All news in category "Vendor and Hyperscaler Watch"

Simplifying CISA’s Zero Trust Roadmap with Microsegmentation

🔒 CISA now frames microsegmentation as a foundational element of Zero Trust rather than a late-stage optimization, and modern solutions aim to remove historical deployment barriers. Zero Networks highlights agentless, automated, identity-aware, and MFA-enabled controls that speed policy creation and adaptation while minimizing disruption. The vendor cites industry research showing strong market growth, broad practitioner support, and substantial cost reductions compared with legacy segmentation approaches.

Microsoft Media Creation Tool Fails on Windows 11 ARM64

⚠️ Microsoft has confirmed that the Windows 11 Media Creation Tool (version 26100.6584), released on September 29, 2025, may not run on devices with Arm64 processors after the Windows 11 25H2 rollout. Affected users report an error that reads, "We're not sure what happened, but we're unable to run this tool on your PC," blocking creation of bootable installation media. Microsoft says the tool does not support creating media for Arm64 devices and that the normally available ability for Arm64 systems to produce x64 media is also failing. As a temporary workaround, Microsoft recommends using a PC with an AMD64 processor to create installation media while it investigates and prepares a fix.

Amazon CloudWatch Application Map Generally Available

🗺️ Amazon CloudWatch now provides an out-of-the-box Application Map that automatically discovers, groups, and visualizes services and dependencies across AWS accounts and regions. SRE and DevOps teams can apply dynamic grouping by teams, business units, or criticality to align views with operational responsibilities and accelerate troubleshooting. The map integrates with a contextual troubleshooting drawer that surfaces metrics, SLOs, health indicators, changes, and top observations, and users can pivot to application-specific dashboards for deeper investigation. This capability is available in all AWS commercial regions at no additional cost.

Amazon Bedrock Data Automation Adds Enhanced Transcription

🔊 Amazon Bedrock Data Automation (BDA) now offers enhanced transcription with speaker diarization and channel identification, letting developers separate and process individual speakers or channels in audio files. It also provides a guided, natural language blueprint workflow for extracting custom audio insights. These capabilities simplify reading and analysis of multi-party recordings—customer calls, telehealth visits, webinars, public-safety recordings, and meetings—and support subtitle creation, compliance monitoring, and productivity analysis. BDA is available in seven AWS Regions.

AWS API MCP Server v1.0.0 enables natural API control

🧭 The AWS API MCP Server v1.0.0 enables foundation models to interact with AWS APIs via natural language by generating and executing syntactically correct CLI commands. This release reduces startup time and removes local dependencies by converting the suggest_aws_command tool into a remote service, and adds streamable HTTP transport alongside stdio. Security and governance are strengthened with improved secure file system controls, better input validation, configurable denials, and options to require human oversight for mutating actions. Observability is improved through CloudWatch agent log collection, and an experimental get_execution_plan tool (enabled by EXPERIMENTAL_AGENT_SCRIPTS) offers prescriptive workflows; the server is available as a container and open-source on the AWS Labs GitHub repository.

Microsoft Agent Framework Brings Multi-Agent Tooling

🤖 The Microsoft Agent Framework is now in public preview inside Azure AI Foundry, offering an open-source SDK and runtime to simplify orchestration of multi-agent systems. Developers can prototype locally and deploy with built-in observability, durability, and compliance while integrating tools via OpenAPI, Agent2Agent (A2A), and the Model Context Protocol (MCP). Microsoft also previews stateful multi-agent workflows and has contributed multi-agent tracing standards to OpenTelemetry. Responsible AI controls and a generally available Voice Live API add governance and real-time voice capabilities for enterprise scenarios.

SageMaker Unified Studio adds SSO for Spark sessions

🔐 Amazon SageMaker Unified Studio now supports corporate identities for interactive Apache Spark sessions using AWS Identity Center trusted identity propagation. Data engineers and scientists can sign on to JupyterLab Spark sessions with organizational credentials while administrators apply fine-grained access controls and maintain end-to-end data access traceability. The integration leverages AWS Lake Formation, Amazon S3 Access Grants, and Amazon Redshift Data APIs, and includes comprehensive AWS CloudTrail logging for interactive and background sessions to streamline compliance.

AWS Knowledge MCP Server Now Generally Available Globally

🔎 The AWS Knowledge MCP Server is now generally available, giving AI agents and MCP-compatible clients access to authoritative AWS documentation, blog posts, What's New announcements, and Well-Architected guidance in an LLM-friendly format. The GA release also adds structured knowledge about regional API and CloudFormation resource availability. The server is publicly accessible at no cost and does not require an AWS account, though usage is rate-limited. Configure MCP clients to use the AWS Knowledge MCP Server endpoint to anchor agent responses in trusted AWS context and reduce manual context management.

Amazon Detective Adds AWS PrivateLink VPC Endpoint Support

🔒 Amazon Detective now supports VPC endpoints via AWS PrivateLink, allowing you to initiate Detective API calls from inside your VPC without Internet traversal. The capability is available in all AWS Regions where Detective is offered. Create a VPC endpoint through the VPC console, API, or SDK; this provisions an elastic network interface with a private IP in your chosen subnets as the entry point. Detective continues to ingest and correlate logs and findings to power investigations.

VirusTotal Crowdsourced AI Adds Exodia Labs for .CRX

🔍 VirusTotal has added Exodia Labs to its Crowdsourced AI lineup to provide automated analysis of Chrome extension (.CRX) files. The new contributor issues a clear verdict — benign, suspicious, or malicious — alongside a behavioral narrative to complement existing AI streams such as Code Insight. Exodia Labs results are indexed in VirusTotal Intelligence with dedicated search operators and surface in the web UI to help analysts rapidly triage extension-related threats.

