All news in category "Vendor and Hyperscaler Watch"

Ericsson Secures Data Integrity with Dataplex Governance

🔒 Ericsson has implemented a global data governance framework using Dataplex Universal Catalog on Google Cloud to ensure data integrity, discoverability, and compliance across its Managed Services operation. The program standardized a business glossary, automated quality checks with incident-driven alerts, and visualized column-level lineage to support analytics, AI, and automation at scale. It balances defensive compliance with offensive innovation and embeds stewardship through Ericsson’s Data Operating Model.

When to Use Sub-Agents Versus Agents as Tools for ADK

🧭 This post explains when to use sub-agents versus packaging agents as tools when building multi-agent systems with Google's Agent Development Kit (ADK). It contrasts agents-as-tools — encapsulated, stateless specialists invoked like deterministic function calls — with sub-agents, which are stateful, context-aware delegates that manage multi-step workflows. The guidance highlights trade-offs across task complexity, context sharing, reusability, and autonomy, and illustrates the patterns with data-agent and travel-planner examples to help architects choose efficient, scalable designs.

Google Cloud Establishes New European Advisory Board

🇪🇺 Google Cloud has formed a new European Advisory Board to provide strategic counsel on regulatory, product, and market priorities and to help customers navigate complex European requirements. The board unites leaders from technology, finance, retail, and public service, chaired by Jim Snabe, and includes Stefan Heidenreich, Nigel Hinshelwood, Christophe Cuvillier and Tim Radford (joining Jan 2026). The group will meet periodically to guide Europe-first product development, policy engagement, and sustainability efforts, reinforcing Google Cloud’s commitment to regional expertise and customer-focused innovation.

Cloudflare Launches Self-Serve BYOIP API with RPKI

🔐 Cloudflare unveiled a self‑serve BYOIP API enabling customers to onboard and manage their own IP prefixes via automated workflows. The new flow replaces manual LOA reviews with a two-step validation that uses RPKI ROAs plus either IRR route-object modification or a reverse DNS validation token. Cloudflare will auto-generate LOA-style documentation for operators that still require it and enforces a default service binding to prevent accidental prefix blackholing. The initial rollout supports prefixes originated from AS13335 and is designed to shorten deployment timelines while strengthening routing security.

Expanding CloudGuard: Securing GenAI Application Platforms

🔒 Check Point expands CloudGuard to protect GenAI applications by extending the ML-driven, open-source CloudGuard WAF that learns from live traffic. The platform moves beyond traditional static WAFs to secure web interactions, APIs (REST, GraphQL) and model-integrated endpoints with continuous learning and high threat-prevention accuracy. This evolution targets modern attack surfaces introduced by generative AI workloads and APIs.

Tiered KV Cache Boosts LLM Performance on GKE with HBM

🚀 LMCache implements a node-local, tiered KV Cache on GKE to extend the GPU HBM-backed Key-Value store into CPU RAM and local SSD, increasing effective cache capacity and hit ratio. In benchmarks using Llama-3.3-70B-Instruct on an A3 mega instance (8×nvidia-h100-mega-80gb), configurations that added RAM and SSD reduced Time-to-First-Token and materially increased token throughput for long system prompts. The results demonstrate a practical approach to scale context windows while balancing cost and latency on GKE.

Agent Factory Recap: Build AI Apps in Minutes with Google

🤖 This recap of The Agent Factory features Logan Kilpatrick from Google DeepMind demonstrating vibe coding in Google AI Studio, a Build workflow that turns a natural-language app idea into a live prototype in under a minute. Live demos included a virtual food photographer, grounding with Google Maps, the AI Studio Gallery, and a speech-driven "Yap to App" pair programmer. The episode also surveyed agent ecosystem updates—Veo 3.1, Anthropic Skills, and Gemini improvements—and highlighted the shift from models to action-capable systems.

Build Your First AI Agent Workforce with Google's ADK

🤖 Google’s open-source Agent Development Kit (ADK) simplifies creating autonomous AI agents that use LLMs such as Gemini as their reasoning core. The post presents three hands-on codelabs that guide developers through building a personal assistant agent, adding custom and third-party tools, and orchestrating multi-agent workflows. Each lab demonstrates practical patterns—scaffolding an agent, integrating tools like Google Search and LangChain components, and using Workflow Agents and session state to pass information—so teams can progress from experiment to production-ready agent systems.

Google Adds Maps Form to Report Review Extortion Scams

📍 Google has introduced a dedicated form for businesses on Google Maps to report extortion attempts where threat actors post inauthentic negative reviews and demand payment to remove them. The move targets review bombing schemes that flood profiles with fake one-star reviews and then coerce owners, often via third-party messaging apps. Google also highlighted related threats — from job and AI impersonation scams to malicious VPN apps and fraud recovery cons — and advised practical precautions for affected merchants and users.

Amazon Cognito User Pools Add AWS PrivateLink Support

🔒 Amazon Cognito user pools now support AWS PrivateLink, enabling private VPC connectivity to manage and authenticate against user pools without traversing the public internet. The enhancement covers user pool management APIs, administrative operations, and sign-in for local Cognito users, but does not support OAuth 2.0 authorization code flow (hosted UI/social logins), client credentials, or federated SAML/OIDC sign-ins via VPC endpoints. It is available in all Regions where Cognito user pools exist except AWS GovCloud (US); creating VPC endpoints will incur AWS PrivateLink charges.

