All news in category "Vendor and Hyperscaler Watch"

Regaining Control of AI Agents and Non-Human Identities

🔐 Enterprises are struggling to secure thousands of non-human identities—service accounts, API tokens, and increasingly autonomous AI agents—that proliferate across cloud and CI/CD environments without clear ownership. These NHIs often use long-lived credentials, lack contextual signals for adaptive controls, and become over-permissioned or orphaned, creating major lateral-movement and compliance risks. The article recommends an identity security fabric—including discovery, risk-based privilege management, automated lifecycle policies, and integrations such as Okta with AWS—to regain visibility and enforce least-privilege at scale.

Cloudflare 2025 Founders’ Letter: AI, Content, and Web

📣 Cloudflare’s 2025 Founders’ Letter reflects on 15 years of Internet change, highlighting encryption’s rise thanks in part to Universal SSL, slow IPv6 adoption, and the rising costs of scarce IPv4 space. It warns that AI answer engines are shifting value away from traffic-based business models and threatening publishers. Cloudflare previews tools and partnerships — including AI Crawl Control — to help creators control access and negotiate compensation.

Microsoft Rolls Out Gaming Copilot to Windows 11 PCs

🎮 Microsoft has begun a beta rollout of Gaming Copilot to Windows 11 PCs for users aged 18 and older outside mainland China. Integrated into the Game Bar via the Xbox PC app (Win+G), the assistant offers a Voice Mode for in‑game help, game recommendations, achievement checks and play‑history insights. Microsoft plans to push the feature to the Xbox mobile app on iOS and Android in October. Users can remove the widget from the Game Bar via Settings if they prefer.

AWS Organizations SCPs Now Support Full IAM Language

🔐 AWS announced that AWS Organizations service control policies (SCPs) now support the full IAM policy language, adding features such as NotAction, NotResource, resource-level Allow statements, conditions in Allow, and more flexible action wildcards. The update is available across AWS commercial and GovCloud (US) Regions. These changes simplify permission models, reduce prior workarounds (such as tagging-based exceptions), and make SCPs more expressive and concise. AWS recommends careful wildcard use and continuing to prefer explicit Deny statements for robust controls.

Amazon OpenSearch Ingestion Adds Cross-Account Ingestion

🔁 Amazon OpenSearch Ingestion now supports cross-account ingestion for push-based sources such as HTTP and OpenTelemetry (OTel). This capability lets teams share ingestion pipelines across AWS accounts without relying on VPC peering or AWS Transit Gateway, simplifying centralized observability and analytics workflows. The feature is available today in all regions where OpenSearch Ingestion is offered; customers can configure resource policies in the AWS Management Console or CLI and enable pipeline endpoints from their VPCs to begin ingesting data.

AWS Summer 2025 SOC 1 Report Covers 183 Services In Scope

🔒 AWS has published its Summer 2025 SOC 1 report covering 183 services for the period July 1, 2024 through June 30, 2025. The report provides independent assurance on controls relevant to customer financial reporting. Customers can download the report via AWS Artifact in the AWS Management Console for on-demand access. AWS says it will continue to expand service coverage and invites customers to contact their account team or the Compliance team with questions.

GKE Managed Lustre CSI Driver for AI and HPC Workloads

🚀 Managed Lustre on GKE is a managed parallel file system with a CSI driver that brings low-latency, high-throughput POSIX storage to Kubernetes for demanding AI and HPC workloads. It is recommended for training, checkpointing, and small-file patterns where GPUs/TPUs must stay utilized, while Cloud Storage is an alternative for large, higher-latency files. The article presents five operational best practices—data locality, tiering, networking, provisioning, and using Kubernetes Jobs with a shared PVC—to maximize performance and control costs.

GCE and GKE Security Dashboards Powered by SCC Now

🔒 Google has added integrated security dashboards to GCE and GKE consoles, powered by Security Command Center. The dashboards surface top security findings, vulnerability trends, CVE prioritization, and container/workload misconfigurations informed by Google Threat Intelligence and Mandiant analysis. Teams can remediate misconfigurations, prioritize patches, and monitor threats directly in their compute and cluster consoles. Full vulnerability and threat widgets require upgrading to SCC Premium (30‑day trial available).

Google Cloud launches advanced AI training suite for roles

🚀 Google Cloud announced a new suite of AI training courses for intermediate and advanced learners across technical and non-technical roles. The curriculum covers designing and managing AI infrastructure using GCE and GKE, fine-tuning models like Gemini, serverless inference with Cloud Run, and securing generative AI deployments. Hands-on labs teach building AI agents that securely connect to enterprise databases and rapid prototyping in Google AI Studio. Courses are available on Google Cloud Skills Boost to help learners future-proof their AI skills.

Amazon RDS supports MySQL Innovation Release 9.4 Preview

🚀 Amazon RDS for MySQL now supports MySQL Innovation Release 9.4 in the Amazon RDS Database Preview Environment, enabling customers to evaluate the latest community Innovation Release on managed RDS instances. The Preview Environment supports Single‑AZ and Multi‑AZ deployments on current instance classes and retains preview instances for up to 60 days. Snapshots created in the Preview Environment are restricted to the Preview Environment, and preview instances are billed at the same rates as production RDS instances in the US East (Ohio) Region.