AWS Cloud WAN Now Available Across AWS GovCloud Regions

🛰️ AWS has made AWS Cloud WAN available in AWS GovCloud (US-West) and AWS GovCloud (US-East) as of Oct 1, 2025. The service provides a central dashboard and policy-driven networking to create a global network that spans VPCs, Transit Gateways, and on-premises locations. It supports BGP-based global route exchange and connectivity via Site-to-Site VPN, Direct Connect, or third-party SD-WAN solutions. The dashboard offers consolidated visibility into network health, security, and performance to simplify operations.

CrowdStrike Fall 2025 Release: Agentic SOC & AI Security

🔒 CrowdStrike’s Fall 2025 release introduces the Falcon agentic security platform, redefining SOC operations by pairing analysts with AI agents that reason, act, and continuously learn. The release centers on the Enterprise Graph data layer and Charlotte AI AgentWorks for no-code agent creation, plus seven mission-ready agents and Threat AI for autonomous hunting and response. It also expands identity, data protection, patching, and MDR capabilities, integrates Pangea and Onum, and launches AI Detection and Response (AIDR) to secure AI workflows.

AWS DataSync Supports VPC Endpoint Policies and FIPS

🔒 AWS DataSync now supports VPC endpoint policies, enabling administrators to control access to DataSync API operations through VPC service endpoints, including FIPS 140-3 enabled endpoints. You can restrict specific actions such as CreateTask, StartTaskExecution, or ListAgents and combine these controls with identity-based and resource-based policies. The capability is available in all AWS Regions and helps strengthen security posture and compliance when accessing DataSync via VPC endpoints.

How CISOs Identify and Reject Poor Security Products

🔍 CISOs increasingly face a torrent of vendor pitches and must probe beyond marketing to find tools that genuinely improve security. Experienced security leaders recommend five core questions about business fit, operational impact, integration and maintenance, update cadence, and concrete use cases. They emphasize live demos and practitioner testing so teams can spot technical gaps and avoid products that merely add noise. Be wary of vague claims, fearmongering, buzzword-heavy pitches, or vendors who resist feedback.

Amazon SageMaker Managed MLflow Now in AWS GovCloud

🛡️ Amazon SageMaker managed MLflow is now available in both AWS GovCloud (US-West) and AWS GovCloud (US-East) regions. The managed service integrates MLflow experiment tracking with SageMaker capabilities, streamlining AI experimentation and accelerating GenAI development from idea to production. It provides end-to-end observability to help reduce time-to-market and simplify compliance and operational oversight for government workloads.

Windows 11 25H2 (2025 Update) Now Generally Available

ℹ️ Windows 11 25H2 (2025 Update) is now generally available. The minor release shares the same platform as 24H2 and is rolled out gradually, with devices on 24H2 updated via small enablement packages (<200 KB) while systems on 23H2 receive a full OS swap. Enterprise-focused changes include Wi‑Fi 7 support, improved vulnerability detection, and an optional Group Policy to remove select preinstalled Store apps. Microsoft also removed legacy tools such as PowerShell 2.0 and WMIC.

CloudWatch & OpenSearch Integrated Analytics Expands

📈 Amazon has expanded the CloudWatch and OpenSearch Service integrated analytics experience to five additional commercial regions: Asia Pacific (Osaka and Seoul), Europe (Milan and Spain), and US West (N. California). CloudWatch Logs customers can now query logs with SQL or OpenSearch PPL in addition to CloudWatch Logs Insights QL, including JOINs, subqueries, and rich JSON, mathematical, datetime and string functions. With a few clicks, users can create OpenSearch dashboards for VPC, WAF, and CloudTrail logs and analyze data in-place without copying logs or building ETL pipelines.

AWS Direct Connect opens MAD3 location in Madrid data center

🔌 AWS has opened a new AWS Direct Connect location at the Digital Realty MAD3 data center near Madrid, Spain. The site provides dedicated 10 Gbps and 100 Gbps connections with optional MACsec encryption and enables private network access to all public AWS Regions (except China), AWS GovCloud Regions, and AWS Local Zones. This is the third Direct Connect site in Madrid and the fourth in Spain, offering a lower-variance networking option compared with the public internet. It joins more than 146 Direct Connect locations worldwide, expanding options for colocations and hybrid deployments.

AWS Direct Connect 100G and 10G with MACsec in Bogota

🔌 AWS expanded 10 Gbps and 100 Gbps Direct Connect dedicated connections with MACsec encryption at the Equinix BG1 data center near Bogota, Colombia. Customers can now provision private, direct network access from this location to all public AWS Regions (except China), AWS GovCloud Regions, and AWS Local Zones. The enhancement delivers more consistent, lower-latency and encrypted connectivity for enterprises and partners in the region.

AI Forecasting and Conversational Analytics in BigQuery

🔎 Google added two BigQuery tools—ask_data_insights and BigQuery Forecast—to the MCP Toolbox and the Agent Development Kit (ADK) to enable conversational analytics and time-series predictions for agents. ask_data_insights uses the Conversational Analytics API to interpret plain-English questions, generate and run queries, and return summarised answers with a step‑by‑step log for transparency. BigQuery Forecast leverages BigQuery ML’s TimesFM model via AI.FORECAST so agents can run forecasting jobs directly inside BigQuery without separate ML infrastructure.