< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4623 articles · page 35 of 232

Amazon RDS Custom adds latest SQL Server GDR fixes

🔔 Amazon RDS Custom for SQL Server now supports the latest General Distribution Release (GDR) updates for Microsoft SQL Server, including SQL Server 2019 CU32+GDR KB5084816 and SQL Server 2022 CU24+GDR KB5083252. These updates address vulnerabilities tracked as CVE-2026-32167 and CVE-2026-32176. You can apply the updates via the Amazon RDS Management Console or programmatically with the AWS SDK or CLI, and guidance is available in the Amazon RDS Custom User Guide.
read more →

Amazon Quick Research adds customer-managed KMS keys

🔐 Amazon Quick Research now supports customer-managed keys (CMKs) via AWS Key Management Service (KMS), enabling organizations to manage encryption keys for their Quick data. Customer-managed keys provide enhanced control, CloudTrail-based auditing, and the ability to revoke compromised keys within 15 minutes. Only symmetric KMS keys created in the same account and region are supported, with one default CMK per account per region and support for multiple CMKs across datasets.
read more →

Amazon Bedrock adds request-level usage attribution

🛈 Amazon Bedrock now supports request-level usage attribution on the InvokeModel and InvokeModelWithResponseStream APIs, enabling customers to tag individual model inference calls with attributes such as team, project, and environment. This capability extends existing attribution options like application inference profiles, IAM principal attribution, project-level tracking on bedrock-mantle, and workspace tracking for Anthropic Claude models. Customers can enable model invocation logging in their AWS Region and include metadata in requests to analyze usage in Bedrock model invocation logs. The feature is available in all AWS commercial Regions where Amazon Bedrock is offered.
read more →

Why Amazon Bedrock AgentCore Chose Cedar Policies for Agents

🔒 Amazon explains how AgentCore Gateway enforces a centralized authorization layer between autonomous agents and external tools, treating the LLM as an untrusted actor. Policies are expressed in the open-source Cedar language for readability, bounded execution, and mathematical analyzability, enabling deterministic enforcement and formal verification during policy authoring and attachment. A neuro-symbolic workflow translates natural-language rules into Cedar, validates them with Cedar Analysis, and enforces decisions at runtime to constrain tool invocations and filter unavailable actions.
read more →

AWS Deadline Cloud adds job attachment browsing

🎯 AWS Deadline Cloud now lets users browse job attachment files directly within the Deadline Cloud monitor. The fully managed render management service handles uploads and downloads via Amazon S3, and the new capability shows files organized as inputs and outputs. Users can view attached assets in the browser or desktop monitor and download individual files without retrieving all job outputs.
read more →

AWS Security Hub Adds Unused Identity Access Detection

🔐 AWS Security Hub now brings identity risk into the same unified console where central security teams manage threats, exposures, and posture findings. It detects unused IAM permissions, roles, and credentials across an AWS organization and correlates those identity findings with exposure context. When enabled, Security Hub automatically creates a service‑linked IAM Access Analyzer in each member account and evaluates 90 days of actual access activity. It also offers on‑demand recommended least‑privilege policies and is included in Security Hub Essentials at no additional cost.
read more →

Amazon DocumentDB 8.0 Serverless Now Available

🚀 Amazon DocumentDB (with MongoDB compatibility) Serverless is now available on DocumentDB 8.0. This on-demand, auto-scaling configuration automatically adjusts capacity based on application demand and can deliver up to 90% cost savings versus provisioning for peak load. DocumentDB 8.0 also offers up to 7x improved query latency, up to 5x better compression, broader MongoDB API compatibility (6.0–8.0), enhanced vector search, and other new features.
read more →

AWS Security Hub Extended Expands Curated Partner Set

🔒 AWS Security Hub Extended adds 21 curated partner solutions across nine security categories, including SentinelOne, CyberArk, Sublime, Varonis, LayerX, Native Security, and Zenity. The plan centralizes procurement, billing, and support with pay-as-you-go pricing, a single AWS bill, automatic Enterprise Discount Program eligibility, unified Level 1 support for Enterprise customers, and no long-term commitments. Findings from participating solutions are emitted in the OCSF schema and aggregated in AWS Security Hub to accelerate cross-domain detection and response.
read more →

SageMaker Unified Studio adds data quality tools

🛠️ Amazon SageMaker Unified Studio now integrates data quality rule authoring and evaluation powered by AWS Glue Data Quality. Data engineers, analysts, and data scientists can define rules, run evaluations, and view results for both data at rest and data in transit. The feature supports catalog table checks and Visual ETL job evaluations to detect issues before they impact analytics or ML workloads.
read more →

Security Hub Extended: A New Product-Led Adoption Model

🔒Security Hub Extended expands AWS Security Hub to include curated partner solutions in a single, unified console. Customers can discover, evaluate, and deploy vendor products with one click and pay-as-you-go pricing on their AWS bill, avoiding lengthy procurement and multi-year commitments. Integrated onboarding, OCSF-normalized findings, and AWS-native correlation surface combined attack paths and risk scoring. The offering launched in February 2026 with an expanding partner ecosystem.
read more →

