All news in category "Vendor and Hyperscaler Watch"

Three-Part Framework to Measure AI Value and Impact

🚀 This Cloud blog post from Google Cloud Consulting presents a practical three-part framework to quantify the business value of AI initiatives. It asks teams to define success across four value-driver categories, transparently specify Total Cost of Ownership (TCO), and state an explicit ROI. A worked example — an e-commerce customer-service chatbot — shows quantified monthly benefits versus estimated managed-service costs, demonstrating rapid payback and sustained positive cash flow.

Google Cloud Professional SecOps Engineer Certification

🔐 Google Cloud has launched the Professional Security Operations Engineer (PSOE) certification to validate hands‑on skills for detecting, investigating, and responding to cloud threats. The exam focuses on practical use of Google Security Operations, Security Command Center, and threat intelligence across domains such as detection engineering, incident response, and threat hunting. Google recommends candidates have ~three years in security with at least one year of Google Cloud security tooling experience, and provides online training, hands‑on labs, and an official exam guide to prepare.

Resilient Networking with Google Cloud Network Connectivity

🛡️ Google Cloud's Network Connectivity Center provides a centralized, hub-and-spoke model to simplify and scale enterprise connectivity across VPCs, on-premises data centers, and other clouds. Architected with distinct management, control, and data planes, it employs a fail-static design so existing traffic continues during control-plane issues. The service supports up to 250 VPC spokes per hub and reduces operational overhead by automating full-mesh connectivity.

Amazon ECS adds Amazon Q Developer task definition AI

🤖 Amazon ECS now offers generative AI assistance from Amazon Q Developer to streamline task definition creation and updates in the AWS Management Console. Developers can use an inline chat to generate, explain, or refactor task definition JSON, inject suggestions at any point, and accept or reject proposed edits. Inline suggestions are enhanced to let Amazon Q Developer autocomplete whole blocks of sample code in addition to property-based hints. The capability is available where Amazon Q Developer is offered and can be enabled or disabled via the console code editor settings or controlled with IAM permissions.

Browser Extension Management: Enterprise Buyer's Guide

🔒 Browser extensions present a significant, often unmonitored enterprise risk: they can run privileged code, inject scripts into web apps, access cookies and local storage, and persist via background processes. Keep Aware offers a Buyer’s Guide to Browser Extension Management that outlines these technical attack surfaces and illustrates how to reduce exposure. The guide compares common controls — GPO/MDM, EDR, enterprise browsers — with purpose-built browser security extensions to show trade-offs between visibility, enforcement, and user experience.

AWS CloudWatch OAM Adds VPC Endpoints for Private Traffic

🔒 AWS now offers VPC endpoints for Amazon CloudWatch Observability Access Manager (OAM), enabling private, in-region connectivity between your VPCs and CloudWatch OAM without traversing the public internet. The endpoints support both IPv4 and IPv6 and leverage AWS PrivateLink controls such as security groups and VPC endpoint policies. Available in all commercial regions, AWS GovCloud (US), and China Regions, this lets teams manage cross-account observability links and sinks from VPCs that have no internet access.

Translating Cyber Risk for Boards: CISOs' Essentials

🔐 Security leaders often struggle to show boards how cyber risk affects revenue, governance and growth. The sponsored course Risk Reporting to the Board for Modern CISOs was created to teach practical skills for framing risk in business terms: concise dashboards, high-impact presentations, and building financial and strategic business cases. It also introduces Continuous Threat Exposure Management as a forward-looking reporting model.

Managed Service for Prometheus: Collector Logs GA Now

🔍The Amazon Managed Service for Prometheus collector — an agentless, fully managed Prometheus metrics collector — now vends logs to Amazon CloudWatch Logs, improving visibility into target discovery, authentication, scraping, and ingestion. These logs surface details such as timeouts, remote-write failures, and other errors to aid troubleshooting. The feature is generally available in all regions where the service is offered; review CloudWatch logs pricing and the collector monitoring user guide to get started.

Amazon EventBridge API Destinations Reach Melbourne Thailand

🔔 Amazon EventBridge now provides its API destinations capability in the AWS Asia Pacific (Melbourne) and AWS Asia Pacific (Thailand) Regions. API destinations allow event buses to invoke HTTPS endpoints as rule targets and support flexible authentication methods such as API key and OAuth, while storing credentials securely in AWS Secrets Manager. This expansion reduces call latency for local workloads and simplifies secure, managed integrations. To get started, consult the EventBridge documentation for configuration guidance.

AWS Adds LocalStack Integration to VS Code Toolkit Extension

🧰 AWS has added a LocalStack integration for Visual Studio Code that enables developers to test and debug serverless applications locally from the IDE. The integration connects VS Code to a LocalStack-emulated environment without manual port configuration or code changes, exposing emulated services such as AWS Lambda, Amazon SQS, Amazon API Gateway, and DynamoDB. Available through the AWS Toolkit for VS Code (v3.74.0+), a guided walkthrough installs the LocalStack CLI, creates a LocalStack profile, and lets developers switch profiles and deploy to the LocalStack environment at no additional AWS cost.

