All news in category "Vendor and Hyperscaler Watch"

Amazon ElastiCache Adds Vector Search with Valkey 8.2

🚀 Amazon ElastiCache now offers vector search generally available with Valkey 8.2, enabling indexing, searching, and updating billions of high-dimensional embeddings from providers such as Amazon Bedrock, Amazon SageMaker, Anthropic, and OpenAI with microsecond latency and up to 99% recall. Key use cases include semantic caching for LLMs, multi-turn conversational agents, and RAG-enabled agentic systems to reduce latency and cost. Vector search runs on node-based clusters in all AWS Regions at no additional cost, and existing Valkey or Redis OSS clusters can be upgraded to Valkey 8.2 with no downtime.

AWS Service Changes: Maintenance, Sunset, and End of Support

📢 AWS is updating the availability status of a range of services and features across three lifecycle categories: moving to Maintenance, entering Sunset, and reaching End of Support. Services moving to maintenance will stop accepting new customers on Nov 7, 2025, while current customers can continue using them as they evaluate alternatives. Several services, including Amazon FinSpace, AWS IoT Greengrass v1, and AWS Proton, are entering sunset with documented timelines (typically ~12 months). AWS Mainframe Modernization App Testing has reached end of support as of Oct 7, 2025. AWS provides migration guides and support resources to help customers transition.

AWS Config Adds Support for Three New Resource Types

📣 AWS Config now supports three additional resource types—AWS::ApiGatewayV2::Integration, AWS::CloudTrail::EventDataStore, and AWS::Config::StoredQuery—providing broader visibility across AWS environments. If you have recording enabled for all resource types, AWS Config will automatically begin tracking these new types. They are available for use in Config rules and Config aggregators in all Regions where the resources exist. This expansion enhances your ability to discover, assess, audit, and remediate a wider range of resources.

Windows 11 23H2 Home and Pro reach end of support soon

⚠ Microsoft warned that devices running Windows 11 23H2 Home and Pro editions will stop receiving security updates after November 11, 2025. The November 2025 monthly security update will be the final update for those editions. Users should upgrade to Windows 11 24H2 or later to remain protected; note that some PCs may be prevented from upgrading by a safeguard for SenseShield code-obfuscation drivers.

Apple doubles top RCE bounty to $2M amid new MIE security

🔒 Apple has raised its top bounty for iOS zero‑click system‑level remote code execution from $1 million to $2 million, with additional bonuses for Lockdown Mode bypasses and beta‑stage reports that can push awards above $5 million. The change coincides with the rollout of Memory Integrity Enforcement in A19/A19 Pro chips, which leverages Arm's MTE/EMTE to harden memory safety. Apple will also provide 1,000 iPhone 17 devices to civil society members at risk.

AWS Client VPN Now Supports macOS Tahoe (26.0) Release

🔒 AWS Client VPN now supports macOS Tahoe (26.0) with client version 5.3.1. You can run the AWS-supplied VPN client on the latest macOS releases; desktop clients are provided free and can be downloaded from the AWS Client VPN download page. AWS Client VPN is a managed service that securely connects remote workers to AWS and on-premises networks and already supports macOS 13–15, Windows 10/11 (x64 and Arm64), and Ubuntu 22.04/24.04. This update helps organizations maintain secure remote access as endpoints upgrade to the latest macOS.

Chrome to revoke notification access for inactive sites

🔕 Google is updating Chrome to automatically revoke website notification permissions for sites that haven't been visited recently on both desktop and Android. The feature targets sites that send a high volume of notifications while receiving very low user engagement — Google found under 1% of alerts generate interactions. Chrome will notify users when a permission is removed and makes it easy to restore access via Safety Check or by revisiting the site and opting back in. Users who prefer to keep persistent notifications can disable the automatic revocation entirely.

Apple Raises Zero-Click Bug Bounty to $2M in Program

🔒 Apple has expanded and redesigned its bug bounty program, doubling the top reward to $2 million for zero-click remote compromise reports and enabling bonus payouts that can push awards above $5 million. The new payout tiers raise rewards across multiple attack categories and add a $1,000 encouragement award for low-impact findings. Apple broadened the wireless-proximity category to include C1/C1X and N1 chips and plans to distribute 1,000 secured iPhone 17 devices in 2026.

Google Cloud launches Network Security Learning Path

🔒 Google Cloud has launched a Network Security Learning Path culminating in the Designing Network Security in Google Cloud skill badge to help organizations secure dynamic cloud networks. The program covers design, build, and management of secure VPCs, GKE lockdown, NGFW rules, Cloud VPN/Interconnect, and Cloud Armor for WAF and DDoS protection. Learners validate skills through a hands-on break-fix challenge lab simulating incidents like firewall policy breaches and data exfiltration.

Amazon Aurora PostgreSQL Adds R8g Instances in New Regions

⚡ Amazon Aurora PostgreSQL now supports Graviton4-based R8g DB instances in AWS Canada (Central), Asia Pacific (Singapore), and Asia Pacific (Seoul). R8g offers larger sizes up to 48xlarge with an 8:1 memory-to-vCPU ratio and DDR5 memory, including new 24xlarge and 48xlarge options delivering up to 192 vCPUs, up to 50 Gbps networking, and up to 40 Gbps EBS bandwidth. AWS reports up to 40% performance and up to 29% price/performance improvements over Graviton3 equivalents, varying by engine, version, and workload. You can launch or upgrade instances through the Amazon RDS console or AWS CLI with a simple instance type modification.