FortiCNAPP Named Leader in Three KuppingerCole Categories

🚀 FortiCNAPP has been named a Leader in three categories in the 2025 KuppingerCole Compass for CNAPP: Overall Leadership, Market Leadership, and Innovation Leadership. The recognition emphasizes FortiCNAPP’s ability to reduce tool sprawl, improve visibility into cloud risk, and accelerate remediation. Customers cite rapid, intuitive deployment, agentless scanning, AI-driven analytics, and tight integration with the Fortinet Security Fabric as key benefits.

You Don’t Need Quantum Hardware for PQC Readiness Now

🔐 Cloudflare explains that post-quantum cryptography (PQC) protects communications against future quantum computers and does not require specialized quantum hardware. PQC runs today on existing phones, servers, and network infrastructure, can scale at Internet level, and in many cases matches or exceeds classical performance. The post argues that quantum technologies like QKD and QRNG are interesting scientific tools but are neither necessary nor sufficient for broad post-quantum security; organizations should prioritize cryptographic agility and migration to PQC.

Steam to end support for Windows 32-bit in Jan 2026

🖥️ Valve announced that Steam will stop supporting 32-bit versions of Windows effective January 1, 2026. The company said Windows 10 32-bit is currently the only 32-bit build still in use and that existing Steam Client installations on those systems will continue to function for the near term but will no longer receive any updates, including security updates. Valve explained the change is required because core Steam features rely on drivers and libraries not maintained on 32-bit Windows. Gamers are urged to upgrade to a 64-bit version of Windows to maintain compatibility and keep receiving updates.

Gemini CLI Deep Dive: Origins, Design, and Roadmap

🚀 The Gemini CLI is an open-source, agentic command-line assistant built to reason, select tools, and execute multi-step developer workflows while keeping users informed. In a recent Agent Factory episode, creator Taylor Mullen discussed the project's origin, design philosophy, and roadmap. Demonstrations showed onboarding to codebases, converting research papers into interactive explainers, and creating reusable slash commands. The team emphasizes extensibility, transparency, and community-driven contributions.

AWS Organizations Adds Full IAM Policy Language to SCPs

🔐 AWS Organizations now supports the full IAM policy language for service control policies (SCPs), allowing administrators to use conditions, individual resource ARNs, and the NotAction element with Allow statements. You can also apply wildcards at the beginning or middle of Action strings and use the NotResource element for finer scoping. These enhancements let teams create more concise and precise organizational guardrails to enforce least-privilege across accounts. The change is backward compatible and available in all AWS commercial and AWS GovCloud (US) Regions.

AWS Neuron SDK 2.26 Adds Trn2, PyTorch 2.8, JAX 0.6.2

🚀 AWS has released Neuron SDK 2.26.0 as generally available, delivering framework and runtime improvements for Inferentia and Trainium-based instances. The update adds support for PyTorch 2.8 and JAX 0.6.2, enhances inference on Trainium2 (Trn2) instances, and enables deployment of models such as FLUX.1-dev and beta Llama 4 Scout/Maverick. It also introduces expert parallelism (beta) for MoE models, new Neuron Kernel Interface APIs, and an improved Neuron Profiler with system profile grouping for distributed workloads.

Amazon Redshift Multidimensional Data Layouts GA for Queries

🚀 Amazon Redshift announces general availability of Multidimensional Data Layouts (MDDL), a dynamic sorting feature that reorganizes data according to actual query filters to accelerate analytics. MDDL creates a multidimensional virtual sort key that co-locates rows typically accessed together, enabling block-level and predicate-column skipping during execution. For tables using the default AUTO sort key, Redshift analyzes query history and automatically selects MDDL or an optimal single-column sort key based on expected benefits. AWS reports up to 10x end-to-end performance improvements for workloads with repetitive filters; MDDL is available in all AWS commercial regions.

AWS SiteWise MCP Server Accelerates Industrial Modeling

⚙️ AWS published a Model Context Protocol (MCP) server for AWS IoT SiteWise in the AWS Labs open-source MCP repository to simplify industrial data modeling. The server embeds domain validation and automated modeling, applying correct units, data types, and quality indicators so models are production-ready. It maintains compatibility with existing SiteWise tools and APIs while adding conversational interfaces to streamline model authoring, asset onboarding, and downstream analytics enablement.

Top Dark Web Monitoring Tools for Threat Detection

🔎 The article explains why Dark Web monitoring is essential for CISOs and security teams, focusing on the discovery of leaked credentials, sensitive corporate data, and brand-abuse used in fraud and phishing. It profiles ten leading solutions and contrasts commercial Digital Risk Protection services with open-source intelligence platforms. The piece emphasizes integration with XDR/MDR, API access, takedown capabilities, and VIP and supply‑chain monitoring to prioritize responses and reduce business risk.

Amazon Q Developer CLI Adds Remote MCP Server Support

🔒 Amazon Q Developer CLI now supports remote MCP servers to centralize tool integrations and OAuth-based authentication, enhancing scalability and security in development workflows. Administrators specify HTTP transport, the authentication URL, and optional headers in agent configuration or mcp.json. Upon successful OAuth authentication, the CLI enumerates tools on the MCP server and exposes them to the agent. This capability is available in both the CLI and the Amazon Q Developer IDE plugins.