news in category "Vendor and Hyperscaler Watch"

AWS Expands R8i and R8i-flex Instances to Three Regions

⚡ Amazon EC2 R8i and R8i-flex instances are now available in Asia Pacific (Sydney), Canada (Central), and US West (N. California). Powered by AWS-exclusive custom Intel Xeon 6 processors, they offer up to 15% better price-performance and 2.5× the memory bandwidth versus prior Intel-based instances, and about 20% higher performance than R7i. R8i-flex provides common memory-optimized sizes from large to 16xlarge for workloads that underutilize CPU; R8i includes 13 sizes, two bare-metal options and a new 96xlarge, and is SAP-certified at 142,100 aSAPS. Available via Savings Plans, On-Demand, and Spot.

AWS Site-to-Site VPN Adds BGP Logging for Tunnels Now

🔍 AWS Site-to-Site VPN now publishes Border Gateway Protocol (BGP) logs from VPN tunnels to Amazon CloudWatch, providing deeper visibility into routing and session behavior. Previously, customers only had access to IKE/IPSec tunnel activity logs; the new BGP logs show session status, transitions, routing updates, and detailed error states. With both tunnel and BGP logs in CloudWatch, teams can correlate events, speed troubleshooting, and identify configuration mismatches between AWS endpoints and customer gateways across commercial Regions and AWS GovCloud (US).

CloudWatch Application Map Adds Un‑instrumented Discovery

🔍 Amazon CloudWatch Application Map now detects and visualizes services that are not instrumented with Application Signals, providing out-of-the-box observability coverage across distributed environments. It also offers cross-account, unified views and retains a history of recent changes so teams can correlate configuration modifications with performance shifts. These enhancements aim to reduce MTTR and are available at no additional cost in most AWS commercial regions.

AWS EC2 High Memory U7i Instances Expand Regions and Sizes

🚀 Amazon Web Services has expanded availability of its EC2 High Memory U7i instances: the u7in-16tb.224xlarge (16TiB) is now in AWS Europe (Ireland); u7i-12tb.224xlarge (12TiB) is available in Asia Pacific (Hyderabad); and u7i-8tb.112xlarge (8TiB) is available in Asia Pacific (Mumbai) and AWS GovCloud (US-West). Powered by custom 4th-gen Intel Xeon Scalable processors (Sapphire Rapids) and DDR5 memory, these instances provide high vCPU counts (up to 896), ENA Express support, up to 100Gbps EBS performance and up to 200Gbps networking on the 16TiB size, making them suited for mission-critical in-memory databases like SAP HANA, Oracle, and SQL Server.

Amazon CloudFront Adds CBOR Web Tokens and CAT Support

🔐 Amazon CloudFront now supports CWT (CBOR Web Tokens) and CAT (Common Access Tokens), providing a compact, binary alternative to JWTs using CBOR and protected with COSE. Developers can validate, generate, and refresh tokens directly in CloudFront Functions with sub-millisecond execution and seamless integration with the CloudFront Functions KeyValueStore for secure key management. CAT extends CWT with fine-grained access controls such as URL patterns, IP restrictions, and HTTP method limits, enabling edge-enforced authorization without additional charge.

EC2 Auto Scaling adds ReplaceRootVolume for live root swaps

🔁 Amazon EC2 Auto Scaling introduces the ReplaceRootVolume strategy for instance refresh, allowing replacement of an instance's root Amazon EBS volume without stopping or terminating the instance. The feature preserves attachments and metadata (network interfaces, elastic IPs) and reduces operational complexity for OS-level updates, patching, and recovery from corrupted root volumes. It is particularly valuable for specialized instance types such as Mac and GPU instances and for stateful applications where data and attachments must be preserved. ReplaceRootVolume is available in select regions at no additional cost beyond standard EC2 and EBS usage.

AWS PCS Adds Slurm REST API for Programmatic Job Control

🔁 The AWS Parallel Computing Service (AWS PCS) now supports the Slurm REST API, enabling programmatic job submission, resource management, and cluster monitoring over HTTP. This removes reliance on CLI-only workflows and lets teams integrate HPC operations into web portals, CI/CD pipelines, and data processing frameworks. The feature is available in all AWS Regions with AWS PCS and has no additional charge.

CrowdStrike Extends DSPM to Runtime for Cloud Data

🔒 CrowdStrike Falcon Data Protection for Cloud is now generally available, extending traditional DSPM into runtime to provide continuous visibility and protection for sensitive data in motion. Leveraging eBPF-powered monitoring, it detects unauthorized or risky data transfers across APIs, SaaS, containers, databases, and cloud storage without proxies or added infrastructure. The solution combines unified classification with integrated investigation and automated response, plus SIEM streaming and a lightweight Linux sensor for rapid deployment.

Attack Surface Management: 12 Tools to Harden Perimeter

🔒 Regular network scans are no longer sufficient to secure modern environments. This article reviews a dozen Attack Surface Management solutions—covering both CAASM and EASM approaches—that automate asset discovery, continuous monitoring, and risk prioritization. Vendors highlighted include Axonius, CrowdStrike, Microsoft Defender, Palo Alto Xpanse, and others that integrate with existing SOC tooling and often leverage agentic AI to assist detection and remediation. It concludes with seven practical questions to evaluate ASM needs, automation, remediation paths, and pricing models.

