All news in category "Vendor and Hyperscaler Watch"

Fortinet Veterans Program Enables Cybersecurity Careers

🔐 Fortinet’s Veterans Program, in partnership with VetSec, provides veterans and spouses free access to training, hands-on labs, and certification vouchers to accelerate entry into cybersecurity. Participants progress from foundational courses through associate-level credentials, including structured offerings such as the Networking Fundamentals Bootcamp. Graduates like Jeramiah Poff and Derek Zobler reported direct job placements—roles ranging from security architect to cyberthreat hunter—demonstrating measurable workforce impact.

Gemini CLI Extensions Enable Google Data Cloud Access

🔧 Google released open-source Gemini CLI extensions that integrate Gemini with Google Data Cloud services, enabling terminal-based access to BigQuery, Cloud SQL, and AlloyDB. Developers install the CLI (recommended v0.6.0), add extensions, and configure IAM and environment variables to connect to projects. Extensions support provisioning databases and users, natural-language querying, AI forecasting, and conversational analytics, though some require enabling additional APIs.

Simpler Path to a Safer Internet: CSAM Tool Update

🔒 Cloudflare has simplified access to its CSAM Scanning Tool by removing the prior requirement for National Center for Missing and Exploited Children (NCMEC) credentials. The tool relies on fuzzy hashing to create perceptual fingerprints that detect altered images with high confidence. Since the change in February, monthly adoption has increased sixteenfold. Detected matches result in blocked URLs and owner notifications so site operators can remediate.

Automatic SSL/TLS: Upgrading 6M Domains for Quantum Safety

🔐 Cloudflare's Automatic SSL/TLS now upgrades origin-facing encryption by default, having strengthened over 6 million domains without operator intervention. The system scans origins, verifies content and certificates, then gradually ramps stronger SSL/TLS modes from 1% to 100% of traffic, aborting safely on failures. This prepares sites for the post-quantum era by favoring hybrid key agreements (X25519 + ML-KEM) and will soon automate post-quantum handshakes and ad-hoc rescans.

SaaS-to-SaaS Proxy: Centralized Visibility and Control

🌐Cloudflare is prototyping a SaaS-to-SaaS proxy that consolidates SaaS connections through a single front door to improve monitoring, detection, and response. Two deployment models are proposed: a customer-controlled vanity hostname proxy that returns visibility to data owners, and a vendor-side reverse proxy that strengthens platform security. Both approaches use key splitting to avoid persisting full bearer tokens and enable instant revocation. Cloudflare is seeking feedback and offering early access.

Cloudflare WARP Adds Post-Quantum Key Agreement Support

🔐 Cloudflare's WARP client now supports post-quantum key agreement across both consumer (1.1.1.1) and enterprise (Cloudflare One Agent) offerings, tunneling traffic over MASQUE with hybrid post-quantum/classical ciphersuites. The upgrade provides immediate protection against harvest-now-decrypt-later attacks by wrapping user traffic in post-quantum MASQUE tunnels even when individual connections inside the tunnel are not yet PQ-protected. Cloudflare staged the rollout with temporary downgrades, phased population enablement, and an MDM override to balance robustness and downgrade-resistance while meeting FIPS/FedRAMP constraints.

Cloudflare Launches Content Signals Policy for robots.txt

🛡️ Cloudflare introduced the Content Signals Policy, an extension to robots.txt that lets site operators express how crawlers may use content after it has been accessed. The policy defines three machine-readable signals — search, ai-input, and ai-train — each set to yes/no or left unset. Cloudflare will add a default signal set (search=yes, ai-train=no) to managed robots.txt for ~3.8M domains, serve commented guidance for free zones, and publish the spec under CC0. Cloudflare emphasizes signals are preferences, not technical enforcement, and recommends pairing them with WAF and Bot Management.

INDOT Used Google AI to Save 360 Hours and Meet Deadline

🚀 Indiana Department of Transportation built a week-long pilot on Google Cloud to meet a 30-day executive order, using a Retrieval-Augmented Generation workflow that combined rapid ETL, Vertex AI Search indexing, and Gemini. The system scraped and parsed decades of internal policies and manuals, produced draft reports across nine divisions with 98% fidelity, and saved an estimated 360 hours of manual effort, enabling INDOT to submit on time.

What Happens When You Engage Talos Incident Response

🔐 Cisco Talos Incident Response (Talos IR) provides rapid, 24/7 crisis support and proactive services to contain, investigate, and remediate cybersecurity incidents. Talos combines deep threat intelligence, digital forensics, and a vendor-agnostic approach to work with existing tools and environments. Engagements follow a structured IR lifecycle—Preparation, Identification, Containment, Eradication, Recovery, and Lessons learned—to minimize disruption and build long-term resilience.

JS Bank modernizes with Google stack and ChromeOS rollout

🚀 JS Bank migrated its distributed IT estate to a unified Google ecosystem—deploying 1,500 Chromebooks and Chromeboxes while adopting Google Workspace and Chrome Enterprise Premium. The change delivered nearly 90% endpoint standardization, cut device management time by 40%, and halved daily support tickets. Built-in ChromeOS protections simplified security and reduced reliance on multiple third-party antivirus and anti-malware tools.

