All news in category "Vendor and Hyperscaler Watch"

Microsoft Named a Leader in Gartner MQ for DHI 2025

🔹 Microsoft has been named a Leader in the 2025 Gartner Magic Quadrant for Distributed Hybrid Infrastructure, its third consecutive recognition. Azure’s adaptive approach—anchored by Azure Arc and Azure Local—delivers unified management, governance, and security across hybrid, edge, multicloud, and sovereign environments. These technologies enable services such as AKS, Microsoft Defender for Cloud, IoT operations and AI workloads, and Microsoft highlights customer outcomes and continued investment to broaden capabilities and compliance.

Model Armor and Apigee: Protecting Generative AI Apps

🔒 Google Cloud’s Model Armor integrates with Apigee to screen prompts, responses, and agent interactions, helping organizations mitigate prompt injection, jailbreaks, sensitive data exposure, malicious links, and harmful content. The model‑agnostic, cloud‑agnostic service supports REST APIs and inline integrations with Apigee, Vertex AI, Agentspace, and network service extensions. The article provides step‑by‑step setup: enable the API, create templates, assign service account roles, add SanitizeUserPrompt and SanitizeModelResponse policies to Apigee proxies, and review findings in the AI Protection dashboard.

Meta launches new anti-scam tools for WhatsApp, Messenger

🛡️ Meta is rolling out new anti-scam features for Messenger and WhatsApp to help users detect and avoid fraud. Messenger testing includes AI-assisted scam detection that warns about suspicious new contacts and offers options to block, report, or submit messages for review. WhatsApp will display warnings about screen-sharing with unknown callers. These protections are enabled by default.

Amazon CloudWatch Agent Gains Windows Event Log Filtering

🔎 Amazon CloudWatch Agent now supports configurable Windows Event Log filters for Windows hosts running on Amazon EC2 or on‑premises. You can define per-stream filter criteria in the agent configuration file — including event levels, specific event IDs, and regular expressions set to include or exclude — and the agent evaluates each event to determine whether it should be sent to CloudWatch. This reduces noisy ingestion and helps focus monitoring, troubleshooting, and cost control; the feature is available in all commercial AWS Regions and AWS GovCloud (US).

Amazon Redshift Auto-Copy Expands to Four AWS Regions

📥 Amazon Redshift Auto-Copy is now available in Asia Pacific (Malaysia), Asia Pacific (Thailand), Mexico (Central), and Asia Pacific (Taipei). The feature lets you configure an integration to continuously detect and load new files from a specified Amazon S3 prefix into Redshift tables without requiring custom COPY pipelines or external tooling. Auto-Copy records previously loaded files to prevent duplicate ingestion and exposes job status and metrics via Redshift system tables for monitoring and troubleshooting.

Amazon S3 Generates CloudTrail Events for Table Maintenance

🔔Amazon S3 now emits AWS CloudTrail events for S3 Tables maintenance operations so you can track compaction and snapshot expiration. Maintenance activities are recorded as management events in CloudTrail, enabling auditing and monitoring of automatic optimization tasks. To monitor these events, create a trail and filter for eventType='AwsServiceEvents' and eventName='TablesMaintenanceEvent'. Events are available in all Regions where S3 Tables are offered.

Amazon EKS Auto Mode Adds FIPS Support in GovCloud

🔐 Amazon Elastic Kubernetes Service (EKS) Auto Mode is now available in AWS GovCloud (US-East) and (US-West), automating compute, storage, and networking management for Kubernetes clusters. Its AMIs include FIPS-validated cryptographic modules to help meet FedRAMP-style requirements. EKS Auto Mode handles OS patching, leverages ephemeral compute to reduce persistent attack surface, and dynamically scales EC2 instances to optimize costs while maintaining availability; it supports clusters running Kubernetes 1.29 and later with no upfront fees.

CloudWatch Synthetics: Bundled Multi-Check Canaries

🔧 Amazon CloudWatch Synthetics now offers bundled multi-check blueprints that let teams define comprehensive synthetic tests using a single JSON configuration file. A single canary can include up to 10 steps covering HTTP (with varied authentication), DNS, SSL certificate checks and TCP ports, and supports complex assertions on status, latency, headers and response body. Integration with AWS Secrets Manager secures credentials, while step-by-step results and console debugging simplify implementation compared with writing multiple custom canaries.

Amazon DCV 2025.0 Adds WebAuthn, ARM, and Keyboard Support

🔒 Amazon DCV 2025.0 is the latest release of the high-performance remote display protocol, delivering enhanced security and productivity for virtual desktop and application sessions. The update adds WebAuthn redirection on Windows and browser-based WebAuthn on Linux to enable security-key authentication in native and SaaS apps, plus server-side keyboard layout handling and alignment for Windows clients to improve input consistency. Other improvements include Linux client support for ARM, Windows Server 2025 host compatibility, and scroll wheel optimizations for smoother navigation. See AWS documentation and the DCV product page for full release notes.

Pentera Resolve Aims to Close the Remediation Gap Now

🔧 Pentera today unveiled Pentera Resolve, a platform extension that embeds automated remediation workflows into security validation to bridge the persistent remediation gap. The product converts validated findings into tracked, auditable tickets routed to owners in tools like ServiceNow, Jira, and Slack. Powered by AI-driven triage and contextual enrichment, it aims to replace manual consolidation with a measurable, repeatable remediation loop of validate, remediate, and re-test.

