< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4606 articles · page 6 of 231

Amazon EKS adds Kubernetes version rollback support

🔧 Amazon Elastic Kubernetes Service (Amazon EKS) now supports Kubernetes minor version rollback, letting you revert to the prior minor version within 7 days if an upgrade causes issues. You can start a rollback via the Amazon EKS console, AWS CLI, or AWS SDKs, and EKS evaluates cluster rollback readiness with automated checks for API compatibility, version skew, add-on compatibility, and cluster health. For clusters using EKS Auto Mode, worker nodes are automatically managed during rollback to respect configured disruption controls, and the feature is available at no additional cost in all AWS Regions where EKS is offered.
read more →

Microsoft named a leader in Frost Radar for CARS

🔒 Microsoft highlights its recognition in Frost & Sullivan’s 2026 Frost Radar for Cloud/Application Runtime Security, emphasizing a shift from visibility to contextual risk reduction across cloud infrastructure, applications, APIs, and runtimes. The post explains how Microsoft Defender for Cloud integrated with Microsoft Defender XDR correlates posture, identity, data, and runtime signals to prioritize exploitable attack paths. It argues that unified platforms reduce alert fatigue, speed remediation, and enable continuous risk operations across development and runtime.
read more →

Claude Apps Gateway for Google Cloud announced

🔒 Anthropic’s Claude Apps Gateway is a self-hosted intermediary that centralizes identity, policy, telemetry, spend controls, and routing between local Claude Code clients and Google Cloud. It replaces per-developer credentials with OIDC-based sessions, enforces RBAC server-side via gateway.yaml, and attributes metrics to verified user sessions. Deploy as a stateless container on Cloud Run (or GKE) with Cloud SQL and Secret Manager for state and secrets.
read more →

Azure Chaos Studio Workspaces public preview

🧪 Azure Chaos Studio Workspaces is now in public preview, offering scenario-focused chaos engineering to validate application resilience. It provides curated outage scenarios (Zone Down, DNS Outage, SQL failover, etc.), a drag-and-drop Scenario Designer, and a managed Workspace that discovers resources and recommends applicable tests. Runs produce structured drill reports and integrations with GitHub Copilot and Model Context Protocol for automated workflows.
read more →

AWS Workload Credentials Provider: Role Chaining and Prefetch

🔒 This post explains how to use two enhancements to the AWS Workload Credentials Provider: role chaining for cross-account secret retrieval and prefetching to reduce cold-start latency. It covers configuration, required IAM permissions, SSRF token usage, and how to build and deploy the Rust-based provider across EC2, ECS, EKS, and Lambda. Examples show curl and Python calls, TOML configuration for max roles, and prefetch settings for individual secrets or tag-based discovery.
read more →

Amazon Managed Service for Prometheus gains FedRAMP High

🛡️ Amazon Managed Service for Prometheus is now authorized for FedRAMP High and DoD CC SRG IL-4 and IL-5 in the AWS GovCloud (US) Regions. The fully managed, Prometheus-compatible monitoring service supports high-cardinality workloads with automatic scaling of ingestion and storage. It integrates with AWS security services to provide secure access to telemetry and alerting for regulated federal and public sector environments. Customers with FedRAMP High or DoD IL-4/5 requirements can adopt the service with confidence.
read more →

AWS Security Agent expands to new regions

🛡️ AWS Security Agent (now part of AWS Continuum) is available in Asia Pacific (Mumbai), Asia Pacific (Singapore), and South America (São Paulo). Customers in these regions can access STRIDE-based threat modeling (preview), full-repo and PR-level code reviews (preview) across major source platforms, managed compliance packs, and custom security requirements. New IDE plugins and MCP integration enable triggering threat modeling, code reviews, and remediation from Kiro or Claude Code, while on-demand penetration testing and retesting provide validated findings and fixes; simulated validation remains only in US East (N. Virginia).
read more →

Context-Aware Polymorphic Schema Validation

🛠️ This post outlines an architecture using Google's ADK and Gemini Flash to replace static prompt-driven agents with a just-in-time, metadata-driven orchestration. It externalizes JSON schema descriptors to a Central Metadata Registry and employs a lightweight discovery prompt plus dynamic validation hooks (Cloud Run) to ensure deterministic, schema-compliant payloads. The pattern reduces context bloat, lowers token costs, and prevents attention diffusion in multi-agent workflows.
read more →

Agentic Internet: Bot Traffic and Content Market

🧭 Cloudflare reports a rapid shift toward an agent-driven Internet where AI training and mixed-use crawlers dominate. Publishers face falling referral traffic as over 50% of Internet traffic is now non-human, and AI companies increasingly ingest content without compensation. Cloudflare highlights tools and marketplace developments that restore publisher control, enable attribution, and support licensing between content owners and AI firms.
read more →

Cloudflare Expands AI Bot Controls and Taxonomy

🛡️ Cloudflare updates its bot management to distinguish between three AI use cases—Search, Agent, and Training—so site owners can better control access and compensation for their content. The company will change defaults on September 15, 2026, blocking Training and Agent bots on ad-bearing pages while leaving Search allowed. Cloudflare also launched BotBase, a searchable directory of tracked bots, and added a new content-use signal for robots.txt to express preferences like use=reference.
read more →