AWS introduces aws login for secure developer access

🔐 The new aws login CLI command lets developers obtain temporary programmatic credentials using the same sign-in method as the AWS Management Console, eliminating the need to create and manage long-term access keys. The command opens a browser-based OAuth2 flow and supports root/IAM user sign-in as well as federated identity providers. Issued credentials auto-rotate every 15 minutes and remain valid up to the IAM session duration (maximum 12 hours). Aws login integrates with profiles, remote development workflows, AWS SDKs, AWS Tools for PowerShell, and legacy SDKs via credential_process.

AWS Designated Critical Third-Party Provider under DORA

🔐 Amazon Web Services has been designated a critical third-party provider (CTPP) by the European Supervisory Authorities under the EU’s DORA regulation, which took effect in January 2025. The designation establishes a formal oversight relationship between AWS and the ESAs and signals heightened regulatory engagement for financial services customers operating in the EU. AWS says it will continue investing in compliance, operational resilience, risk management, and transparency, and will support customers with documentation, whitepapers, and a dedicated security and compliance team to help meet DORA obligations.

Amazon Connect: Conversational Analytics for Self-Service

🔍 Amazon Connect now provides conversational analytics for end-customer self-service across voice and digital channels, including PSTN/telephony, in-app and web calling, chat, SMS, WhatsApp Business, and Apple Messages for Business. The capability analyzes sentiment, redacts sensitive data, surfaces top contact drivers and themes, flags compliance risks, and supports semantic matching rules to categorize interactions. Administrators can use easy-to-customize dashboards to proactively identify areas for improvement and align automated flows with customer needs.

AWS Network Firewall — Managed Rule Groups from Marketplace

🔒 AWS Network Firewall now supports managed rule groups from AWS Marketplace partners, enabling customers to deploy partner-curated threat intelligence directly from the console. These managed rules are continuously updated by vendors and integrate with existing firewall architectures without routing changes. They reduce operational overhead across multiple VPCs and help maintain compliance and security posture. Customers should evaluate partner offerings against their requirements.

Google Named Leader in Gartner MQ for AI Platforms

🚀 Google has been named a Leader in the inaugural 2025 Gartner Magic Quadrant for AI Application Development Platforms and ranked highest for Ability to Execute. The announcement highlights Vertex AI as a unified, governed platform that delivers model choice, customization, and production-grade agent capabilities across an enterprise. Key capabilities cited include the Vertex AI Model Garden and Gemini 3, Vertex AI Training, Agent Builder and Agent Engine for multi-agent systems, and operational controls for observability, security, and predictable cost.

Amazon Bedrock Expands Availability to New Regions

🚀 Amazon Bedrock is now available in Africa (Cape Town), Canada West (Calgary), Mexico (Central), and Middle East (Bahrain). The managed service provides access to multiple foundation models and tools to build, deploy, and operate secure, scalable generative AI applications and agents. Customers in these Regions can expect lower latency, improved regional data options, and an easier path from experimentation to production.

Amazon Bedrock Expands Availability to Four New Regions

🚀 Beginning today, Amazon has made Amazon Bedrock available in Africa (Cape Town), Canada West (Calgary), Mexico (Central), and Middle East (Bahrain). The managed service provides secure access to a variety of foundation models and tools for building and operating generative AI applications and agents. With regional endpoints, customers can reduce latency and address data residency and compliance needs. To get started, customers can consult the Bedrock documentation and regional resources.

Check Point Launches Managed Rules for AWS Network Firewall

🔒 Check Point and AWS have introduced Check Point Managed Rules for AWS Network Firewall to simplify scaling network security across complex cloud environments. The service provides centrally managed, preconfigured rule sets that reduce the time and effort required to deploy and maintain firewalls across multiple VPCs and subnets. By automating updates and delivering threat-informed rules, the offering aims to lower operational overhead, accelerate response to new attack vectors, and free scarce IT resources for higher-value tasks.

Amazon Connect: Configure Ring Time for Outbound Campaigns

📞 Amazon Connect outbound campaigns now let campaign managers set ring duration from 15 to 60 seconds before a call is marked no answer and the dialer moves on. Each contact logs ring start and end timestamps for detailed, per-call reporting and traceability. The change enables tuning dialing behavior to audience patterns to improve contact rates and agent productivity. The feature is available in multiple AWS regions and follows the platform’s pay-as-you-go billing model.

Amazon: Nation-State Cyber-Enabled Kinetic Targeting

🔎 Amazon Threat Intelligence reports a rising trend in which nation-state actors use cyber operations to collect real-time intelligence that directly supports physical attacks. The team calls this behavior cyber-enabled kinetic targeting, documenting campaigns that compromised AIS platforms, CCTV feeds, and enterprise systems. Amazon highlights multi-source telemetry and partner collaboration, urging defenders to expand threat models to address digital activities that enable kinetic outcomes.

Amazon OpenSearch Serverless: Console Backup & Restore

🗄️ Amazon OpenSearch Serverless now supports backup and restore via the AWS Management Console, giving administrators a graphical option to manage snapshots. The service automatically creates backups for all collections and indexes every hour and retains them for 14 days; this behavior is enabled by default and requires no configuration. Restores can be initiated from either the Console or the API, simplifying recovery and operational workflows for serverless search deployments.