All news in category "Vendor and Hyperscaler Watch"

Deploying AWS Secrets Manager Agent as an EKS Sidecar

🔒 This post demonstrates deploying the AWS Secrets Manager Agent as a sidecar container in Amazon EKS to provide a language-agnostic local HTTP interface (localhost:2773) for secrets retrieval. The agent pulls and caches secret values, reducing direct API calls to Secrets Manager and improving application availability. It enforces SSRF protection via a generated token at /var/run/awssmatoken and implements ML‑KEM post‑quantum key exchange by default. Authentication uses Amazon EKS Pod Identity and IAM permissions (secretsmanager:GetSecretValue and secretsmanager:DescribeSecret), and the post includes build, containerization, and deployment steps.

Microsoft Security Store Unites Partners and Innovation

🔐 Microsoft Security Store, released to public preview on September 30, 2025, is a unified, AI-powered marketplace that lets organizations discover, buy, and deploy vetted security solutions and AI agents. Catalog items — organized by frameworks like NIST and by integration with products such as Microsoft Defender, Sentinel, Entra, and Purview — address threat protection, identity, compliance, and cloud security. Built on the Microsoft Marketplace, it provides unified billing, MACC eligibility, and guided automated provisioning to streamline deployments.

SmarterX Builds Custom LLMs with Google Cloud Tools

🔍 SmarterX uses Google Cloud to build custom LLMs that help retailers, manufacturers, and logistics companies manage regulatory compliance across product lifecycles. Using BigQuery, Cloud Storage, Gemini, and Vertex AI, the company ingests, normalizes, and indexes unstructured regulatory and product data, applies RAG and grounding, and trains customer-specific models. The integrated platform empowers subject matter experts to evaluate, correct, and deploy model updates without heavy engineering overhead.

Cloud Armor: Hierarchical Policies, Extended WAF and NTI

🛡️ Cloud Armor introduces hierarchical security policies and organization-scoped address groups to simplify centralized policy management across organization, folder, and project levels. The release also includes GA support for JA4 network fingerprinting and ASN/NTI controls for Media CDN, while an enhanced WAF request-body inspection (preview) expands inspection from 8 KB to 64 KB. These updates are designed to strengthen threat protection and reduce operational complexity for hybrid and multicloud deployments.

Dataplex Supports Column-Level Lineage for BigQuery

🔍 Dataplex Universal Catalog now captures column-level lineage for BigQuery, extending object-level tracing to granular column transformations at no extra cost. The update provides interactive visual lineage graphs so users can inspect upstream and downstream flows for individual columns, trace origins, and assess downstream impact of modifications. This granularity helps validate authoritative sources for AI/ML features, enforce column-level governance, and improve compliance. It also surfaces freshness and usage metadata to support context-aware agents.

Google Migrates ISAs with AI and Automation at Scale

🔧 Google details how its custom Axion Arm CPUs and a mix of automation and AI enabled large-scale migration from x86 to multi-architecture production across services such as YouTube, Gmail, and BigQuery. The team analyzed 38,156 commits (about 700K changed lines) and reports migrating more than 30,000 applications to Arm while keeping both Arm and x86 in production. Existing automation like Rosie, sanitizers, fuzzers, and the CHAMP rollout framework handled much of the work, while an LLM-driven agent called CogniPort fixed build and test failures, showing a 30% success rate on a 245-commit benchmark. Google plans to default new apps to multiarch and continue refining AI tools to address the remaining long tail.

Meta Adds Scam Warnings to WhatsApp and Messenger Apps

🔒 Meta is rolling out new anti-scam features for WhatsApp and Messenger. On WhatsApp, users will receive warnings when attempting to share their screen with unknown contacts during video calls to help prevent accidental exposure of bank details or verification codes. On Messenger, an opt-in Scam detection setting flags potentially suspicious messages from unknown senders; detection runs on-device to preserve end-to-end encryption unless users choose to submit recent messages for AI review, which removes E2EE. Meta also said it has taken action against thousands of impersonating pages and disrupted millions of accounts tied to organized scam centers.

The Signals Loop: Fine-tuning for AI Apps and Agents

🔁 Microsoft positions the signals loop — continuous capture of user interactions and telemetry with systematic fine‑tuning — as essential for building adaptive, reliable AI apps and agents. The post explains that simple RAG and prompting approaches often lack the accuracy and engagement needed for complex use cases, and that continuous learning drives sustained improvements. It highlights Dragon Copilot and GitHub Copilot as examples where telemetry‑driven fine‑tuning yielded substantial performance and experience gains, and presents Azure AI Foundry as a unified platform to operationalize these feedback loops at scale.

Maximizing Gateway Security Beyond Basic Configuration

🛡️ This article by Andrius Buinovskis of NordLayer explains why default gateway setups often leave gaps in security, performance, and compliance. It recommends four core actions: network segmentation, multiple distributed gateways to avoid single points of failure, optimization for geographically dispersed workforces, and layered cloud firewall controls to restrict ports and protocols. The guidance aligns with Zero Trust principles and highlights regional privacy rules such as GDPR and CCPA.

