All news in category "Vendor and Hyperscaler Watch"

ExPRT.AI: Predicting Which Vulnerabilities Will Be Exploited

🔍 ExPRT.AI, embedded in Falcon Exposure Management, leverages CrowdStrike threat intelligence and real-time telemetry to predict which vulnerabilities attackers are most likely to exploit. Instead of relying solely on static CVSS ratings, it evaluates adversary tradecraft, observed exploit activity, software prevalence, patch adoption, and attack complexity to produce a daily exploitability score. These explainable scores feed directly into Falcon workflows to accelerate triage, prioritize fixes by real-world risk, and reduce manual noise in vulnerability management.

Microsoft Named Leader in 2025 Gartner SIEM Magic Quadrant

🔒 Microsoft has been recognized as a Leader in the 2025 Gartner® Magic Quadrant for Security Information and Event Management (SIEM). The announcement highlights Microsoft Sentinel as a cloud- and AI-powered SIEM that centralizes security data via a purpose-built data lake and supports agentic AI through the Model Context Protocol (MCP) server. The platform emphasizes cost optimization, SOC automation, and integrated SOAR, UEBA, and threat intelligence to accelerate detection and response.

AWS Marketplace Adds Purchase Order Line Number Support

🧾 AWS Marketplace now supports purchase order (PO) line numbers for Marketplace transactions, allowing customers to associate charges with a specific PO line during procurement and for future charges post-procurement in the AWS Marketplace console. Invoices show the related purchase order and PO line number in the Billing and Cost Management console, helping teams accurately match invoices to POs. This capability is available today in all supported AWS Regions.

Amazon Timestream Now Adds Managed InfluxDB 3 Support

🚀 Amazon Timestream now offers managed support for InfluxDB 3, enabling developers and DevOps teams to run InfluxDB 3 databases as a managed service. InfluxDB 3 introduces a new architecture built on Apache Arrow for in-memory processing, Apache DataFusion for query execution, and columnar Parquet storage with persistence to Amazon S3 to improve query performance and scale for high-cardinality workloads. The service is available in two editions—Core (open source, near real-time) and Enterprise (multi-node, HA, compaction for long-term storage)—with Enterprise supporting initial multi-node clusters up to three nodes. Available in all Regions where Timestream for InfluxDB is offered; see the console, documentation, and pricing to get started.

Vertex AI SDK Adds Prompt Management for Enterprises

🛠️ Google Cloud announced General Availability of Prompt Management in the Vertex AI SDK, enabling teams to programmatically create, version, and manage prompts as first-class assets. The capability bridges Vertex AI Studio’s visual prompt design with SDK-driven automation to improve collaboration, reproducibility, and lifecycle control. Enterprise security and compliance are supported via CMEK and VPCSC, and the SDK exposes simple Python methods to create, list, update, and delete prompt resources tied to models such as gemini-2.5-flash. Get started using the documented code examples to centralize prompt governance and scale generative AI workflows.

Microsoft: Office 2016 and 2019 Reach End of Support

⚠️ Microsoft has reminded customers that Office 2016 and Office 2019 reached the end of extended support on October 14, 2025. These releases will continue to operate but will no longer receive security updates, bug fixes, or technical support, increasing exposure to threats and compliance issues. Microsoft recommends migrating to Microsoft 365 Apps or newer perpetual releases such as Office 2024 or Office LTSC 2024, and notes that Visio, Project, and Skype for Business 2016/2019 are also out of support.

AWS Location Service Introduces Advanced Map Styling

🗺️ Amazon Web Services announced enhanced map styling for Amazon Location Service, enabling developers to customize maps with terrain visualization, contour lines, real-time traffic, and transportation-specific routing. Users can adjust parameters such as terrain, contour-density, traffic, and travel-mode through the GetStyleDescriptor API. These options support use cases including outdoor navigation, logistics planning, and traffic management while maintaining reliable performance.

Azure Storage Discovery GA: Enterprise Data Visibility

🔍 Azure Storage Discovery is now generally available as a fully managed service that provides enterprise-wide visibility across Azure Blob Storage and Azure Data Lake Storage. It delivers out-of-the-box dashboards, advanced visualizations, and multi-dimensional reports for capacity, activity, security, configuration, and error trends to help optimize costs and operations. Integrated Copilot in Azure allows users to ask natural-language questions and receive rich charts and tables without coding skills.

Unified Exposure Management: Shift to Preemptive Security

🔒 Modern MSSP and MDR models that focus on detection and response are increasingly insufficient as hybrid infrastructures and rapid cloud and third‑party changes expand attack surfaces. Unified Exposure Management Platforms (UEMPs) continuously discover assets, validate exploitability with automated simulations and penetration testing, and coordinate remediation to produce verifiable, business‑aligned risk reduction. Vendors like Picus Security package CTEM stages into a workflow that prioritizes, validates, and mobilizes fixes to shift security from reaction to prevention.

Amazon EC2 CPU Options Optimize License-Included Windows

🔧 Amazon EC2 now allows customers to modify CPU options on Windows Server and SQL Server license-included instances to reduce vCPU-based licensing costs. You can customize the number of vCPUs and disable hyperthreading to achieve higher memory-to-vCPU ratios while preserving instance memory and IOPS. This enhancement targets database workloads that need high memory and I/O but lower vCPU counts. See the Amazon EC2 User Guide and AWS blog post for implementation details and best practices.