Amazon Route 53 Resolver Query Logging Now in NZ Region

🛰️ Amazon Route 53 Resolver Query Logging is now available in Asia Pacific (New Zealand). You can log DNS queries originating in VPCs to capture queried domain names, the AWS resources that issued the queries (including source IP and instance ID), and the responses received. Logs can be delivered to Amazon S3, CloudWatch Logs, or Amazon Data Firehose, and query logging configurations may be shared across accounts via AWS RAM. There is no additional Route 53 charge for enabling query logging, though storage and ingestion on the chosen destination may incur costs.

Amazon EC2 Auto Scaling — Forced Immediate Cancel Feature

⚡ Amazon EC2 Auto Scaling now allows customers to force-cancel ongoing instance refreshes immediately by setting WaitForTransitioningInstances to false when calling the CancelInstanceRefresh API. The change bypasses waiting for in-progress launches, terminations, or instance lifecycle hooks, enabling rapid aborts of deployments during incidents or to roll forward to corrected releases. The capability is available in all AWS regions, including AWS GovCloud (US).

Five Questions CISOs Should Ask Security Vendors Today

🔍 CISOs are inundated with vendor outreach and need a short, practical checklist to evaluate security offerings. Senior security leaders recommend starting by confirming a vendor understands your organization and presenting solutions that reduce workload, consolidate tools, or demonstrably improve operations rather than add noise. Key topics include integration and maintenance, update cadence and product roadmap involvement, and concrete real‑world use cases that validate claims. Watch for vague claims, FUD, buzzwords, or resistance to feedback — they signal potential long‑term friction.

Amazon GameLift Servers: Dallas Local Zone Launches

🎮 Amazon GameLift Servers now supports the new AWS Local Zone in Dallas, Texas (us-east-1-dfw-2), enabling fleets to deploy EC2 C6gn, C6i, C6in, M6g, M6i, M6in, M8g, and R6i instances. From the GameLift Servers Console you can enable the Dallas Local Zone and add it to your fleets like any other Region or Local Zone. This launch lets studios run latency-sensitive multiplayer, AR/VR, and tournament workloads closer to Dallas-area players for single-digit millisecond latency and improved responsiveness.

AWS removes network burst limits for I7i and I8g instances

🚀 Today AWS removed networking bandwidth burst duration limits for Amazon EC2 I7i and I8g instances larger than 4xlarge, doubling the network bandwidth available at all times for those sizes. Where instances previously relied on a network I/O credit mechanism to burst above a baseline, larger I7i and I8g instances can now sustain their maximum network performance indefinitely. The change delivers more predictable, uninterrupted throughput for memory- and network‑intensive workloads such as distributed databases, real‑time analytics and AI preprocessing; smaller sizes retain existing baseline-and-burst behavior.

Optimize Security Operations with AWS Incident Response

🔒 AWS Security Incident Response provides an AWS-native incident management capability that combines automated triage, threat intelligence, and customer metadata to surface and prioritize genuine threats. The service integrates with Amazon GuardDuty, AWS Security Hub, and select third-party detections, and offers a unified console with 24/7 access to the AWS Customer Incident Response Team (CIRT). It supports delegated administration, organization-wide coverage, and immutable case timelines. Included with Amazon Managed Services (AMS), it accelerates investigation and containment to reduce mean time to resolution.

Amazon DataZone Now Available in Three Additional Regions

🔔 Amazon DataZone is now available in AWS Asia Pacific (Hong Kong), Asia Pacific (Malaysia), and Europe (Zurich) Regions. The fully managed Amazon DataZone service catalogs, discovers, analyzes, shares, and governs organizational data, integrating with AWS Glue Data Catalog and Amazon Redshift. Consumers can search, subscribe, and analyze assets using tools like Amazon Redshift and Amazon Athena from the DataZone portal. The service also underpins governance in the next generation of Amazon SageMaker to simplify discovery and secure access to data and models.

WhatsApp Adds Message Translation to iPhone and Android

🌐 WhatsApp has begun rolling out a new message translation feature for Android and iPhone that translates messages in chats, groups, and channel updates. On iOS, users can translate individual messages via long-press and tapping 'Translate', while Android users can also enable automatic translation to convert all messages in a thread. Initial language support differs by platform and the rollout will be gradual.

Defense-in-Depth: Building an AWS Control Framework

🔒 This post outlines a practical, layered approach to reduce risk in AWS by moving beyond detective-only controls to a comprehensive defense‑in‑depth control framework. It recommends combining preventative, proactive, detective, and responsive controls across the resource lifecycle and illustrates how AWS services such as AWS Control Tower, AWS Organizations, Security Hub, and AWS Config enable that strategy. The guidance covers concrete patterns—from SCPs, RCPs and policy‑as‑code in CI/CD to automated remediation via Lambda and Systems Manager—to scale governance, reduce findings, and shorten remediation time.

Deutsche Bank launches DB Lumina for AI research platform

🤖 DB Lumina is Deutsche Bank Research’s AI-powered assistant, built on Google Cloud and integrating multimodal Gemini models, RAG retrieval, and vector search. It provides a conversational chat interface, reusable prompt templates, and document-grounded answers with inline citations and enterprise guardrails for compliance. Early deployment to roughly 5,000 analysts has yielded measurable time savings, deeper analysis, and improved editorial accuracy.