Amazon SES adds IP observability for DIP-M pools capability

📬 Amazon Simple Email Service (SES) now exposes the exact IP addresses used by Dedicated IP Addresses - Managed (DIP-M) pools. Customers can view these IPs via the console, CLI, or SES API and access Microsoft SNDS metrics for each address. SES also creates CloudWatch metrics for SNDS data to aid reputation monitoring. This gives customers greater transparency into sending activity and helps diagnose deliverability and reputation issues with mailbox providers.

Amazon Corretto October 2025 LTS Security Updates Released

🔔 Amazon released quarterly security and critical updates for Amazon Corretto LTS builds on October 21, 2025, providing new binaries for Corretto 25.0.1, 21.0.9, 17.0.17, 11.0.29 and 8u472. The distributions for Generic Linux, Alpine and macOS now include Async-Profiler, a low‑overhead sampling profiler that captures CPU, heap and native allocations, contention and hardware/software counters. Downloads are available from the Corretto home page or via Apt, Yum and Apk repositories, and contributors can provide feedback on the Corretto GitHub.

Google abandons Privacy Sandbox, ends most cookie efforts

🍪 Google has announced it is discontinuing 11 Privacy Sandbox technologies — effectively ending most of the company’s cookie‑replacement efforts after evaluating low adoption and ecosystem feedback. The decision follows regulatory scrutiny from the UK’s Competition and Market Authority and several U.S. antitrust actions, and came after prior concessions from Google. The company says it will continue to work on privacy improvements for Chrome, Android and the web but will move away from the Privacy Sandbox branding.

Fortinet Publishes First EPD for FortiGate-40F NGFW

🌱 Fortinet has published the industry’s first Environmental Product Declaration (EPD) for the FortiGate-40F Next-Generation Firewall, verified under the new PCR 2024:06. The EPD is based on an independent Life Cycle Assessment and discloses lifecycle impacts—carbon, energy, water, materials, and waste—providing procurement teams with standardized, third-party-validated data. Fortinet views this as an initial step and plans to extend EPD coverage across additional models to support compliance, decarbonization, and sustainable procurement.

Microsoft fixes bug blocking classic Outlook startup

🛠️ Microsoft has implemented a fix for a major issue that prevented some Microsoft 365 customers from launching the classic Outlook client on Windows. Affected users reported errors indicating the app could not be started, the Outlook window would not open, or Exchange sign-in failed. Microsoft marked the incident as fixed and said the Outlook team is monitoring the rollout, while recommending Outlook Web Access or the new Outlook for Windows as temporary workarounds.

CloudWatch Database Insights: On-Demand Analysis for RDS

📊 Amazon CloudWatch Database Insights now offers on-demand analysis for RDS for SQL Server, extending automated diagnostics to that engine. The feature uses machine learning to compare a selected time period against baseline performance, surface anomalies, and provide tailored remediation advice. Administrators can enable this in Advanced mode via the RDS console, APIs, SDKs, or CloudFormation to reduce mean-time-to-diagnosis from hours to minutes.

Amazon Nova adds customizable content moderation settings

🔒 Amazon announced that Amazon Nova models now support customizable content moderation settings for approved business use cases that require processing or generating sensitive content. Organizations can adjust controls across four domains—safety, sensitive content, fairness, and security—while Amazon enforces essential, non-configurable safeguards to protect children and preserve privacy. Customization is available for Amazon Nova Lite and Amazon Nova Pro in the US East (N. Virginia) region; customers should contact their AWS Account Manager to confirm eligibility.

Amazon EC2 U7i-6TB High Memory Instances in London

🚀 AWS has launched the U7i-6tb High Memory instance in the Europe (London) Region, offering 6TB of DDR5 memory and 448 vCPUs for large in-memory workloads. Powered by custom fourth-generation Intel Xeon Scalable (Sapphire Rapids) processors, these 7th-generation instances support up to 100 Gbps for EBS and network and include ENA Express for lower latency. They are aimed at mission-critical in-memory databases such as SAP HANA, Oracle, and SQL Server, enabling higher transaction throughput and faster data loading and backups.

Amazon Connect Adds Automated Triggered Evaluations

🔔 Amazon Connect can now automatically initiate follow-up evaluations when specific conditions are detected during initial Contact Lens reviews. For example, if the first evaluation surfaces customer interest in a product, Connect can trigger a targeted follow-up focused on the agent's sales performance. Managers gain consistent standards across cohorts and capture deeper insights into sales opportunities, escalations, and other critical interaction moments. The capability is available in all regions where Amazon Connect is offered.

Amazon Bedrock Data Automation Adds Video, Faster Images

🎞️ Amazon Bedrock Data Automation now supports AVI, MKV, and WEBM video formats and the AV1 and MPEG-4 Visual (Part 2) codecs, expanding coverage for archival, multi-track, and web-based videos. The service also delivers up to 50% faster image processing to accelerate extraction of visual insights. BDA is available in eight AWS Regions, enabling organizations to process native formats and streamline GenAI workflows.

CrowdStrike Launches AI-Driven Falcon UX in Preview

🔍 At Fal.Con 2025, CrowdStrike introduced a dynamic, persona-aware user experience for Falcon Cloud Security and Falcon Exposure Management, now available in public preview. Built on CrowdStrike Enterprise Graph and Charlotte AI, the console unifies hybrid and multi-cloud asset and risk visibility into customizable workspaces. It offers AI-assisted dashboard creation and executive-ready reporting to accelerate investigations and remediation without switching tools.