Amazon RDS for SQL Server: KMS Encryption for Native Backups

🔐 Amazon RDS for SQL Server now supports encrypting native backup files (.bak) stored in Amazon S3 using server-side encryption with AWS KMS keys (SSE-KMS). By default, native backups remain encrypted with Amazon S3-managed keys (SSE-S3), and customers can opt to apply their own KMS key for additional protection and key control. To enable the feature, update the KMS key policy to grant the RDS backup service access and specify the parameter @enable_bucket_default_encryption in the native backup stored procedure. This capability is available in all AWS Regions where Amazon RDS for SQL Server is offered.

Amazon RDS for SQL Server: Preserve CDC on Restore

🛡️ Amazon RDS for SQL Server now preserves Change Data Capture (CDC) settings and metadata when restoring native database backups. By specifying the KEEP_CDC option during a restore, customers retain CDC configuration and any captured change data, preventing gaps in ongoing data-capture workflows. This capability is available in all AWS Regions where Amazon RDS for SQL Server is offered and is documented in the RDS for SQL Server User Guide.

AWS PCS Adds Slurm Cluster Secret Rotation Support

🔐 AWS Parallel Computing Service (PCS) now supports rotation of Slurm cluster secret keys using AWS Secrets Manager. Administrators can update the credentials used for authentication between the Slurm controller and compute nodes without recreating a cluster, preserving running workloads and configuration. Regular rotation reduces the risk of credential compromise and helps meet security best practices and compliance requirements. The capability is available in all Regions where PCS operates and can be initiated from the Secrets Manager console or via API after preparing the cluster for rotation.

AWS Adds Scope 3 and Scope 1 to Carbon Footprint Tool

🌍 The AWS Customer Carbon Footprint Tool now reports Scope 3 emissions alongside Scope 1 natural gas and refrigerant data, giving customers more complete visibility into cloud-related carbon impacts. Historical Scope 3 data is available back to January 2022 and can be accessed through the CCFT dashboard and AWS Billing and Cost Management data exports. These updates extend CCFT coverage to all three scopes defined by the Greenhouse Gas Protocol and help customers integrate carbon insights into operational workflows, sustainability planning, and reporting.

Vendor and Hyperscaler Watch: Attack Surface Tools

🔎 Cyber asset attack surface management (CAASM) and external ASM (EASM) solutions help organizations discover and continuously monitor internet-facing assets to reduce exposure and harden security. The article surveys a dozen commercial offerings — including Axonius, CrowdStrike Falcon Exposure, Microsoft Defender EASM, and Palo Alto Cortex Xpanse — highlighting discovery methods, integrations, AI features, and sample pricing. It stresses continuous monitoring, asset context and prioritization, and recommends vetting vendor automation, remediation workflows, and pricing transparency.

Amazon DocumentDB Adds Graviton4-based R8g Instances

🚀 Amazon DocumentDB (with MongoDB compatibility) now supports Graviton4-based R8g instances, delivering DDR5 memory and Nitro System improvements for memory‑intensive workloads. R8g is available for Amazon DocumentDB 5.0 on both Standard and IO‑Optimized cluster storage. Customers can modify existing clusters or create new ones via the AWS Management Console, CLI, or SDK; check documentation for regional availability and pricing.

Amazon MQ Launches in AWS Asia Pacific (New Zealand)

🚀 Amazon MQ is now available in the AWS Asia Pacific (New Zealand) Region (API name ap-southeast-6) with three Availability Zones. The managed message broker supports Apache ActiveMQ and RabbitMQ, reducing operational overhead by managing provisioning, setup, and maintenance. Because it uses industry-standard APIs and protocols, customers can migrate applications to AWS without rewriting code. With this launch, Amazon MQ is now offered in 38 AWS regions globally.

Amazon S3 Metadata Expands to Frankfurt, Ireland, Tokyo

🆕 Amazon has expanded S3 Metadata to three additional AWS Regions — Europe (Frankfurt), Europe (Ireland), and Asia Pacific (Tokyo). The service provides automated, near-real-time, queryable metadata for S3 objects, covering system-defined attributes (size, source, timestamps) and custom metadata via tags. Metadata is automatically populated for both new and existing objects, enabling faster discovery, curation, and use for analytics and real-time inference. With this release, S3 Metadata is generally available in six AWS Regions.

Amazon EC2 C7i-flex Instances Launch in Jakarta Region

🚀 Amazon Web Services has launched C7i-flex instances in the Asia Pacific (Jakarta) Region. The new instances deliver up to 19% better price-performance versus C6i and use custom 4th generation Intel Xeon Scalable (Sapphire Rapids) processors available only on AWS, while offering roughly 5% lower prices than standard C7i. C7i-flex covers common sizes from large to 16xlarge and is intended for compute-intensive workloads that don’t fully utilize all vCPUs; customers with continuous high CPU usage or needs for very large sizes (up to 192 vCPUs and 384 GiB) should consider full-size C7i instances.

AWS Nitro Enclaves Now Available in All Regions Worldwide

🔒 AWS has made Nitro Enclaves available in every AWS Region, expanding regional support to include new locations across Asia Pacific, Europe, the Middle East, and North America. Nitro Enclaves enables customers to create isolated compute environments inside EC2 instances to protect and process sensitive data and reduce attack surface. There is no additional charge beyond the EC2 and associated service usage.