All news in category "Vendor and Hyperscaler Watch"

Microsoft Purview Study: 30% Reduction in Breach Risk

🔒 The Forrester Total Economic Impact™ study commissioned by Microsoft found that Microsoft Purview reduced the likelihood of data breaches by 30% for a composite organization, yielding more than $225,000 in annual savings from avoided incidents and fines. The report credits unified governance, automated classification, and fine‑tuned DLP policies with a 75% reduction in investigation time and 75% time savings for users searching and classifying data. Over three years the study shows $3.0M in benefits versus $633,000 in costs (NPV $2.3M; ROI 355%).

Escalante Uses JAX on TPUs for AI-driven Protein Design

🧬 Escalante leverages JAX's functional, composable design to combine many predictive models into a single differentiable objective for protein engineering. By translating models (including AlphaFold and Boltz-2) into a JAX-native stack and composing them serially or linearly, they compute gradients with respect to input sequences and evolve candidates via optimization. Each job samples thousands of sequences, filters to roughly ten lab-ready designs, and runs at scale on Google Kubernetes Engine using spot TPU v6e, yielding a reported 3.65x performance-per-dollar advantage over H100 GPUs.

Azure Cobalt 100 VMs Deliver Performance and Efficiency

⚡ Azure's in-house Arm-based Cobalt 100 VMs are now live in 29 regions and designed to deliver higher performance, energy efficiency, and lower costs for a broad set of cloud workloads. Customers and platform vendors — including Databricks, Snowflake, Siemens, and Temenos — report measurable throughput and price-performance gains, while Microsoft services like Teams and Defender for Endpoint show meaningful internal improvements. The post presents these results as validation of an end-to-end systems strategy that couples custom silicon with infrastructure-level optimization.

Free IGA for SMBs: Streamline Access and Governance

🔒 Tenfold’s Community Edition offers a free, full-featured Identity Governance & Administration (IGA) platform for organizations of up to 150 users. Its no-code interface enables automated role-based onboarding and offboarding using configurable profiles, and supports self-service password resets and access requests with customizable approval workflows. The solution analyzes Active Directory, SharePoint and Microsoft 365 permissions, helps identify unwanted external sharing, and automates scheduled access reviews to reduce privilege creep and IT helpdesk workload.

AWS License Manager Adds Shared Managed Active Directory

🔁 AWS License Manager now supports shared AWS Managed Active Directory across multiple AWS accounts, enabling centralized management of Microsoft product subscriptions. Customers can subscribe once in a single admin account and extend those subscriptions to directory consumer accounts across their AWS Organization. This reduces duplicate directories and IT overhead and is available in all commercial regions where License Manager user subscription is supported.

Per-Customer Bot Defenses: Behavioral Anomaly Detection

🚨 Cloudflare is introducing per-customer machine learning models that build dynamic baselines of legitimate traffic and detect behavioral anomalies to stop sophisticated, AI-driven scraping. The system ingests zone-level data to identify patterns like sequential page traversal or automated API access and then emits actionable outputs such as new Bot Detection IDs and adjustments to the Bot Score. Early beta results show hundreds of millions of flagged requests, and the capability will be available through Super Bot Fight Mode and Enterprise Bot Management.

Open-source VibeSDK for Self-hosted AI Coding Platforms

🚀 VibeSDK is an open-source platform that enables organizations to deploy a complete AI-powered "vibe coding" experience with one click, integrating LLMs, secure sandboxes, and scalable hosting. It provisions isolated development environments to safely execute AI-generated code, offers templates and live previews, and automates build, test, and deploy workflows. The SDK also provides multi-model routing, observability, and caching, plus one-click export to users' Cloudflare accounts or GitHub so teams retain control of code and costs.

Cloudflare Confidence Scorecards for AI and SaaS Risk

🔒 Cloudflare today launched Application Confidence Scorecards, a new capability in the Cloudflare One SASE suite that automates safety and trust assessments for AI and SaaS applications. The feature combines an Application Posture Score and a Gen‑AI Posture Score to surface certifications, data‑management practices, security controls, and vendor maturity. Cloudflare crawls trust centers and public policies, uses LLMs for structured extraction and source validation, and pairs automated scoring with analyst review to reduce errors. Scores appear in the Application Library and can inform policy enforcement, warnings, or blocks so teams can reduce Shadow AI risk without manual audits.

Cloudflare and Coinbase Launch x402 Foundation and SDK

💳Cloudflare is partnering with Coinbase to form the x402 Foundation and to ship developer support for the x402 protocol, enabling machine-to-machine payments on the web. The announcement introduces a proposed deferred payment scheme that decouples cryptographic commitment from settlement, tailored to agentic use cases like pay-per-crawl. Developers can experiment with x402 today via Cloudflare's Agents SDK, MCP integrations, and a live x402 playground funded with Testnet USDC.

Cloudflare Adds AI Crawl Control to Project Galileo

🛡️ Cloudflare is extending Project Galileo to include Bot Management and AI Crawl Control, giving participating journalists, independent publishers, and non-profits free tools to monitor and manage AI crawlers. These services help distinguish legitimate search crawlers from AI scrapers, analyze crawler behavior by type and provider, and apply tailored rules to protect content. The goal is to help news organizations preserve traffic, protect intellectual property, and negotiate fair compensation with AI companies.

