All news in category "Vendor and Hyperscaler Watch"

Code Mode: Using MCP with Generated TypeScript APIs

🧩 Cloudflare introduces Code Mode, a new approach that converts Model Context Protocol (MCP) tool schemas into a generated TypeScript API so LLMs write code instead of emitting synthetic tool-call tokens. This lets models leverage broad exposure to real-world TypeScript, improving correctness when selecting and composing many or complex tools. Code Mode executes the generated code inside fast, sandboxed Cloudflare Workers isolates that expose only typed bindings to authorized MCP servers, preserving MCP's uniform authorization and discovery while reducing token overhead and orchestration latency.

Eliminating Cold Starts 2: Shard and Conquer Globally

🧊 Cloudflare describes a new Worker sharding technique that uses a consistent hash ring to route requests to existing Worker instances across a data center, reducing cold starts. The approach trades a sub-millisecond proxy hop for far fewer expensive cold starts, improving memory efficiency and latency. The system leverages Cap'n Proto RPC to implement optimistic forwarding, lazy capabilities, and seamless context transfer for nested Worker invocations.

Radar: regional traffic views and Certificate Transparency

🌐 Cloudflare Radar now offers regional traffic insights and expanded Certificate Transparency data to provide more granular, localized visibility into Internet health and trust. Regional views break traffic down by first-order administrative divisions (ADM1), showing bytes, requests, device (mobile/desktop) and bot/human splits, and can be joined with ASN filters in the Data Explorer. The CT dashboard, built on prior Merkle Town work, surfaces certificate volumes, CA and log-level metrics, issuance trends, signature and key algorithm distributions, and richer domain certificate details accessible via the Radar UI and API.

Okta Launches Identity Security Fabric for AI Agents

🔒 Okta introduced an Identity Security Fabric to secure AI agents and unify identity, application, and agent management across enterprises. The platform combines AI agent lifecycle management, a Cross App Access protocol, and Verifiable Digital Credentials (VDC) to enforce least privilege, discover and monitor agents, and replace fragmented point solutions. Early access features begin in fiscal 2027.

AWS EBS gp3 volumes scale to 64 TiB, 80k IOPS, 2,000 MiB/s

🔧 Amazon Elastic Block Store (EBS) gp3 volumes now support up to 64 TiB, 80,000 IOPS, and 2,000 MiB/s throughput — raising previous limits of 16 TiB, 16,000 IOPS, and 1,000 MiB/s. This change simplifies storage architectures by allowing consolidation of striped volumes into a single gp3 volume, reducing operational complexity for storage-intensive and containerized workloads that struggle with multi-volume striping. Pricing remains based on storage plus any additional provisioned IOPS and throughput; the new limits are available in all AWS Commercial and GovCloud (US) regions.

Amazon RDS for Db2 Adds Reserved Instances, 47% Off

💰 Amazon RDS for Db2 now offers Reserved Instances with up to 47% cost savings versus On-Demand pricing. The offering is available for all supported instance types and supports both Bring Your Own License (BYOL) and Db2 licenses purchased through the AWS Marketplace. Reserved Instances include size flexibility so the discounted rate can automatically apply across sizes within the same instance family (for example, a db.r7i.2xlarge RI applying to two db.r7i.xlarge instances). Reserved Instances can be purchased via the AWS Management Console, AWS CLI, or AWS SDK; consult Amazon RDS for Db2 Pricing for details.

AWS Compute Optimizer Adds Support for 99 EC2 Types

🔍Compute Optimizer now supports 99 additional Amazon EC2 instance types, including the latest Compute Optimized (C8gn, C8gd), General Purpose (M8i, M8i-flex, M8gd), Memory Optimized (R8i, R8i-flex, R8gd), and Storage Optimized (I8ge) families. This expansion helps customers identify additional savings and capture improved price-to-performance from newer instances without manual analysis. The update is available in all regions where Compute Optimizer operates except AWS GovCloud (US) and China, and can be accessed via Console, AWS CLI, or AWS SDK.

AWS WAF Bot, Fraud & DDoS Rule Group Expands Regions

🔒 AWS WAF's Targeted Bot Control, Fraud, and DDoS Prevention Rule Group are now available in Asia Pacific (Taipei), Asia Pacific (Bangkok), and Mexico (Central). These managed rule groups deliver detection and mitigations for sophisticated bots, application-layer DDoS, and account-takeover attacks at the web edge. Customers can deploy them to improve application resilience, reduce fraudulent activity, and limit resource consumption during attack campaigns.

Cloudflare Uses Massive Data to Boost Global Network

⚡ Cloudflare is leveraging telemetry from its vast Free Plan and global edge to refine congestion control and improve routing across its network. By combining passive connection logs, Real User Measurement (RUM) and cross-network models, the team evaluates multiple algorithms beyond classic loss-based and BBR approaches. A migration to a Rust-based stack enables faster experimentation and parameter tuning; early QUIC tests show up to 10% performance gains. Cloudflare plans staged rollouts through 2026 and offers enterprise early access.

Cloudflare Uses Global Performance Data to Reduce Congestion

🔍 Cloudflare explains how it leverages the world’s largest performance dataset, combining passive transport logs with Real User Measurement (RUM), to refine congestion control across its global network. Using a new Rust-based stack and experimentation framework, the company evaluates multiple algorithms (including BBR) to predict user experience from passive signals and validate with RUM. Early tests on free-tier QUIC traffic show roughly 10% average improvement versus the prior baseline, with staged rollouts and an early-access program planned for enterprises.