AWS Introduces ExtendDB: DynamoDB API with Backends

🧩 ExtendDB v0.1 implements the DynamoDB API with pluggable storage backends, enabling developers to run DynamoDB-shaped workloads outside AWS-managed service. The reference backend uses PostgreSQL, and the architecture supports community-contributed adapters. Maintained by AWS under the Apache 2.0 license, ExtendDB targets local development, CI testing, on‑premises deployments, and disconnected edge sites. The project is open on GitHub for contributions.
read more →

Securing a Culture of Cultures: Microsoft Gaming Risks

🎮 In this Deputy CISO post, Aaron Zollman, Vice President and Deputy CISO for Gaming at Microsoft, outlines the distinct security demands of a global, diverse gaming ecosystem. He describes gaming as a “culture of cultures,” spanning platforms, independent studios, and shared studio central teams, each carrying unique risks from account takeover and IP theft to supply chain and regulatory challenges. Zollman stresses partnership over prescription—balancing enterprise-grade controls with low-latency player experiences and studio autonomy. The piece calls for layered defenses, identity governance, anomaly detection, and tailored baselines to protect billions of interactions while enabling creativity.
read more →

Azure IaaS: System-Level Approach for High Performance

🔧 This third post in the Azure IaaS series argues that cloud performance must be managed as a coordinated system across compute, storage, and networking rather than as isolated resource choices. It highlights platform features like Azure Boost, Ultra Disk, and Premium SSD v2 that offload processing, tune I/O, and decouple capacity from throughput. The article examines requirements for AI, cloud-native, and business-critical workloads and explains how Azure services such as AKS, Azure Container Storage, ExpressRoute, and advanced networking (eBPF/Cilium, Accelerated Networking) combine to deliver consistent, scalable, and recoverable performance.
read more →

GKE Agent Sandbox GA and Agent Substrate Launch on GKE

🚀 Google Cloud announced general availability of GKE Agent Sandbox and introduced the open-source Agent Substrate. Agent Sandbox is a cloud-native execution environment designed for AI agents, offering pod snapshots to suspend idle workloads, an integrated warm pool for sub-second provisioning, gVisor and pluggable kernel isolation, and standby suspended VMs to reduce warm-pool cost. Agent Substrate aims to provide a minimal control plane and scheduler optimizations to support ultra-dense, low-latency agent workloads at scale.
read more →

Google AI Edge Portal Adds On‑Device LLM Benchmarking

🚀 Google AI Edge Portal now enables developers to benchmark and debug on-device LLMs across a physical lab of over 120 representative Android devices. It profiles initialization time, prefill and decode speeds, and peak memory usage across CPU, GPU, and NPU backends to surface real user-impacting metrics. The integrated Model Explorer visualizes model graphs, tensor shapes, and traces to speed root-cause analysis and collaboration.
read more →

Urban Outfitters Migrates Sterling OMS to AlloyDB Platform

🚀Urban Outfitters, Inc. (URBN) recently migrated its IBM Sterling OMS from an 11TB Oracle backend to Google Cloud’s AlloyDB for PostgreSQL to reduce TCO and improve scalability and performance. The migration was executed through close collaboration among URBN, IBM, and Google Cloud, with embedded engineering teams driving planning, testing, and tuning. Outcomes included optimized storage and compute, two read replicas for higher availability, significant performance improvements, and a shift toward open standards to future-proof operations.
read more →

Google Agent Executor: Open Runtime for Distributed Agents

🔧 Google today introduced Agent Executor, an open-source runtime standard for durable, resumable, and distributed agent execution. It offers event logging and snapshotting to enable durable execution, secure sandbox isolation to limit harm, and a single-writer architecture to maintain session consistency. Agent Executor also supports connection recovery so clients can reconnect to long-running workflows. The project is available in preview and pairs with Agent Substrate to improve Kubernetes-scale agent scheduling.
read more →

ECS Adds Amazon EBS Volume Support in GovCloud Regions

🔒 Amazon Elastic Container Service (ECS) now supports mounting Amazon Elastic Block Store (EBS) volumes to containers in AWS GovCloud Regions. This lets you deploy storage- and data-intensive workloads such as ETL, media transcoding, and ML inference using serverless containers. With EBS task attachment ECS can provision, manage, format or use snapshots automatically. Support is available for EC2, Fargate, and Managed Instances launch types.
read more →

AWS Transform adds automated network modernization

🔧 AWS announced that AWS Transform now includes a modernization engine and broad file-format support to streamline network migrations. The engine analyzes and optimizes constructs across naming, sizing, security, and structure while surfacing conflicts with existing VPCs in target accounts, replacing days of manual review with instant guidance. Customers can upload network configuration files in any format for translation into AWS-compatible networks, review and edit mapped VPCs or subnets, and retain control before provisioning.
read more →

AWS Local Zone Now Available in Istanbul, Türkiye Region

🚀 AWS announces general availability of a new AWS Local Zone in Istanbul, Türkiye, bringing compute, storage, networking, and select services closer to end users. The Local Zone supports Amazon EC2 (C7i, M7i, R7i), Amazon S3 One Zone-Infrequent Access, Amazon EBS (local snapshots and gp3/gp2/io1/sc1/st1), Amazon ECS, Amazon EKS, VPC, AWS Direct Connect, and Application Load Balancer. To enable, turn on the zone (eu-central-1-ist-1a) in the EC2 console or use the ModifyAvailabilityZoneGroup API to reduce latency and meet data residency needs.
read more →