All news in category "Vendor and Hyperscaler Watch"

Amazon Bedrock Adds Four Qwen3 Open-Weight Models Now

🤖 Amazon Web Services added four Qwen3 open-weight foundation models to Amazon Bedrock as fully managed, serverless offerings. The lineup—Qwen3-Coder-480B-A35B-Instruct, Qwen3-Coder-30B-A3B-Instruct, Qwen3-235B-A22B-Instruct-2507, and Qwen3-32B—covers both dense and Mixture-of-Experts (MoE) architectures. The coder variants specialize in agentic coding, function calling, and tool use, while the 235B and 32B models provide general reasoning and efficient dense computation. These models are available now across multiple AWS regions, enabling developers to build advanced AI applications without managing infrastructure.

Notepad Adds Free AI Writing Tools on Copilot+ Windows 11

📝 Microsoft is adding free AI-powered text features to Notepad on Copilot+ PCs running Windows 11, rolling out now to Windows Insiders in the Canary and Dev channels on Notepad version 11.2508.28.0. The new Summarize, Write, and Rewrite tools were previously part of Microsoft 365 subscriptions but are available without an extra subscription on Copilot+ devices. Features support English only; subscribers can switch between local and cloud models while unsigned users use the local model. Users may disable the AI options in settings or uninstall the updated Notepad to use classic notepad.exe. Paint and Snipping Tool also received recent updates.

Palo Alto Acknowledges Browser-Malware Risks, Validates LMR

🔍 SquareX’s Last Mile Reassembly (LMR) research, disclosed at DEF CON 32, shows how attackers split and reassemble malware inside the browser to evade Secure Web Gateways (SWGs). Palo Alto Networks has become the first major SASE vendor to publicly acknowledge this class of browser-assembled evasive attacks and announced enhancements to Prisma Browser. SquareX says LMR and related Data Splicing techniques exploit channels like WebRTC and gRPC, bypassing traditional SWG and DLP controls and underscoring the need for browser-native security.

Google Cloud's Differentiated AI Stack Fuels Startups

🚀 Google Cloud highlights how its differentiated AI tech stack is accelerating startup innovation worldwide, with nine of the top ten AI labs, most AI unicorns, and more than 60% of generative AI startups using its platform. Startups are leveraging Vertex AI, TPUs, multimodal models like Veo 3 and Gemini, plus services such as AI Studio and GKE to build agents, generative media, medical tools, and developer platforms. Programs like the Google for Startups Cloud Program provide credits, mentorship, and engineering support to help founders scale.

Alex Ryan: From Zero Chill to Quiet Confidence at Talos

🔒 In this Humans of Talos interview, Alex Ryan, an Incident Commander with Cisco Talos Incident Response, reflects on her unconventional path from liberal arts degrees to a career in cybersecurity and threat intelligence. She describes the technical and emotional realities of incident response—triaging IOCs, conducting forensic analysis, and quickly building customer trust—while managing high stress and business risk. Ryan also discusses recovering from burnout after parenthood, learning to set boundaries, and how a supportive team helps sustain long-term performance.

Amazon SageMaker HyperPod Adds Managed Karpenter Autoscaling

🛠️ Amazon SageMaker HyperPod now supports managed node autoscaling using Karpenter, enabling automated cluster scaling for both inference and training workloads. This managed capability removes the operational burden of installing and maintaining autoscaling infrastructure while providing integrated resilience and fault tolerance. Customers gain just-in-time GPU provisioning, scale-to-zero during low demand, workload-aware instance selection, and cost reductions through intelligent consolidation.

Amazon EVS Adds HCX Migration Over Public Internet

🌐 Amazon EVS now supports VMware HCX migrations over the public internet using Elastic IP Addresses (EIPs) to provide stable endpoints and faster setup. This option supplements existing private connectivity methods such as AWS Direct Connect and VPN, enabling secure layer‑2 network stretch and workload migration when private links are unavailable. Public HCX connectivity is available in all AWS Regions where EVS is offered and can be a cost‑effective alternative for workloads that do not require private connection performance.

AWS Step Functions Adds IPv6 Dual-Stack Endpoint Support

🌐 AWS Step Functions now supports IPv6 via new dual-stack IPv4/IPv6 endpoints, enabling customers to send IPv6 traffic directly to the service. The enhancement preserves backwards compatibility with existing IPv4 endpoints and enables PrivateLink interface VPC endpoint connectivity so workloads can access Step Functions privately without traversing the public internet. IPv6 support is generally available in several US commercial and GovCloud regions.

Amazon OpenSearch Serverless Adds Disk-Optimized Vectors

🔍 Amazon has added disk-optimized vector storage to OpenSearch Serverless, offering a lower-cost alternative to memory-optimized vectors while maintaining equivalent accuracy and recall. The disk-optimized option may introduce slightly higher latency, so it is best suited for semantic search, recommendation systems, and other AI search scenarios that do not require sub-millisecond responses. As a fully managed service, OpenSearch Serverless continues to automatically scale compute capacity (measured in OCUs) to match workload demands.

Where CISOs Should See Splunk Go Next: AI & Resilience

🔍 At .Conf in Boston, Splunk and parent company Cisco positioned machine data as central to next‑generation AI incident response, arguing telemetry represents roughly 55% of global data growth. They stressed tighter integration of security and observability, a federated data model with new support for Snowflake, and standards work such as OpenTelemetry and the Open Cybersecurity Framework (OCSF). Splunk also previewed enhanced security operations capabilities — a premier Enterprise Security bundle, Detection Studio, and agentic AI features — while acknowledging customer concerns about costs, legacy positioning, and support.