AWS KMS Adds Ed25519 (EdDSA) Support for Signatures

🔐 AWS Key Management Service (KMS) now supports the Edwards-curve Digital Signature Algorithm (EdDSA) using the Ed25519 curve. You can create asymmetric KMS keys or data key pairs to sign and verify EdDSA signatures, benefiting from 128-bit security equivalent to NIST P-256, faster signing, and compact 64‑byte signatures and 32‑byte public keys. This capability is available in all AWS Regions, including GovCloud and China.

AWS Advanced .NET Data Provider Driver Now GA for RDS

🔔 The Amazon Web Services Advanced .NET Data Provider Driver is now generally available for Amazon RDS and Amazon Aurora PostgreSQL and MySQL-compatible databases. The driver reduces RDS Blue/Green switchover and database failover times to improve application availability and supports multiple authentication mechanisms including Federated Authentication, AWS Secrets Manager, and IAM token-based authentication. Built on top of Npgsql, native MySql.Data and MySqlConnector, it integrates with NHibernate and supports Entity Framework for MySQL, and is released under the Apache 2.0 license.

Falcon Platform Enables Fast, CISO-Ready Executive Reports

🔒 The Falcon platform automates executive exposure reporting by correlating telemetry from Falcon Exposure Management, Falcon Cloud Security, and Falcon Next-Gen SIEM into decision-ready summaries. Falcon Fusion SOAR schedules or triggers workflows, and Charlotte AI agentic workflows translate correlated data into plain-language, prioritized reports on demand. The result is near real-time, adversary-aware reporting that maps exploitable vulnerabilities to critical assets and suggests prioritized remediation actions, dramatically reducing manual analyst effort.

Data Security Posture Management: Top DSPM Tools Reviewed

🛡️ Data Security Posture Management (DSPM) tools help organizations discover, classify and manage sensitive data across dynamic cloud environments. They focus on locating "shadow data" in known and unknown repositories and typically collect metadata via agentless or API-based scans to avoid moving raw data. DSPM dashboards catalog findings, map lineage and assess compliance, while remediation often integrates with SOAR, SIEM or CNAPP solutions. Many vendors now combine discovery with some automated "fix it" capabilities to streamline response.

Amazon SageMaker Adds Custom Tags for Project Resources

🔖 Amazon SageMaker Unified Studio now lets administrators define custom tags that are applied to resources created by a SageMaker project. Administrators configure project profiles to supply tag key/value pairs or keys with default values that users can modify during project creation, helping enforce tagging standards and support SCPs and cost allocation. This initial release is API-only and available across all supported AWS Regions.

Azure Ultra Disk: Performance, Cost, Instant Access

🚀Microsoft refreshed Azure Ultra Disk to deliver substantially lower tail latency, finer provisioning granularity, and faster snapshot-driven recovery for mission-critical workloads. Platform changes target an 80% reduction in P99.9 and outlier latency and a ~30% improvement in average latency. The update raises the IOPS/GiB ceiling to 1,000, introduces 1 GiB billing granularity, and sets minimums of 100 IOPS and 1 MB/s per disk to improve cost optimization. Instant Access Snapshot (public preview) enables disks from snapshots to hydrate up to 10x faster for rapid recovery and scale-out.

Kaspersky SD-WAN 2.5: Efficiency and Reliability Gains

🔒 Kaspersky's new SD-WAN 2.5 delivers improved network reliability, performance, and operational efficiency through enhanced traffic rerouting, conditional DNS forwarding, and scheduled CPE configuration. The release automates complex tasks — from graphical BGP/OSPF debugging in the orchestrator to seamless CPE replacement — reducing downtime and lowering the load on regional IT staff. Additional capabilities such as LTE diagnostics, power-failure reporting, console-port security controls, and support for 2000+ CPEs further strengthen fault tolerance and manageability.

Continuous Purple Teaming for Ongoing Security Validation

🛡️ Continuous purple teaming unites offensive and defensive functions into a collaborative, repeatable cycle that turns testing into measurable defense improvement. Using Breach and Attack Simulation (BAS), teams automate emulations mapped to MITRE ATT&CK, safely execute simulated payloads, and instantly score prevention, detection, and response. That evidence-driven loop—attack, observe, fix, validate, repeat—reduces noise, prioritizes real risk, and accelerates remediation. With careful AI assistance and a curated BAS library, organizations can validate controls continuously and focus on the highest-impact gaps.

Amazon ECS: Managed EBS Permissions for Non-Root Containers

🔐 Amazon Elastic Container Service (ECS) now supports mounting Amazon EBS volumes to containers running as non-root users. ECS automatically sets file system permissions on the attached EBS volume so non-root processes can securely read and write while preserving root ownership. This removes the need for manual chown/chmod or custom entrypoint scripts, simplifying security-first container deployments. The capability is available across all AWS Regions for EC2, AWS Fargate, and ECS Managed Instances.

Amazon EVS Expanded to Mumbai, Sydney, Canada, Paris

🚀 Amazon has expanded Amazon Elastic VMware Service (EVS) to all availability zones in Asia Pacific (Mumbai), Asia Pacific (Sydney), Canada (Central), and Europe (Paris). EVS runs VMware Cloud Foundation on EC2 bare‑metal instances powered by AWS Nitro, and can be deployed via a step‑by‑step workflow or the AWS CLI in hours. The expansion delivers lower latency, improved data‑residency options, and additional resiliency and high‑availability choices for VMware workloads.