< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4606 articles · page 5 of 231

Improving security across Microsoft partner ecosystem

🔒 This post by Raji Dani, Microsoft Deputy CISO, explains how Microsoft secures its partner ecosystem—especially Microsoft Cloud Solution Providers (CSPs)—to reduce risk to downstream customers. It outlines vetting, mandatory security requirements for authorization, granular delegated administrative privileges (GDAP), telemetry and rapid access revocation capabilities. The article emphasizes shared responsibility between Microsoft and partners and a continual roadmap to raise security standards.
read more →

AWS Config adds eight new resource types

🔔 AWS Config now supports eight additional resource types across key services including Amazon API Gateway, Amazon EC2, Amazon S3 Vectors, Network Firewall, OpenSearch Serverless, and OSIS. If you have recording enabled for all resource types, AWS Config will automatically begin tracking these new resources. The new types are also available for use in Config rules and Config aggregators, expanding discovery, assessment, audit, and remediation coverage.
read more →

Google Disrupts Major Residential Proxy Network

🛡️ Today Google, working with the FBI, Lumen, and other partners, disrupted the NetNut (Popa) residential proxy network, building on earlier action against IPIDEA. Google disabled accounts used for NetNut C2, shared technical intelligence on SDKs and backend infrastructure, and ensured Play Protect warned users and disabled apps with NetNut SDKs. The disruption reduced NetNut’s available device pool by millions, though Google expects proxy operators to adapt and resell capacity.
read more →

Microsoft fixes Copilot button disappearance in Outlook

🛠️ Microsoft has resolved an issue that caused the Copilot Chat and Copilot buttons to vanish in Classic Outlook for Windows users with the Copilot Chat (Basic) license. Affected users might have seen the button missing from the top-right ribbon, the left app bar, or More Apps, and some Copilot commands appeared unavailable or unresponsive. The Outlook Team implemented a service change on June 29, 2026, and recommends restarting Outlook or updating to the latest build; workarounds include reverting to the prior Current Channel build or using new Outlook/OWA. The company is also investigating Outlook crashes tied to Kaspersky's Mail Checker module and advises contacting Kaspersky support if impacted.
read more →

Opera adds Paste Protect to block ClickFix attacks

🛡️ Opera has added Paste Protect, a feature that intercepts and blocks ClickFix-style attacks which trick users into copying and running malicious commands. The mechanism builds on existing Hijack protection and a new Injection protection to detect and prevent harmful content from reaching the browser clipboard across Windows, macOS, and Linux. When suspicious content is blocked, Opera shows a warning, a red indicator in the address bar, and permits viewing the first 120 characters or approving the copy after a 5-second delay. The feature is enabled by default and can be managed via Settings → Privacy & Security → Paste Protect.
read more →

Amazon Bedrock AgentCore raises default runtime quotas

🚀 Amazon Bedrock AgentCore has increased default runtime quota limits to enable larger-scale agent workloads. The update raises active concurrent sessions to 5,000 in US East (N. Virginia) and US West (Oregon), and 2,500 in other supported Regions. All Regions now support 200 agent interactions per second and 25 new sessions per second, improving out-of-the-box throughput for agent deployments. Customers should review the AgentCore Quotas documentation and Developer Guide for details.
read more →

CloudWatch Adds Alarms Directly From Log Queries

🔔 Amazon CloudWatch now lets you create alarms directly from log queries, enabling anomaly alerts without leaving the log analysis workflow. You can set thresholds on query results without first creating metric filters or custom metrics, simplifying monitoring and alerting. Alarms support standard CloudWatch actions such as Amazon SNS notifications and Amazon EventBridge integrations, and are available in all commercial AWS Regions except UAE and Bahrain. Configure these alarms via the CloudWatch console, AWS CLI, CloudFormation, or AWS SDKs.
read more →

ECS Service Connect adds zone-aware routing

🔁 Amazon ECS introduces zone-aware routing for ECS Service Connect to reduce cross Availability Zone (AZ) data transfer costs and latency by prioritizing intra-AZ traffic. The feature dynamically adjusts traffic weights as endpoints scale to preserve balanced load and shifts traffic to healthy AZs when local endpoints are unhealthy or constrained. Enabled by default for new and existing services, it requires a one-time redeploy for existing services and no infrastructure or code changes.
read more →

Amazon ECS adds real-time deployment observability

🚀 Amazon Elastic Container Service (Amazon ECS) now offers real-time deployment observability within the Amazon ECS Console. This update enables customers to track deployment progress, monitor health, and diagnose failures directly in the console with a live deployment timeline, circuit breaker and alarm status, and container and load-balancer health checks. Failed tasks surface with diagnostic context and deep links to related services like AWS CloudTrail. These features are available at no additional charge in all AWS commercial Regions and AWS GovCloud (US) for services using the rolling update deployment type.
read more →

AWS Artifact adds AI-driven Assurance Assistant

🔍 AWS Artifact now offers Assurance Assistant, an AI-powered feature that provides citation-backed answers to security and compliance questions about AWS services. It supports single-question mode and bulk questionnaire uploads (XLSX) including CAIQ, SIG, and custom DDQs. Responses include citations from SOC reports, ISO certifications, and C5 attestations and can be exported with or without citations. Two new IAM managed policies control access: AWSArtifactComplianceInquiriesReadOnlyAccess and AWSArtifactComplianceInquiriesFullAccess.
read more →

