< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4623 articles · page 34 of 232

AWS Clean Rooms adds mutable payment controls

🔒 AWS Clean Rooms now supports mutable, fine-grained payment configurations that let collaboration members flexibly assign payment responsibilities. Customers can designate which partners are authorized to pay for specific cost types—such as SQL queries, PySpark jobs, ML training and inference, and synthetic data generation—after a collaboration is created. Authorized payers can be added or removed via change requests that require member approval; SQL and PySpark analyses may have multiple payers and one can be chosen at submission.
read more →

AWS Secrets Manager adds Datadog and Snowflake support

🔐 AWS Secrets Manager now supports managed external secrets for Datadog vended keys and Snowflake Programmatic Access Tokens, enabling automatic rotation of third-party credentials directly within Secrets Manager. The update covers Datadog API keys, Application keys, and admin credential pairs for service accounts. For Snowflake, Secrets Manager can rotate Programmatic Access Tokens using Snowflake's native authentication and offers a configurable grace period to minimize disruption. These additions join existing integrations such as BigID, Confluent Cloud, MongoDB Atlas, and Salesforce and are available in all Regions where managed external secrets is supported.
read more →

CloudWatch Logs Insights adds new query capabilities

🔍 Amazon CloudWatch Logs Insights query language gains 13 new commands and functions to enhance log querying, transformation, and analysis. New features include string and numeric functions like round, startswith, endswith, case, regex_replace, and haversine, encoding/decoding functions such as urlencode, urldecode, base64encode, base64decode, and parse/analysis commands like parse logfmt, expand, and relevantfields. These additions enable prefix filtering, inline Base64 decoding, logfmt parsing, JSON array expansion, geographic distance calculation, and automatic surfacing of relevant fields across high-cardinality groups.
read more →

Amazon EMR adds Apache Spark 4.0.2 support

🚀 Amazon EMR now supports Apache Spark 4.0.2 across all deployment models, adding ANSI SQL and VARIANT data type support to simplify data pipelines. The release enables fine-grained access control (FGAC) for read and write operations on Lake Formation registered tables and adopts Apache Iceberg v3 for stronger transaction guarantees and lineage tracking. Enhanced streaming capabilities improve stateful processing and monitoring for real-time applications.
read more →

AWS Completes S&P Global KY3P Assessment Report

🔒 AWS has completed the S&P Global Know Your Third Party (KY3P) assessment to validate its security posture and help customers reduce supplier due diligence. The KY3P assessment is evidence-based and evaluates operation of controls across privacy, network, access, and physical security domains. Results can be mapped to frameworks such as NIST CSF v2, PCI DSS 4.0, and ISO 27001:2022 to provide customers with standardized risk data and improved visibility into supply chain risks.
read more →

AWS launches C7i-flex and M7i instances in HYD

🟦 Amazon EC2 C7i-flex, M7i-flex, and M7i instances powered by custom 4th Gen Intel Xeon Scalable (Sapphire Rapids) processors are now available in the Asia Pacific (Hyderabad) region. These custom AWS-only processors deliver up to 15% better performance versus comparable x86 Intel processors used by other clouds. C7i-flex and M7i-flex provide up to 19% improved price-performance for common general-purpose workloads, while M7i offers up to 15% price-performance gains and larger sizes including bare metal with Intel accelerators.
read more →

SageMaker Unified Studio automates Glue connector provisioning

🔧 Amazon SageMaker Unified Studio now automatically creates Glue connections across subnets to enable job retries when a primary subnet becomes unavailable. Administrators define a domain VPC with multiple private subnets and the system provisions connectors for new projects so retries can run on alternate subnets without manual intervention. This reduces unplanned data-pipeline downtime and helps meet SLAs across AWS Regions where SageMaker Unified Studio is available.
read more →

SageMaker Inference Adds OpenAI-Compatible APIs

🧩 Amazon SageMaker Inference now supports OpenAI-compatible APIs, enabling existing tools and frameworks like the OpenAI SDK, LangChain, and Strands Agents to connect directly to SageMaker endpoints. Switching requires only changing an endpoint URL, with no custom integration code or SDK wrappers. You can continue using your current authentication approach while choosing GPU instances, keeping data in your VPC, running open source or fine-tuned models, and leveraging auto-scaling policies. This capability is available today across multiple AWS regions with AWS credentials and automatic token refresh for production use.
read more →

Cloudflare CASB Adds Claude Compliance API Support

🔒 Cloudflare has extended its Cloud Access Security Broker (CASB) to support the Claude Compliance API, enabling security and compliance teams to monitor Claude Enterprise activity directly in the Cloudflare dashboard without endpoint agents. The integration surfaces security findings for projects, attachments, chat files, messages, and provider-generated artifacts, and groups findings by category and severity. Customers can immediately convert findings into enforcement actions via Gateway policies and use existing detection and remediation workflows. Setup requires a Claude Enterprise account and Compliance API access, and the integration begins scanning and surfacing findings within minutes.
read more →

