All news in category "Vendor and Hyperscaler Watch"

Leading Bug Bounty Programs and Market Shifts 2025

🔒 Bug bounty programs remain a core component of security testing in 2025, drawing external researchers to identify flaws across web, mobile, AI, and critical infrastructure. Leading platforms like Bugcrowd, HackerOne, Synack and vendors such as Apple, Google, Microsoft and OpenAI have broadened scopes and increased payouts. Firms now reward full exploit chains and emphasize human-led reconnaissance over purely automated scanning. Programs also support regulatory compliance in critical sectors.

AWS Releases Whitepaper on European Sovereign Cloud

🔒 Amazon Web Services (AWS) published a whitepaper, Overview of the AWS European Sovereign Cloud, available in English, German, and French, outlining the planned design and objectives. The document describes a new, independent cloud for Europe supported by a €7.8 billion investment and a target launch of the first Region in the State of Brandenburg, Germany by the end of 2025. It highlights dedicated physical infrastructure, logical isolation, EU-based corporate governance, and continued access to the full AWS service portfolio while addressing data sovereignty and law enforcement processes.

CloudWatch Database Insights expands anomaly detection

🔍 Amazon CloudWatch Database Insights now detects anomalies across additional metrics in its on‑demand analysis experience. The ML-driven on‑demand reports identify anomalies in database-level and OS-level counters and surface per‑SQL anomalies for top statements, automatically comparing selected periods to learned baselines. The feature pairs intuitive visualizations with specific remediation advice to help reduce mean time to diagnosis. Enable Advanced mode for Amazon Aurora or Amazon RDS via the AWS Management Console, APIs, or CloudFormation and consult RDS and Aurora documentation for availability by region, engine, and instance class.

Amazon FSx Integrates with AWS Secrets Manager for AD

🔒 Amazon FSx now integrates with AWS Secrets Manager to store and manage Active Directory domain service account credentials for FSx for Windows File Server and FSx for NetApp ONTAP Storage Virtual Machines (SVMs). This removes the need to supply plain-text service account usernames and passwords in the console, APIs, CLI, or CloudFormation, and enables credential rotation and improved credential hygiene. The capability is available in all AWS Regions where FSx is offered.

Migrating from OPA to Amazon Verified Permissions Guide

🔁 This AWS Security Blog post by Samuel Folkes outlines a practical approach to migrating authorization from Open Policy Agent (OPA) and Rego to Amazon Verified Permissions using the Cedar policy language. It highlights key benefits: a fully managed service, reduced operational overhead, and significant performance gains. The article walks through schema design, common translation patterns (RBAC, ABAC, ReBAC), application integration changes, testing practices, and a phased deployment strategy to compare and validate behavior during migration.

Microsoft to Remove Office Sandbox MDAG from Enterprise

🔒 Microsoft confirmed that Microsoft Defender Application Guard (MDAG) for Office will be removed from enterprise Office builds, with phased removal beginning in 2026 and final cut-offs through 2027. MDAG used Hyper‑V sandboxing to isolate malicious Office documents but incurred slower load times and carried sandbox escape risks. Microsoft advises enabling Attack Surface Reduction (ASR) rules and Windows Defender Application Control (WDAC), and reviewing any automation, workflows, or SIEM integrations that depended on MDAG’s isolation logs.

Azure AI Foundry and UiPath: Agentic Automation in Care

🏥 Microsoft and UiPath describe how integrated agents from Azure AI Foundry and UiPath, orchestrated by UiPath Maestro, can operationalize AI within clinical workflows to surface and act on incidental radiology findings. The workflow uses UiPath medical record summarization agents to flag findings, Azure AI Foundry imaging agents to analyze PACS images and prior results, and UiPath agents to aggregate and forward consolidated follow-up reports to ordering clinicians. Microsoft says this agentic approach accelerates decision-making, reduces physician workload, and improves outcomes while maintaining compliance with DICOMweb and FHIR standards.

Check Point Scores 99.59% in NSS Labs Firewall Test

🔒 Check Point Software achieved the highest security effectiveness rating in the recent NSS Labs Enterprise Firewall Test, posting a 99.59% score. The result spotlights its prevention-first architecture and comprehensive threat coverage, which the company says outperformed competing vendors. The blog links this independent validation to rising AI-driven risks, citing Check Point Research findings that 1 in 54 GenAI prompts carries a high risk of sensitive-data exposure and that 91% of frequent AI users are affected, underscoring the need for robust network defense.

Windows 11 Store adds Ninite-style multi-app installer

🧰 The Microsoft Store web now enables Windows 11 users to create a Ninite-style multi-app installer that downloads and installs multiple apps from a single executable. Users can select apps on the Store website and click Install selected, which generates a background installer to run the installs. The capability currently works only in the Store web, is limited to a curated set of 64 apps, and restricts packages to 16 apps per download to avoid overwhelming Store servers.

Building Software Sustainably with AI and Efficiency

🌱 Google presents a Sustainable by Design approach to reduce the environmental footprint of AI and software. The post highlights projects like Green Light and Project Contrails, improvements in hardware efficiency such as Ironwood TPUs, and a fleet-wide Power Usage Effectiveness of 1.09. It introduces the 4Ms—Machine, Model, Mechanisation, Map—to guide infrastructure and development choices. The emphasis is on embedding efficiency across the software lifecycle to cut energy use, costs, and water consumption.

