All news in category "Vendor and Hyperscaler Watch"

Conversational Commerce Agent on Vertex AI Released

🛒 Google Cloud announced general availability of the Conversational Commerce agent on Vertex AI, a shopping-focused conversational assistant designed to guide customers from intent to purchase. The agent uses Gemini to interpret complex queries, supports context retention across sessions and devices, and offers administrative controls to boost, bury, or restrict products. Albertsons Cos. reports increased basket size in early use. Onboarding is presented as quick with minimal development effort via the Vertex AI console.

Pixel 10 Adds C2PA Content Credentials and Trusted Imaging

📷 Google announced Pixel 10 phones will embed C2PA Content Credentials in every photo captured by the native Pixel Camera and display verification in Google Photos. The Pixel Camera app achieved Assurance Level 2 by combining Tensor G5, the certified Titan M2 security chip, and Android hardware-backed attestation. A privacy-first model uses anonymous enrollment, a strict no-logging policy, and a one-time certificate-per-image strategy to prevent linking. Pixel 10 also supports an on-device trusted timestamping mechanism so credentials remain verifiable offline.

Amazon Bedrock AgentCore Gateway gains PrivateLink, logs

🔒 AWS announced that Amazon Bedrock AgentCore Gateway now supports AWS PrivateLink for private VPC access and adds invocation logging to Amazon CloudWatch, Amazon S3, and Amazon Data Firehose. These updates allow agent traffic to avoid the public internet while sending per-invocation logs to common observability and storage services. The combination improves network isolation, governance, and operational visibility. AgentCore Gateway is currently in preview in US East (N. Virginia), US West (Oregon), Asia Pacific (Sydney), and Europe (Frankfurt).

Agent Integration with Open Standards: MCP and A2A

🔗 Azure's Agent Factory blog emphasizes that interoperability is the key to moving agentic AI from isolated prototypes to enterprise-scale solutions. The post promotes open standards like Model Context Protocol (MCP) and Agent2Agent (A2A) to enable shared context, reusable tools, and cross-framework collaboration across runtimes such as Semantic Kernel. It explains how Azure AI Foundry combines these protocols with thousands of connectors, unified observability, and governance so agents can act across SaaS, legacy systems, and custom APIs without costly rewrites.

AWS CloudTrail MCP Server Adds Natural-Language Security

🔒 AWS Labs published a Model Context Protocol (MCP) server for CloudTrail that enables AI assistants to perform security and compliance analysis via natural‑language queries. The server provides direct access to CloudTrail events and CloudTrail Lake, allowing searches of 90‑day management event histories and Trino SQL queries on Lake data spanning up to 10 years. By exposing these capabilities through a conversational interface, the MCP server removes the need for bespoke API integrations and streamlines investigation and compliance workflows. The component is available in regions that support CloudTrail LookupEvents or CloudTrail Lake and is available with code and documentation in the AWS Labs repository.

Gemini CLI Extensions: Security and Cloud Run Tools

🚀 Google is previewing two Gemini CLI extensions that bring security analysis and Cloud Run deployment directly into your terminal. The security extension introduces /security:analyze to scan local git diffs for issues such as hardcoded secrets, injection flaws, broken access control, and insecure data handling, and returns clear remediation guidance or optional fixes. The Cloud Run extension adds /deploy, a one-command flow to build, containerize, push, and configure services on Cloud Run, returning a public URL and supporting terminal, VS Code agent mode, and Cloud Shell.

Apple adds Memory Integrity Enforcement to iPhone 17

🔒 Apple introduced Memory Integrity Enforcement (MIE) on the new iPhone 17 and iPhone Air, implemented in the A19 and A19 Pro chips to deliver always-on memory safety across the kernel and more than 70 userland processes. MIE combines secure memory allocators, an enhanced synchronous Memory Tagging system called EMTE, and Tag Confidentiality Enforcement (TCE) to detect and block buffer overflows and use-after-free bugs. Apple says the design preserves performance while hardening devices against targeted mercenary spyware and exploitation of memory-corruption vulnerabilities.

Time-Saving Guide for Automating MSP and MSSP Workflows

🔧 This guide explains how managed service providers (MSPs) and managed security service providers (MSSPs) can use automation and AI to cut manual effort, improve consistency, and scale services. It highlights five high-impact use cases—risk assessments, policy generation, compliance tracking, remediation planning, and progress reporting—and shows how platforms like Cynomi's vCISO Platform can reduce workloads by up to 70%. Practical steps for piloting, training, and measuring ROI complete the roadmap.

AWS Elastic Beanstalk Adds IPv6 Dual-Stack Load Balancers

🌐 AWS Elastic Beanstalk now supports dual-stack configuration for Application Load Balancers (ALB) and Network Load Balancers (NLB). By setting the IpAddressType option to dualstack, Elastic Beanstalk automatically configures your load balancer to serve both IPv4 and IPv6 and creates corresponding A and AAAA DNS records. Existing IPv4 environments can be upgraded to dual-stack or reverted back as needed. The feature is available in all AWS regions that support Elastic Beanstalk and ALB/NLB and simplifies deployment to IPv6-only networks while retaining IPv4 compatibility.

AWS Backup adds option to exclude ACLs and ObjectTags

🔒 AWS Backup now lets you choose whether to include Access Control Lists (ACLs) and ObjectTags when backing up Amazon S3 buckets. Previously, these metadata elements were included for all objects by default; the new option lets administrators include only the metadata required for their recovery or compliance needs. This capability is available in all Regions where AWS Backup for Amazon S3 is offered; review pricing and regional availability on the AWS Backup pricing page.