CrowdStrike Enhances GenAI Data Protection Across Platforms

🔒 CrowdStrike announces four new innovations in Falcon Data Protection to help organizations prevent GenAI-driven data leaks across endpoints, cloud, SaaS and AI tools. The updates include real-time GenAI protections that span browsers, local apps and shadow AI services, unified out-of-the-box detections, AI-powered classifications, and a consolidated Insider Risk dashboard. Beta and general availability windows span late 2025 through mid-2026, with cloud features prioritized earlier.

CrowdStrike Advances Next-Gen Identity Security Innovations

🔐 CrowdStrike announced three enhancements to Falcon Next‑Gen Identity Security: FalconID, expanded privileged access controls, and identity‑driven case management. FalconID delivers FIDO2-based, phishing-resistant passwordless MFA via the Falcon for Mobile app, combining Bluetooth proximity checks with contextual telemetry to block credential phishing, MFA fatigue, and session hijacking. Privileged access updates add just-in-time workflows, Microsoft Teams request/revoke, Fusion SOAR automation, and hybrid coverage including local systems (early access). Identity-driven case management integrates identity detections into Falcon Next‑Gen SIEM and automates analyst response (generally available).

Blueprint for Building Safe and Secure AI Agents at Scale

🔒 Azure outlines a layered blueprint for building trustworthy, enterprise-grade AI agents. The post emphasizes identity, data protection, built-in controls, continuous evaluation, and monitoring to address risks like data leakage, prompt injection, and agent sprawl. Azure AI Foundry introduces Entra Agent ID, cross-prompt injection classifiers, risk and safety evaluations, and integrations with Microsoft Purview and Defender. Join Microsoft Secure on September 30 to learn about Foundry's newest capabilities.

AWS Network Firewall: SNI Session Holding for TLS Guide

🔒 AWS Network Firewall now offers SNI session holding to strengthen TLS inspection by validating the TLS SNI before initiating an outbound TCP connection. When enabled, the firewall holds TCP/TLS establishment until it receives the ClientHello SNI and evaluates it against Suricata-based TLS inspection rules, preventing any contact with disallowed endpoints. Administrators can enable this option in a TLS inspection configuration via the AWS Management Console, AWS CLI, or AWS SDK; it’s available in Regions including GovCloud and China and is billed as part of TLS advanced inspection.

RUM Diaries: Enabling Privacy-First Web Analytics by Default

🔍 Cloudflare is upgrading its real user monitoring (RUM) suite by enabling Web Analytics for free domains by default on October 15, 2025 (EU/UK traffic excluded by default). A lightweight JavaScript beacon will collect aggregated client-side metrics—Core Web Vitals, resource timings and client-observed TLS durations—and pre-process data at the edge to remove personal identifiers before aggregation. The company emphasizes a privacy-first approach with no cookies, no localStorage, and no fingerprinting, and plans to correlate client metrics with in-network and origin telemetry to provide actionable debugging insights while preserving user privacy.

How AWS Built a Flywheel to Improve Amazon RDS Security

🔒 As AWS implemented support for PL/Rust on Amazon RDS, engineers created a telemetry-driven 'flywheel' built around SELinux, monitoring, and incident response to safely enable compiled Rust functions. They developed mandatory access control policies, routed denials into telemetry with automated ticketing, and ran quarterly red/blue game days to refine playbooks and reduce noise. An October SELinux denial triggered an investigation that validated the controls and led to collaboration with Varonis Threat Labs.

AWS Lambda: Cross-Account Container Images in GovCloud

🚀 AWS Lambda now supports creating or updating functions using container images stored in an Amazon ECR repository in a different AWS account within GovCloud Regions. This removes the previous need to copy images into a local ECR repo and streamlines centralized image management and CI/CD workflows. Administrators must grant the Lambda resource and the Lambda service principal the necessary cross-account permissions.

Amazon Corretto 25 LTS Released with OpenJDK 25 Enhancements

🚀 Amazon Corretto 25 is now generally available as a Long Term Support release, providing a production-ready distribution of OpenJDK 25 for Linux, Windows, and macOS. The release promotes experimental JDK 24 features to production-ready status — notably Compact Object Headers and Generational Shenandoah GC — and introduces AOT caching, language refinements, expanded observability, Structured Concurrency, Vector API improvements, and reduced virtual-thread pinning. Amazon will support Corretto 25 through October 2032.

Amazon EC2 I8ge Storage-Optimized Instances in Frankfurt

🚀 Amazon EC2 I8ge storage-optimized instances are now available in AWS Europe (Frankfurt). Powered by AWS Graviton4 processors, I8ge delivers up to 60% better compute performance versus prior Graviton2-based storage-optimized instances and uses third-generation AWS Nitro SSDs for up to 55% better real-time storage performance per TB with substantially lower latency and variability. Instances scale to 48xlarge (including metal), provide up to 1,536 GiB RAM, 120 TB local NVMe, and up to 300 Gbps networking, making them well suited for relational and non-relational databases, streaming databases, search and data analytics.

Amazon Connect introduces agent hierarchy filters for search

🔍 Amazon Connect now offers agent hierarchy filters on the contact search page in the UI, enabling contact center leaders and teams to drill into specific sites, departments, or teams to locate interactions. This capability helps quality management, regulatory compliance, and workforce optimization teams efficiently find and review contacts for assessment and auditing. The feature is available in all regions where Amazon Connect is offered, simplifying targeted reviews and reducing time-to-insight for investigations and performance evaluations.