Vertex AI Agent Builder: Build, Scale, Govern Agents

🚀 Vertex AI Agent Builder is Google Cloud's integrated platform to build, scale, and govern production AI agents. The update expands the Agent Development Kit (ADK) and Agent Engine with configurable context layers to reduce token usage, an adaptable plugins framework, and new language SDK support including Go. Production features include observability, evaluation tools, simplified deployment via the ADK CLI, and strengthened governance with native agent identities and Model Armor protections.

Buildertrend Migrates to Memorystore for Valkey at Scale

🚀 Buildertrend describes migrating from Memorystore for Redis to Google Cloud’s managed Memorystore for Valkey to gain native cross‑regional replication, improved networking via Private Service Connect, and performance advantages. The team exported cache data to Google Cloud Storage and seeded Valkey instances to minimize downtime, eliminated a proxy layer, and now uses Valkey for caching, session state, job queues, pub/sub idempotency, and authentication tokens.

When Cybersecurity Theory Meets Operational Reality

🧭 Security teams often implement best practices but face operational gaps: undocumented cloud assets, interrupted scan schedules, noisy threat feeds and endpoints left unmonitored. The piece explains how these real‑world failures turn ideal controls into misleading dashboards and alert fatigue. It warns that stitching together point products multiplies complexity and slows response, and recommends a unified approach that correlates EASM and DRP signals so teams can prioritize remediation with context, citing Outpost24 and its CompassDRP solution as an example.

AWS Marketplace Enables Local INR Transactions for India

🇮🇳 Buyers and sellers in India can now transact locally on AWS Marketplace using INR, with invoices issued in Indian Rupees and tax compliance facilitated by AWS India. India-based sellers can register to sell paid offerings, create private offers in USD or INR, and work with India-based Channel Partners. AWS India will automate WHT and GST-TCS collection and remittance to authorities, simplifying buyer compliance.

Amazon GameLift Streams Adds AWS Health Lifecycle Alerts

🔔 Amazon GameLift Streams now integrates with AWS Health to deliver automated lifecycle notifications for stream groups. AWS Health will send reminders on day 45 and day 150 about upcoming restrictions at day 180, and a final reminder on day 335 before automatic expiration on day 365. Stream groups older than 180 days cannot add new applications. The feature is available in all Regions at no extra cost, and the ExpiresAt field in the GetStreamGroup API or the Stream group details page in the console shows status.

Keyspaces Multi-Region Replication: Bahrain and Hong Kong

🔁Amazon Web Services has expanded Amazon Keyspaces (for Apache Cassandra) to support Multi-Region Replication in Middle East (Bahrain) and Asia Pacific (Hong Kong). The managed capability automatically replicates tables across Regions with typically less than one second of replication lag, allowing applications to read and write the same table in multiple Regions. Customers gain lower latency, improved regional resiliency, and can replicate between these Regions and any other supported AWS Region while paying only for resources they use.

AWS CloudWatch Application Signals Adds AI Canary Debugging

🔍 CloudWatch Application Signals (Model Context Protocol / MCP Server) now ingests CloudWatch Synthetics canary data to enable AI-powered debugging of synthetic-monitoring failures. From natural-language prompts like “Why is my checkout canary failing?”, supported AI assistants (for example Amazon Q or Claude) drive diagnostics that correlate canary failures with metrics, traces, and dependencies. The system analyzes HAR files, CloudWatch Logs, S3 artifacts, and configuration to triage issues across network, authentication, performance, script, infrastructure, and dependency layers. This capability is available in all commercial AWS regions where CloudWatch Synthetics is offered; customers must have access to a compatible AI agent to use the AI-driven debugging features.

AWS Launches Memory-Optimized EC2 R8a Instances, GA

🧠 AWS has announced general availability of new Amazon EC2 R8a memory-optimized instances powered by 5th Gen AMD EPYC processors (Turin) with up to 4.5 GHz. R8a delivers up to 30% higher performance, up to 19% better price-performance and 45% more memory bandwidth versus R7a. Available in 12 sizes (including 2 bare metal) and SAP-certified, R8a targets latency-sensitive, memory-intensive workloads and supports Savings Plans, On-Demand and Spot purchasing.

Addressing the AI Black Box with Prisma AIRS 2.0 Platform

🔒 Prisma AIRS 2.0 presents a unified AI security platform that addresses the “AI black box” by combining AI Model Security and automated AI Red Teaming. It inventories models, inference datasets, applications and agents in real time, inspects model artifacts within CI/CD and model registries, and conducts continuous, context-aware adversarial testing. The platform integrates curated threat intelligence and governance mappings to deliver auditable risk scores and prioritized remediation guidance for enterprise teams.

Cloudflare Workers VPC Services Enter Open Beta Today

🌐 Cloudflare announced the open beta of Workers VPC Services, enabling Workers to securely reach APIs, containers, VMs, serverless functions and databases inside regional private networks via Cloudflare Tunnels. Developers register services by hostname or IP and bind them to Workers, with access verified at deploy time to restrict Workers to only the declared service. The model reduces cloud lock‑in, mitigates SSRF risk, and is available free during the beta.