Amazon Managed Service for Prometheus Now in GovCloud

🔔 Amazon Managed Service for Prometheus is now available in the AWS GovCloud (US) Regions, providing a fully managed, Prometheus-compatible monitoring solution for government and regulated workloads. The service supports high-scale ingestion—customers can send up to 1 billion active metrics to a single workspace—and allows multiple workspaces per account for isolation and organization. It simplifies metric storage, querying, and alerting while reducing operational overhead. Customers should consult the user guide for the full list of supported regions.

CloudWatch Flow Monitors Extend Cross-Region Visibility

🔍 With this update, Amazon CloudWatch Network Monitoring flow monitors can observe traffic between AWS Regions over the AWS global network. Flow monitors deliver near real-time metrics for compute instances such as Amazon EC2 and Amazon EKS, and for services like Amazon S3 and Amazon DynamoDB, to help detect and attribute network-driven impairments. The network health indicator now captures cross-Region path health including visibility into remote public IPs and private traffic over VPC and Transit Gateway peering.

AWS HealthImaging Adds OIDC for DICOMweb APIs Integration

🔐 AWS HealthImaging now supports OpenID Connect (OIDC) authentication for DICOMweb REST APIs, enabling OAuth 2.0–compatible identity providers to issue JWTs to authorize requests. You can integrate existing IdPs such as Amazon Cognito, Okta, or Auth0 to manage user accounts and access to DICOM resources. OIDC support is limited to DICOMweb REST API requests while native AWS IAM authentication remains available for all API calls and the feature is available in all regions where HealthImaging is generally available.

Amazon EC2 I8g Storage-Optimized Instances in Ohio

🚀 Amazon Web Services has announced general availability of Amazon EC2 I8g storage-optimized instances in the US East (Ohio) region. Powered by AWS Graviton4 processors and third-generation Nitro SSDs, I8g delivers up to 60% better compute and up to 65% improved real-time storage performance per TB, with lower I/O latency and variability. Built on the AWS Nitro System, these instances target I/O-intensive, low-latency workloads such as transactional databases, real-time analytics and AI pre-processing. Ten sizes, including a metal option, provide up to 45 TB local NVMe storage and high network and EBS bandwidth.

Amazon EC2 C6in Instances Now in Asia Pacific (Thailand)

🚀 Starting today, Amazon EC2 C6in instances are available in AWS Region Asia Pacific (Thailand). These sixth-generation, network-optimized instances use 3rd Gen Intel Xeon Scalable processors and the AWS Nitro System to deliver up to 200 Gbps of network bandwidth—about 2x the bandwidth of comparable fifth-generation instances. C6in offers up to 128 vCPUs across 10 sizes (including a bare metal option), up to 100 Gbps of EBS bandwidth, and up to 400K IOPS, with Elastic Fabric Adapter (EFA) supported on 32xlarge and metal sizes.

AWS Fault Injection Service launches in Zurich Region

🧪 AWS announced that Fault Injection Service (FIS) is now available in the Europe (Zurich) Region. FIS is a fully managed service for running controlled fault injection experiments to validate application performance, observability, and resilience under scenarios such as AZ power interruptions and cross-region connectivity failures. Customers can create reusable experiment templates, integrate them into CI/CD pipelines, and generate detailed experiment reports stored in Amazon S3 for audit and compliance needs. This launch expands FIS to 24 regions globally.

Google Cloud launches no-cost multicloud data transfer

🔁 Google Cloud has introduced Data Transfer Essentials, a no-cost service for EU and U.K. customers to move multicloud data between Google Cloud and other providers. Designed for in-parallel processing across multiple clouds, qualifying multicloud traffic is metered separately and billed at a zero charge while other traffic remains billed at existing Network Service Tier rates. Customers can opt in via a configuration guide to specify which traffic qualifies.

Inside Black Hat's NOC: Zero-Hour Security Operations

🛡️ At Black Hat, Palo Alto Networks' NOC operates a zero-hour defense model that protects critical infrastructure while enabling controlled exploit training. Engineers from Cortex and Unit 42 collaborate with partners like Corelight to develop rapid detections, deploy contextual rules on PA-5430 firewalls, and automate responses via Cortex XSIAM. The environment balances visibility, segmentation and automated enforcement to stop external threats without disrupting sanctioned exercises.

TwelveLabs Marengo 2.7 Embeddings Now Synchronous in Bedrock

⚡ Amazon Bedrock now supports synchronous inference for TwelveLabs Marengo Embed 2.7, delivering low-latency text and image embeddings directly in API responses. Previously optimized for asynchronous processing of large video, audio, and image files, Marengo 2.7’s new mode enables responsive search and retrieval features—such as instant natural-language video search and image similarity discovery—while retaining advanced video understanding via asynchronous workflows.

Google Cloud Releases Official Rust SDK for Developers

🚀 Google Cloud has released an official Rust SDK that provides idiomatic, supported access to more than 140 Google Cloud APIs. The SDK includes built-in authentication (ADC, OAuth2, API Keys, service accounts, and upcoming Workload Identity Federation), documentation, and code samples to streamline development. It targets high-performance backends, secure data processing, and real-time analytics, and the project is available on crates.io and GitHub for feedback and contributions.