Improving JavaScript Trustworthiness via WAICT for the Web

🔒 Cloudflare presents an early design for Web Application Integrity, Consistency, and Transparency (WAICT) to address the risks of mutable JavaScript in sensitive web apps. The proposal pairs expanded Subresource Integrity (SRI) and a signed integrity manifest with append-only transparency logs and third-party witnesses to provide verifiable inclusion and consistency proofs. Browser preload lists, proof-of-enrollment, and client-side cooldowns are used to avoid extra round trips and to limit stealthy changes. Cloudflare plans to participate as a service provider and to collaborate on standardization.

Amazon EC2: Optimize CPU for Windows license instances

🔧 Amazon EC2 now lets customers customize CPU options on Windows Server and SQL Server license-included instances, including changing vCPU counts and disabling hyperthreading. This capability targets workloads that need high memory and IOPS but fewer logical CPUs, enabling lower vCPU-based licensing costs while preserving instance memory and I/O performance. AWS highlights an r7i.8xlarge example where turning off hyperthreading reduces 32 vCPUs to 16, cutting licensing expenses by roughly 50%. The feature is available in all commercial AWS Regions and AWS GovCloud (US).

Amazon EC2 C8gn Instances Expand to Additional Regions

🚀 Amazon EC2 C8gn instances, powered by AWS Graviton4 processors, are now available in Asia Pacific (Malaysia, Sydney, Thailand), expanding AWS compute availability. C8gn offers up to 30% better compute versus Graviton3-based C7gn, features 6th-generation Nitro Cards, and delivers up to 600 Gbps network throughput. Instances scale to 48xlarge (up to 384 GiB) and selected large sizes support EFA for lower latency and improved cluster performance, optimizing cost for network-intensive workloads.

Microsoft adds Hey Copilot wake word to Windows 11 PCs

🤖 Microsoft has added the "Hey Copilot" wake word to Windows 11, letting users initiate conversations with the AI-powered Copilot assistant hands-free. The feature is opt-in and must be enabled in the Copilot app's Settings under Voice mode; when active a chime sounds and a microphone icon appears above the taskbar. Wake word detection uses an on-device 10-second audio buffer stored locally and never recorded, while request processing requires internet access. Copilot Vision can analyze screen content for troubleshooting and guidance, and optional connectors let Copilot generate Office documents and access third-party accounts.

Hidden Costs of Penetration Testing and Alternatives

🛡️ Penetration testing remains a critical control, but the classic, one-size-fits-all approach can create hidden financial and operational burdens. Administrative overheads, complex scoping decisions and indirect remediation work all add time and cost while risking scope creep and disruption. The article recommends flexible, consumption-based models—such as PTaaS and Outpost24's CyberFlex—to improve coverage, transparency and ROI.

Leading Incident Response Through Empathy and Care

🛡️ Laura Faria, an incident commander with Cisco Talos Incident Response, discusses leading through chaos, empathy, and teamwork during high-pressure security incidents. She traces a career across multiple cybersecurity vendors and sales roles before joining Talos and stepping into incident command. Laura emphasizes purpose-driven response work, particularly when outages affect critical infrastructure and patient safety. The interview highlights resilience, collaboration, and practical leadership lessons.

Amazon DocumentDB Adds IPv6 Dual-Stack Support for AWS

🌐 Amazon DocumentDB now supports IPv6 addressing for new and existing clusters, enabling dual-stack (IPv4/IPv6) deployments within VPCs. Customers can enable IPv6 with a few clicks in the AWS Management Console or programmatically via the AWS CLI to reduce address overlap and simplify networking. The change helps teams standardize applications on IPv6 and is generally available on versions 4.0 and 5.0 in supported Regions. Amazon DocumentDB remains a fully managed, native JSON database designed for scale and operational simplicity.

AWS Security Hub CSPM Adds CIS AWS Foundations v5.0

🛡️ AWS Security Hub CSPM now supports the CIS AWS Foundations Benchmark v5.0, introducing 40 automated configuration checks aligned to the industry standard. The new standard is available in all Regions where Security Hub CSPM operates, including AWS GovCloud (US) and the China Regions. AWS recommends using Security Hub CSPM central configuration to enable the standard across selected accounts and Regions with a single action. Customers can subscribe to the CSPM SNS topic for updates and try Security Hub free for 30 days.

AWS Global Accelerator Now Supports Two Asia Pacific Regions

🚀 AWS Global Accelerator now supports application endpoints in two additional AWS Regions — Asia Pacific (Thailand) and Asia Pacific (Taipei) — bringing total coverage to thirty-three Regions. The service offers static IP addresses, congestion-free AWS network routing, edge DDoS protections, and continuous health monitoring to enable deterministic multi-region failover without DNS dependencies. To use the new Regions, configure endpoints such as Application Load Balancers, Network Load Balancers, Amazon EC2 instances, or Elastic IPs and review the Global Accelerator documentation.

Encoding-Based Attack Protection with Bedrock Guardrails

🔒 Amazon Bedrock Guardrails offers configurable, cross-model safeguards to protect generative AI applications from encoding-based attacks that attempt to hide harmful content using encodings such as Base64, hexadecimal, ROT13, and Morse code. It implements a layered defense—output-focused filtering, prompt-attack detection, and customizable denied topics—so legitimate encoded inputs are allowed while attempts to request or generate encoded harmful outputs are blocked. The design emphasizes usability and performance by avoiding exhaustive input decoding and relying on post-generation evaluation.