Amazon Connect adds agent schedule adherence alerts

🔔 Amazon Connect now supports agent schedule adherence notifications, enabling supervisors to receive automated alerts by email or text (via EventBridge) when agents fall outside defined adherence thresholds. You can create rules—such as alerting when adherence drops below 85% in a trailing 15‑minute window—to notify supervisors proactively. These automated notifications remove the need for constant dashboard monitoring and help teams intervene before service levels decline.

Amazon Connect adds copy and bulk edit for agent scheduling

🔁 Amazon Connect now supports copy and bulk edit for agent scheduling configuration, making it faster to create and maintain schedules. Administrators can copy existing scheduling configurations—such as a weekday shift profile to create a weekend variant—or clone a full schedule from one agent to multiple new hires. Bulk edits allow selective updates to fields like time zone and start date without altering weekly working hours, reducing manager time spent on configuration and improving operational efficiency.

Navigating Public Sector Cybersecurity: AI and Zero Trust

🔒 As CSO for Google Public Sector, the post frames an urgency-driven approach to modern government security, emphasizing AI-powered threat detection, Zero Trust engineering, and a shared responsibility model. It highlights how Google Security Operations (FedRAMP High), fused threat intelligence from VirusTotal and Mandiant, and fast incident response strengthen mission continuity. The piece stresses that legacy defenses are insufficient against AI-enhanced adversaries and calls for proactive, intelligence-led modernization.

Copilot on Windows Adds Email Connectors and Office Export

🖥️ Microsoft has updated Copilot on Windows to let users link Outlook and Gmail accounts, plus Google Drive, Calendar, and Contacts, and to generate and export Office files directly from prompts. The change is rolling out to Windows Insiders via the Microsoft Store for devices running Copilot version 1.25095.161.0 or later and must be enabled manually in the app's Connectors settings. Responses longer than 600 characters now include an export button to save content as Word, PowerPoint, Excel, or PDF files. Microsoft asked testers to provide feedback from within the Copilot app.

How VMware Certification Helped Advance a Tech Career

🎓Certification gave Matt Heldstab a clear framework and the confidence to tackle complex virtualization and multi-cloud challenges. Preparing for VCP certifications and VMware Cloud Foundation exams taught him architecture best practices, troubleshooting patterns, and how to communicate effectively with leadership. Hands-on lab work and community engagement—especially through VMUG—accelerated his development and enabled him to lead projects and speak publicly. He frames certification as a mindset shift from reactive operator to strategic architect.

Google Launches AI Vulnerability Reward Program for AI

🔒 Google has launched an AI Vulnerability Reward Program (AI VRP) offering base rewards up to $20,000 and up to $30,000 with multipliers for validated AI-product bugs. The program moves AI-related reports from the Abuse VRP into a dedicated stream to simplify submissions and unify reward assessment. In-scope products include Search, Gemini apps and Workspace, and qualifying issues cover data exfiltration, phishing enablement and model theft. Content-focused prompt injections and jailbreaks remain out of scope and should be reported via in-product tools.

it-sa Highlights: Vendor Security and Access Solutions

🔒 At it-sa vendors unveiled a slate of security, privacy and access offerings aimed at strengthening enterprise controls. Salesforce expanded its AI Agentforce into the Security Center and Privacy Center to automate threat detection, incident remediation and compliance prioritization. Ivanti reengineered Connect Secure 25.x with a security‑by‑design architecture including SELinux, WAF, secure boot and disk encryption. Additional launches included Samsung Knox mobile credentials, KOBIL mPower and a Zurich/Deutsche Telekom cyber insurance plus MDR integration.

Amazon Neptune Analytics Launched in Two New Regions

🚀 Amazon has made Neptune Analytics available in the AWS Canada (Central) and Australia (Sydney) Regions, enabling local creation and management of analytics graphs. Neptune Analytics is a memory‑optimized graph engine that supports fast, in‑memory processing, a library of optimized analytic algorithms, low‑latency graph queries, and vector similarity search within traversals. You can ingest data from an Amazon Neptune Database, snapshots, or Amazon S3, and start via the AWS Console or CLI; consult the Neptune pricing page and AWS Region Table for costs and availability.

CrowdStrike Named Visionary in 2025 Gartner SIEM Placement

🔍 CrowdStrike Falcon Next‑Gen SIEM has been named a Visionary in the 2025 Gartner Magic Quadrant for Security Information and Event Management. The product is presented as an agentic SOC engine that combines AI-driven detections, real-time telemetry and a unified data foundation to accelerate detection and response. CrowdStrike cites metrics including 150x faster search, over 1PB/day ingestion and up to 80% cost savings, and highlights the acquisition of Onum to improve real-time pipelines and scale. New AI agents for workflow, data transformation, search analysis and correlation rule generation aim to simplify playbook creation, data prep and detection tuning.

Amazon EBS io2 Block Express Now Available in China Regions

🔔 Amazon EBS io2 Block Express is now available in AWS China (Beijing) Region, operated by Sinnet, and China (Ningxia) Region, operated by NWCD. The service delivers consistent sub-millisecond latency and 99.999% durability with single-volume limits of 256,000 IOPS, 4 GiB/s throughput, and up to 64 TiB capacity. Volumes support multi-attach within an Availability Zone with NVMe reservations for shared storage fencing. Existing io1 users can nondisruptively upgrade via the ModifyVolume API to gain higher performance, durability, and improved cost-efficiency.