Microsoft accelerates migration and modernization with AI

🔧 Microsoft outlined a set of agentic AI tools to speed migration and modernization across applications and data. GitHub Copilot now automates Java and .NET upgrades and end-to-end app modernization flows, while Azure Migrate adds AI-driven guidance, connected Copilot workflows, and broader application-awareness. The Azure Accelerate program pairs expert deployment support and funding to reduce friction and help teams move projects faster.

GitHub Tightens npm Security: Mandatory 2FA, Token Limits

🔒 GitHub is implementing stronger defenses for the npm ecosystem after recent supply-chain attacks that compromised repositories and spread to package registries. The platform will require 2FA for local publishing, shorten token lifetimes to seven days, deprecate classic tokens and TOTP in favor of FIDO/WebAuth, and promote trusted publishing. Changes will roll out gradually with documentation and migration guides to reduce disruption.

Apple Adds Always-On Memory Integrity Enforcement Feature

🔒 Apple has introduced Memory Integrity Enforcement in the iPhone 17, a hardware-aware, always-on defense against memory-safety exploits used by spyware like Pegasus. Building on Arm’s MTE and its 2022 Enhanced Memory Tagging Extension, Apple’s implementation tags allocations with secrets and verifies them on every access. The company says the protection runs continuously without noticeable performance loss. Apple collaborated with Arm and tuned the chip-level design to make exploitation of memory-corruption bugs significantly harder while preserving compatibility with existing code.

GitHub mandates 2FA, short-lived tokens for npm publishing

🔐 GitHub said it will change npm authentication and publishing practices in the near future to address recent supply-chain attacks, including the Shai-Hulud incident. The company will require 2FA for local publishes, deprecate legacy tokens and TOTP in favor of FIDO, introduce seven-day granular publishing tokens, and enable OIDC-based trusted publishing. The npm CLI will also auto-generate provenance attestations to prove source and build environment.

Amazon EC2 R8gb: EBS-optimized Graviton4 instances

🚀 Amazon EC2 R8gb instances are now generally available as EBS-optimized compute powered by AWS Graviton4. AWS reports up to 30% better compute performance versus Graviton3 and up to 150 Gbps of EBS bandwidth, delivering higher block storage throughput than same-sized Graviton4 counterparts. Sizes scale to 24xlarge (including a metal option) with up to 768 GiB memory and 200 Gbps networking; select large sizes support EFA. Initially available in US East (N. Virginia) and US West (Oregon).

Amazon Connect: Custom Attributes for Interaction Segments

📞 Amazon Connect now lets administrators associate custom, predefined attributes with individual interaction segments. Attributes such as business unit, account type, or contact reason can be centrally managed and applied through contact flows or the UpdateContact API, ensuring each segment retains accurate business context during transfers and multi-party interactions. For example, engagements that start in Support and move to Sales keep distinct business unit names per segment. This capability strengthens reporting and analytics across the customer journey and is available in all AWS regions.

AWS IAM Identity Center Adds Customer-Managed KMS Keys

🔐 IAM Identity Center now supports customer-managed AWS KMS keys to encrypt workforce identity data, including user and group attributes. While AWS-owned keys remain the default, a customer-managed key (CMK) lets organizations control key lifecycle, policies, and usage permissions for stronger security and compliance. CMKs can be set when enabling a new organization instance or added to existing ones, and their usage is auditable via AWS CloudTrail. Support is available for access to accounts and select AWS applications across all IAM Identity Center regions; standard KMS charges apply.

Amazon Nova Act IDE Extension for Agent Development and Testing

🤖 Amazon Web Services announced the Nova Act extension, embedding the agent development workflow directly into popular IDEs such as Visual Studio Code, Kiro, and Cursor. The extension unifies natural-language script creation, fine-grained scripting controls, and integrated browser testing into a single interface, reducing context switching across tools. Built on the Nova Act SDK (research preview since March 2025), the extension is available today from IDE extension marketplaces and the project’s GitHub repository includes documentation and examples to get started.

AWS Launches EC2 Instance Attestation for Trusted Instances

🔒 AWS announced general availability of EC2 instance attestation in September 2025, enabling customers to cryptographically verify that only trusted software and configurations run on EC2 instances, including those with AI chips and GPUs. The feature uses NitroTPM and Attestable AMIs to create and compare cryptographic measurements of AMI contents. It integrates with AWS KMS so key operations can be restricted to instances that pass attestation. EC2 instance attestation is available in all AWS Commercial Regions, including AWS GovCloud (US).

Amazon RDS supports cross-Region and cross-account snapshots

🔁 Amazon RDS now supports single-step cross-Region and cross-account copying of snapshots for Amazon RDS and Amazon Aurora. This new capability eliminates the prior two-step process and removes the need for an intermediate snapshot, helping customers achieve tighter recovery point objectives while reducing storage and operational costs. The feature is available in all AWS Regions, including AWS China and AWS GovCloud (US), and can be used today via the AWS Management Console, AWS CLI, or AWS SDKs.