Falcon Complete Hub Unifies MDR Visibility and Action

🛡️ Falcon Complete Hub delivers a unified interface inside the Falcon platform that consolidates Falcon Complete Next‑Gen MDR activities, escalations and expert guidance into a single operational view. It prioritizes critical actions, provides step‑by‑step remediation links and centralizes subscription status, announcements and knowledge resources to reduce decision latency. Backed by a 37‑minute mean time to respond and a four‑minute mean time to detect, the Hub converts MDR visibility into clear operational tasks and faster response.

Amazon Athena adds SSO support for JDBC and ODBC drivers

🔐 Amazon Athena now supports single sign-on for its JDBC and ODBC drivers using AWS IAM Identity Center’s trusted identity propagation. With updated drivers (JDBC 3.6.0 and ODBC 2.0.5.0), analysts can connect from third‑party BI tools and SQL clients using corporate credentials while Lake Formation permissions are enforced and actions are logged. This removes the need for embedded credentials, simplifies identity‑based data governance, and streamlines access management across tools.

Security Services Available in AWS Dedicated Local Zones

🛡️ This post explains how organizations can use AWS security services while keeping data within Dedicated Local Zones. It describes the AWS Nitro System for hardware-enforced isolation, AWS KMS with an external key store option, and continuous protection from Amazon Inspector and GuardDuty. It also covers certificate management via ACM, DDoS mitigation with AWS Shield, and centralized auditing through CloudTrail.

Microsoft Waives Publishing Fees for Windows Store

🎉 Microsoft announced that, starting today, individual Windows developers can publish applications to the Microsoft Store without paying registration fees. The policy covers Win32 (including .NET WPF and WinForms), UWP, PWA, .NET MAUI, and Electron apps; Microsoft will host MSIX-packaged binaries, sign apps for free, and pay for distribution so developers don't need their own CDN. Developers of non-gaming apps may also implement their own in-app payment systems and retain all revenue. To publish, creators sign in with a personal Microsoft account and must verify identity with a government ID and a selfie; no credit card is required.

AWS CDK Refactor (Preview) Enables Safe Infra Reorg

🔁 The AWS Cloud Development Kit (CDK) CLI introduces cdk refactor (Preview), a new command that enables safe renaming, moving, and reorganization of constructs while preserving the state of deployed resources. It leverages CloudFormation refactor capabilities and automated mapping computation to prevent unintended resource replacement during code changes. Typical use cases include breaking up monolithic stacks, moving resources between stacks, and upgrading to higher-level constructs. The feature is available in all regions where AWS CDK is supported.

Disaggregated AI Inference with NVIDIA Dynamo on GKE

⚡ This post announces a reproducible recipe to deploy NVIDIA Dynamo for disaggregated LLM inference on Google Cloud’s AI Hypercomputer using Google Kubernetes Engine, vLLM, and A3 Ultra (H200) GPUs. The recipe separates prefill and decode phases across dedicated GPU pools to reduce contention and lower latency. It includes single-node and multi-node examples and step-by-step deployment actions. The repository provides configuration guidance and future plans for broader GPU and engine support.

Amazon IVS Adds Private Ingest via Interface VPC Endpoints

🔒 Amazon Interactive Video Service (Amazon IVS) now supports media ingest via interface VPC endpoints using AWS PrivateLink. This lets customers broadcast RTMP(S) streams privately to IVS Low-Latency channels and IVS Real-Time stages without traversing the public internet. Interface VPC endpoints can be created from within your VPC or from on-premises environments over AWS Direct Connect, providing private and reliable connectivity for live video workflows. The feature is available in US West (Oregon), Europe (Frankfurt), and Europe (Ireland); standard PrivateLink pricing applies.

AWS IoT SiteWise adds automated anomaly model retraining

🔁 AWS announced native anomaly detection enhancements for AWS IoT SiteWise, including automated model retraining, flexible promotion modes, and exposed model metrics. Retraining can be scheduled between 30 days and one year to keep models current with changing equipment conditions. Customers can choose automatic service-managed promotion or manual customer-managed promotion using exposed metrics such as precision, recall, and AUC. Multivariate detection is available in N. Virginia, Ireland, and Sydney.

GKE Inference Gateway and Quickstart Achieve GA Status

🚀 GKE Inference Gateway and GKE Inference Quickstart are now generally available, bringing production-ready inferencing features built on AI Hypercomputer. New capabilities include prefix-aware load balancing, disaggregated serving, vLLM support on TPUs and Ironwood TPUs, and model streaming with Anywhere Cache to cut model load times. These features target faster time-to-first-token and time-per-output-token, higher throughput, and lower inference costs, while Quickstart offers data-driven accelerator and configuration recommendations.

Google Central Fleet: Carbon-Aware Data Center Model

🔁 Google describes its Central Fleet program as a centralized, fungible pool of compute, memory, and storage that replaces team-level machine procurement. Teams request intent-based quotas rather than specific servers, and the fleet uses software-level orchestration via Borg to allocate and reallocate resources dynamically. Google reports that in 2024 the program avoided procurement with an embodied impact of roughly 260,000 metric tons CO2e, highlighting reductions in e-waste, embodied carbon, and improved energy efficiency while promoting a circular-economy approach.