Cloudflare Proposes New Economics for AI Search

🔍 Cloudflare outlines initiatives to make AI-driven search more efficient and to compensate creators fairly. The company will launch a research program using network signals to surface fresher, higher-quality content and reduce unnecessary crawling. It is also evolving Pay Per Crawl toward Pay Per Use, experimenting with partners like Ceramic.ai and You.com to enable pay-per-query and other payment models.
read more →

Cloudflare Monetization Gateway and x402 Payments

🔒 Cloudflare announced the Monetization Gateway, a control plane to charge for any asset protected by Cloudflare — web pages, APIs, datasets, or MCP tools — and to enforce payments at the edge. At launch payments will settle in stablecoins over the open x402 protocol, enabling micropayments and sub-second settlement. The Gateway moves metering and payment verification off your origin while preserving your pricing and rules.
read more →

Microsoft restores GIFs in Windows Emoji Panel

🛠️ Microsoft has restored GIF functionality in the Windows Emoji Panel after Tenor retired its API on June 30, causing GIF options to show as 'GIF service is not available' for some users. The company switched the provider to GIPHY in the preview KB5095093 cumulative update for Windows 11 24H2/25H2/26H1 released on June 23. Users can install the optional update via Settings > Windows Update or the Microsoft Update Catalog. Microsoft is still working on fixes for Windows 11 23H2 and Windows Server 2025.
read more →

Microsoft Accelerates Move to Post‑Quantum Cryptography

🔒 Microsoft announced an acceleration of its Quantum Safe Program to transition critical products and services to post‑quantum cryptography by 2029. The company plans to integrate PQC requirements into its Secure Future Initiative and emphasize crypto‑agility, TLS 1.3 adoption, and protection of trust chains such as code signing and certificates. Microsoft urged organizations to begin migration now due to advances in quantum research and rising risk of 'harvest now, decrypt later.'
read more →

Martin Lee on Threat Research and Career Transition

🧭 In this Humans of Talos feature, Martin Lee, EMEA Lead at Talos, discusses his journey from studying human viruses to leading cybersecurity efforts. He explains how early exposure to the internet prompted a career shift from academia to threat research and how his role now focuses on externalizing the evolving threat landscape to partners and customers. Martin also highlights using a sociological lens to assess organizational resilience and offers career advice about visibility, curiosity, and diverse experiences.
read more →

Microsoft Expedites Transition to Post‑Quantum Cryptography

🔒 Microsoft says it is accelerating its move to post-quantum cryptography, citing advances in quantum R&D and a shifting "risk horizon." CTO Mark Russinovich announced a goal to migrate critical products and services to PQC by 2029, and linked the work to its Microsoft Quantum Safe Program and Secure Future Initiative. The company outlined three pillars—upgrading network cryptography to TLS 1.3, building crypto-agility for data at rest, and modernizing crypto trust chains—and provided practical steps for organizations to begin their PQC transition.
read more →

Amazon RDS for Db2 adds self-managed Active Directory support

🔒 Amazon RDS for Db2 now lets customers join DB instances directly to self-managed Microsoft Active Directory domains, whether on-premises, in AWS, or in another cloud. Using Kerberos for authentication, this enables single sign-on and allows customers to authenticate and authorize database users without deploying AWS Managed Microsoft AD or creating a domain trust. Domain join is available when creating or modifying instances using a delegated AD service account stored in AWS Secrets Manager and encrypted with AWS KMS, and the feature is generally available in all Regions where RDS for Db2 is offered, including GovCloud.
read more →

Scaling LLM inference with Managed Lustre offload

📘 Enterprise LLM deployments face KV cache growth that can exceed node RAM and local SSD capacity. Google Cloud demonstrates using Managed Lustre as a shared, high-performance external KV cache tier integrated with vLLM and the llm-d offloading stack to bypass host-level limits and simplify cross-node data management. Benchmarks with Llama-3.3-70B on a six-node A3 Mega cluster show over 50% TCO savings and nearly 60% reduction in GPU-hour usage by achieving a 95% cache hit rate. The guide includes architecture, deployment steps, PVC evictor behavior, and validated tracks for Qwen and Gemma models.
read more →

Cloudflare launches Attribution Business Insights dashboard

📊 Cloudflare introduces the Attribution Business Insights dashboard to help publishers and business leaders distinguish valuable human referrals from extractive AI crawler traffic. The dashboard provides site-wide and per-operator crawl-to-referral ratios, top bot breakdowns, and updated crawler classifications like Training, Search, and Agent. Available to Cloudflare Bot Management customers, it centralizes visibility so decision-makers can evaluate impact before acting via existing security rules.
read more →

Amazon OpenSearch launches log analytics engine

🔍 Amazon OpenSearch Service introduces a new engine optimized for log analytics that combines faster analytical queries with full-text search. The engine delivers up to 4x better price-performance on internal benchmarks, up to 70% lower storage using columnar storage, 2x higher ingestion throughput, and 2x faster analytical queries. It supports OpenSearch 3.5+, PPL and SQL queries, JDBC/ODBC drivers, and mixed full-text plus analytical predicates. The capability is available across 12 global AWS regions with no additional engine charges.
read more →