Secure container workloads with attribute-based rules

🛡️ AWS Network Firewall now supports container attribute-based rules for Amazon EKS and Amazon ECS, enabling firewall policies based on native container attributes (namespaces, pod names, labels, cluster names) instead of ephemeral IPs. This feature automatically discovers and tracks matching pods, dynamically updates IP-to-attribute mappings, and enriches alert logs with container context for easier troubleshooting and auditing. It integrates with Suricata-compatible rules, exports logs to CloudWatch Logs and S3, and can be configured via the AWS Console, CLI, or SDK with no additional feature charge.
read more →

AWS Marketplace co-selling integration now GA

📣 Partners can now associate existing AWS Marketplace listings directly to co-sell opportunities in AWS Partner Central. This removes the need to maintain separate co-sell-specific solutions, allowing up to 10 Marketplace Solutions and 10 Marketplace Products per opportunity, including listings from subsidiary-linked accounts. The capability is available in the AWS Console and via the AWS Partner Central Selling API, and an associated listing is required to progress an opportunity to Committed or Launched.
read more →

AlloyDB AI Functions Accelerate Performance and Savings

🔍 AlloyDB introduces AI-native capabilities that bring Gemini’s foundation-model intelligence directly into the database via AI functions. The post announces GA for core functions (ai.generate, ai.rank, ai.if, ai.forecast) and three new functions: ai.summarize, ai.agg_summarize, and ai.analyze_sentiment, enabling structured extraction, summarization, and sentiment classification inside SQL. AlloyDB also adds Smart Batching and an optimized proxy-model mode to massively improve throughput and reduce LLM calls and costs.
read more →

Amazon Bedrock AgentCore expands to four regions

🚀 Amazon Bedrock AgentCore is now available in four additional AWS Regions: Asia Pacific (Bangkok), Asia Pacific (Malaysia), Europe (Milan), and Europe (Spain). AgentCore is a platform to build, connect, and optimize agents, enabling engineers to ship agents quickly with any framework and model while enforcing security at the infrastructure layer. The launch brings runtime, identity and access control, policy management, session persistence, tool connectivity, and observability to these regions, reducing latency for local end users.
read more →

Amazon ECS adds configurable deployment circuit breaker

🔧 Amazon Elastic Container Service (Amazon ECS) now lets you customize when a service deployment is considered failed and automatically rolled back. You can set the circuit breaker threshold using a fixed task failure count or a percentage of desired tasks, and choose between consecutive or cumulative failure counting models. This allows different rollback behavior across environments and is available in all AWS Regions where ECS is offered.
read more →

Amazon RDS cross-region automated backups expand

🔁 This update announces availability of Cross-Region Automated Backup replication for Amazon RDS in four additional AWS Regions, enabling automated backup replication between specified region pairs. The feature replicates snapshots and transaction logs to a destination Region to support point-in-time restores and near-real-time recovery. It supports multiple RDS engines and can be configured via the RDS Console, AWS SDK, or CLI. Organizations can achieve Recovery Point Objectives within minutes by using this replication.
read more →

GuardDuty Runtime adds sensitive file modification detection

🛡️ Amazon GuardDuty Runtime Monitoring now includes three new threat detections to alert teams when sensitive files are modified on Amazon EC2 instances and container workloads on Amazon EKS and Amazon ECS. These findings monitor critical system files such as configuration files, authentication settings, and system logs to surface post-compromise activity. The detections map to MITRE ATT&CK® tactics and provide remediation guidance while using correlation analysis to reduce false positives. The capability is available to customers with GuardDuty Runtime Monitoring enabled, with a 30-day trial for new users.
read more →

AWS AppConfig Adds Built‑In Experimentation Tools

🧭 AWS announces general availability of experimentation tools in AWS AppConfig, enabling built-in A/B testing and multivariate experiments without separate infrastructure. The tools leverage 25+ years of Amazon experimentation practices and provide AI-driven guidance, exposure control, and locked treatment allocations to support robust, data-driven releases. Experiments can be configured via console, CLI, API, or AWS CDK and analyzed with CloudWatch or existing analytics tools before promoting winners through standard safe rollouts.
read more →

ECS Express Mode adds support for custom task definitions

🚀 Amazon Elastic Container Service (ECS) Express Mode now supports custom task definitions, enabling teams to reuse existing ECS configurations and CI/CD workflows while benefiting from Express Mode’s simplified deployment. This update brings advanced task-level options—like observability and security sidecars, custom health checks, ulimits, Linux runtime settings, and FireLens log routing—into Express Mode services. Available in all AWS Regions, you can add a custom task definition via the AWS Console, CLI, SDKs, or infrastructure-as-code tools to manage deployments either through task definition updates or Express Mode.
read more →

Claude Apps Gateway for Google Cloud announced

🔒 Anthropic’s Claude Apps Gateway is a self-hosted intermediary that centralizes identity, policy, telemetry, spend controls, and routing between local Claude Code clients and Google Cloud. It replaces per-developer credentials with OIDC-based sessions, enforces RBAC server-side via gateway.yaml, and attributes metrics to verified user sessions. Deploy as a stateless container on Cloud Run (or GKE) with Cloud SQL and Secret Manager for state and secrets.
read more →