Amazon MSK Expands Express Brokers to 8 Additional Regions

🚀 Amazon Managed Streaming for Apache Kafka (Amazon MSK) now supports Express brokers in eight additional AWS Regions: AWS GovCloud (US-West), AWS GovCloud (US-East), Jakarta, Melbourne, Osaka, Zurich, Tel Aviv, and Hong Kong. Express brokers are a Provisioned broker type that deliver up to 3x more throughput per broker, scale up to 20x faster, and reduce recovery time by 90% versus standard Apache Kafka brokers. They arrive pre-configured with Kafka best practices, support all Kafka APIs, and maintain low-latency performance so existing client applications require no changes.

AgentCore Supports VPC, PrivateLink, CloudFormation

🔒 Amazon Web Services announced that Amazon Bedrock AgentCore Runtime, AgentCore Browser, and AgentCore Code Interpreter now support VPC connectivity, AWS PrivateLink, CloudFormation, and resource tagging. These additions let developers deploy AI agents that access private resources such as databases and internal APIs without internet exposure. CloudFormation integration enables infrastructure-as-code provisioning, while tagging provides cost allocation and access-control organization. AgentCore is in preview in US East (N. Virginia), US West (Oregon), Asia Pacific (Sydney), and Europe (Frankfurt).

CSA launches SaaS Security Capability Framework (SSCF)

🔒 The Cloud Security Alliance has published the SaaS Security Capability Framework (SSCF), a standardized set of customer-facing security controls designed to reduce long-standing gaps in third-party risk management. SSCF defines minimum technical capabilities across six domains — including identity and access, data lifecycle, logging, and incident management — that vendors should expose under the Shared Responsibility Model. The framework is intended to add transparency and consistency to SaaS security, complementing business-focused standards such as ISO 27001, and aims to evolve into practical implementation guidance, auditing criteria, and a certification scheme.

AWS Research and Engineering Studio 2025.09 Update

🧪 Research and Engineering Studio (RES) 2025.09 on AWS delivers fractional GPU support, simplified AMI handling, and greater deployment flexibility for research and engineering teams. The update adds support for Amazon EC2 g6f instances to enable GPU fractionalization, Systems Manager Parameter Alias support for AMI IDs to streamline image management, and optional integration with existing Amazon Cognito user pools to simplify authentication during deployment. Administrators can now customize CIDR ranges in the CloudFormation external resources template, and regional availability expands to Asia Pacific (Osaka), Asia Pacific (Jakarta), Middle East (UAE), and South America (São Paulo).

Amazon EC2 I7i Instances Now in Milan and N. California

🚀 Amazon EC2 I7i instances are now available in AWS Europe (Milan) and AWS US West (N. California). Powered by 5th Gen Intel Xeon processors with a 3.2 GHz all-core turbo and 3rd-generation AWS Nitro SSDs, I7i delivers up to 23% better compute and more than 10% improved price-performance versus I4i. Storage scales to 45 TB of NVMe with up to 50% better real-time storage performance, up to 50% lower storage I/O latency, and up to 60% lower latency variability, and includes a torn write prevention feature supporting up to 16 KB block sizes. The family offers eleven sizes — nine virtual sizes up to 48xlarge plus two bare metal options — with up to 100 Gbps networking and 60 Gbps EBS bandwidth.

Amazon Redshift Concurrency Scaling Adds More Regions

🚀 Amazon Redshift Concurrency Scaling is now available in ten additional AWS regions, including Africa (Cape Town), several Asia Pacific locations, Europe (Milan), Middle East (Bahrain), Mexico (Central) and AWS GovCloud (US‑West). The feature elastically adds query processing capacity in seconds to maintain fast performance for thousands of concurrent users and hundreds of simultaneous queries. Customers with an active Redshift cluster earn up to one hour of free Concurrency Scaling credits and can control allocation, set cluster limits, and monitor usage through Amazon CloudWatch; enable it by setting the Concurrency Scaling Mode to Auto in the AWS Management Console.

Searce Accelerates Enterprise Migrations to Google Cloud

🚀 Searce, a Google Cloud Premier partner, has completed over 1,000 migrations and highlights measurable gains in reliability, cost, and performance for enterprise customers. Using GKE, GKE Autopilot, GKE Gateway Controller and Google Cloud platform services, Searce reports improvements such as 25% better reliability, 50% lower TCO, and up to 30% performance gains, with significant reductions in downtime during migrations.

When to Consider XDR: Addressing EDR Limitations & Response

🔒 Many small and mid-sized businesses adopted EDR to address growing threats, but alert overload and limited context can overwhelm security teams. Kaspersky Next XDR Optimum groups related alerts, enables bulk responses, and lets operators block compromised users in Active Directory directly from alert cards. It also integrates a cloud sandbox for file analysis and embeds targeted security awareness training assignable from the alert. For teams struggling with volume or lacking context, migrating from EDR to XDR can improve containment and reduce response time without major redeployment.

Microsoft Marketplace: Unified Cloud and AI Solutions

🚀 The reimagined Microsoft Marketplace is a unified destination to find, try, buy and deploy cloud solutions, AI apps and agents, combining Azure Marketplace and Microsoft AppSource. It lists tens of thousands of offerings and more than 3,000 AI apps and agents with rapid provisioning into Microsoft environments using Model Context Protocol (MCP). Integrations with CSPs and channel partners support private offers, a resale-enabled preview and governance for enterprise deployment.

Enabling AI Sovereignty Through Choice and Openness Globally

🌐 Cloudflare argues that AI sovereignty should mean choice: the ability for nations to control data, select models, and deploy applications without vendor lock-in. Through its distributed edge network and serverless Workers AI, Cloudflare promotes accessible, low-cost deployment and inference close to users. The company hosts regional open-source models—India’s IndicTrans2, Japan’s PLaMo-Embedding-1B, and Singapore’s SEA-LION v4-27B—and offers an AI Gateway to connect diverse models. Open standards, interoperability, and pay-as-you-go economics are presented as central to resilient national AI strategies.