Automating identity lifecycle with AWS Directory APIs

🔒 AWS Managed Microsoft AD now supports CRUD operations on users and groups through the Directory Service Data APIs, accessible via the AWS CLI, APIs, and Management Console. This enables automation of identity lifecycle management and tighter security controls by integrating with services like Amazon GuardDuty, AWS Step Functions, and Amazon EventBridge. The blog demonstrates a practical workflow that detects unusual AD user behavior and triggers automated remediation such as disabling accounts and notifying stakeholders.
read more →

Google Cloud I/O updates for startup founders

🚀 At Google I/O ‘26, Google Cloud announced expanded agentic capabilities, new frontier models, and developer tools to help startups move from prototype to production. Highlights include Gemini 3.5 Flash and Gemini Omni for multimodal content, Antigravity 2.0 as an agent control plane with CLI/SDK and dynamic subagents, and Managed Agents to run agent workloads securely in Google Cloud. The releases aim to accelerate development, reduce infrastructure overhead, and provide enterprise-grade security.
read more →

Microsoft Security updates and new capabilities — May 2026

🔒 Microsoft announced a set of security enhancements designed to protect agents, data, and identities as organizations scale AI. Highlights include the general availability of Microsoft Purview DSPM, expanded investigation capabilities with OCR and custom examinations, and a new Entra ID Account recovery flow for restoring organizational access. Public preview of Windows 365 for Agents and integration with Microsoft Agent 365 aim to govern and secure agent workloads in managed Cloud PCs.
read more →

Google Cloud launches AppLifecycle Manager Feature Flags

🔔 AppLifecycle Manager Feature Flags (ALM FF) enters public preview as a rule-based service to decouple feature releases from code deployments. By using toggles and the Common Expression Language (CEL), teams can perform gradual rollouts, instant kill-switches, and percentage-based traffic ramps. String-type flags enable dynamic configuration for applications, including LLM prompts, while OpenFeature compatibility avoids vendor lock-in.
read more →

Amazon Aurora MySQL Adds MySQL 8.4 Support

🔒 Amazon Aurora MySQL-Compatible Edition now supports community MySQL 8.4, aligning Aurora version numbers with community releases and managing underlying patches for customers. The release enforces stronger security defaults—TLS 1.2/1.3 only and caching_sha2_password for new accounts—and offers customizable password validation via DB cluster parameter groups. Automated upgrade prechecks reduce upgrade risk, and multiple upgrade and migration paths are supported, including Blue/Green Deployments and AWS DMS.
read more →

AI Studio expands database choices and Starter Tier

🛠️ At Google I/O 2026, Google announced expanded integration between AI Studio and Google Cloud, allowing new users to deploy up to two full-stack apps on the Starter Tier without a billing account. Developers can now choose between Firestore (non-relational) and Cloud SQL (relational) with Firebase Auth for unified authentication. The AI agent can infer or provision the appropriate database, provision resources, generate schema and code, and deploy apps directly to Cloud Run for rapid prototyping.
read more →

Apple Blocks Billions in Fraudulent App Store Activity

🛡️ Apple reported blocking more than $2.2 billion in potentially fraudulent App Store transactions in 2025, and over $11 billion across the past six years. The company rejected over 2 million problematic app submissions, terminated 193,000 developer accounts for fraud, and blocked more than 1.1 billion fraudulent account creations. Apple also prevented use of 5.4 million stolen credit cards, removed tens of thousands of deceptive apps, and blocked nearly 195 million fraudulent reviews and ratings.
read more →

Protect GenAI Chatbots with Check Point WAF

🛡️ Check Point explains why GenAI chatbots create new security risks by acting as a front door to internal systems and data. The post highlights real incidents—prompt injection, data exposure, and misleading responses—that demonstrate legal, financial, and reputational impacts. It describes how Check Point WAF extends unified application and API security into the conversational layer to detect and block malicious prompts, prevent data leaks, and control unsafe outputs.
read more →

Threat-Informed OT Security for Critical Infrastructure

🔒 Operational technology (OT) environments differ fundamentally from IT and demand a threat-informed approach to security that balances safety, uptime, and continuity. Traditional IT controls can disrupt industrial processes, so visibility, asset context, segmentation, and collaboration between IT and OT teams are essential. Fortinet recommends phased, visibility-first segmentation aligned with ISA/IEC 62443, OT-aware policies, passive discovery, and tailored protections such as virtual patching and secure remote access.
read more →

Flipper One: Community Builds Open Linux Platform Project

🚀 Flipper Devices is soliciting community help to develop Flipper One, a high-performance, ARM Linux platform for networking, SDR analysis, and local LLMs. Unlike the Flipper Zero, One is a different project built around a Rockchip RK3576 SoC paired with an RP2350 MCU in a dual-processor design. It targets modular expansion via M.2, PCIe, USB 3.1 and other interfaces. Prototypes exist but significant kernel, firmware, and hardware work remains.
read more →

Practical Guidance for Securing Google API Keys

🔐 This post explains why API keys are sensitive credentials for accessing Google AI and Cloud services and why careless handling leads to misuse or billing abuse. It outlines simple, actionable steps: create keys in dedicated projects, apply API and application restrictions, and store keys in Secret Manager or equivalent. The article also covers detection and response—how to list keys, monitor usage metrics, delete compromised keys, and rotate keys to reduce risk.
read more →