All news in category "Vendor and Hyperscaler Watch"

GKE Network Interface: From kubenet to the AI backbone

📡 Over the past decade, Google Cloud evolved GKE pod networking from basic kubenet and route-based clusters to VPC-native alias IPs and the eBPF-powered Cilium Dataplane V2, improving performance, scalability, and observability. The platform now supports extreme-scale AI workloads with multi-NIC, terabit throughput, and persistent IPs for stateful functions. Looking forward, Google is exploring the Kubernetes Network Driver and the DRANET reference to expose node-level network resources via Dynamic Resource Allocation.

AWS Expands Second-Generation Outposts Racks Globally

🌍 AWS now ships second-generation Outposts racks to a broad list of countries, enabling customers to deploy AWS infrastructure and services directly in on‑premises data centers and colocation sites. These racks support the latest x86 Amazon EC2 families — C7i, M7i, and R7i — delivering up to 40% better performance versus prior racks, simplified network scaling, and a new class of accelerated networking instances for ultra-low latency and high throughput. They also help address local data residency and low-latency processing requirements while remaining connected to the nearest AWS Region for management.

MCP Toolbox Adds Firestore Tools for AI-Assisted Dev

🧰 MCP Toolbox now includes comprehensive Firestore tools that let AI assistants connect directly to Firestore from environments like Gemini CLI and other MCP-compatible interfaces. Built on the Model Context Protocol, these pre-built tools support document reads, collection queries, targeted updates, and security-rules validation to accelerate debugging, testing, and maintenance for NoSQL applications. Developers can perform complex queries and targeted updates in natural language, validate security rules before deployment, and reduce context switching between consoles and emulators. The release is accompanied by docs, quick start guides, a GitHub repo, and community channels to help teams adopt the features quickly.

BigQuery scalability and reliability upgrades for Gen AI

🚀 Google Cloud announced BigQuery performance and usability enhancements to accelerate generative AI inference. Improvements include >100x throughput for first-party text generation and >30x for embeddings, plus support for Vertex AI Provisioned Throughput and dynamic token batching to pack many rows per request. New reliability features—partial-failure mode, adaptive traffic control, and robust retries—prevent individual row failures from failing whole queries and simplify large-scale LLM workflows.

AWS Expands ISO and CSA STAR Scope with Two Services

🔒 Amazon Web Services (AWS) announced that EY CertifyPoint completed an onboarding audit and reissued ISO and CSA STAR certificates on August 13, 2025, with no findings. The audit expanded the certified scope to include AWS Resource Explorer and AWS Security Incident Response alongside the other services covered under multiple ISO standards and CSA STAR CCM v4.0. Customers can retrieve certificates through AWS Artifact and view the full certified service list on the AWS ISO and CSA STAR Certified page.

CloudWatch Cross-Account Cross-Region Log Centralization

🔁 Amazon CloudWatch now supports cross-account, cross-region log centralization, allowing customers to copy log data from multiple AWS accounts and regions into a single destination account and integrate with AWS Organizations. Copied log events are enriched with new system fields (@aws.account and @aws.region) to preserve source context, and administrators can scope rules to the entire organization, selected OUs, or specific accounts. The feature supports selective log-group copying, automatic merging of same-named groups, optional backup-region copies, and includes one free centralized copy with additional copies billed at $0.05/GB.

Microsoft: Office 2016 and 2019 End Extended Support

🔔Microsoft reminded customers that Office 2016 and Office 2019 will reach the end of extended support on 14 October 2025. Organizations using Visio 2016/2019, Project 2016/2019, and related apps are urged to upgrade to avoid security, compliance, and performance issues because no further updates or fixes will be provided. Microsoft recommends migrating to Microsoft 365 Apps or selecting a perpetual release such as Office 2024 or Office LTSC 2024 depending on licensing and connectivity needs.

Amazon EventBridge Adds Customer-Managed KMS Support

🔐 Amazon EventBridge now supports AWS KMS customer managed keys for event bus rule filter patterns and input transformers. This lets you encrypt the logic that selects and modifies events with your own keys to meet security and compliance requirements while retaining full key control. The feature is available in all commercial AWS Regions and can be audited via AWS CloudTrail. There is no additional EventBridge charge, though standard AWS KMS pricing applies.

California Modernizes Public Services with Google Cloud

🚀 California is partnering with Google Cloud to modernize state and local services by applying AI, security, and infrastructure solutions. Agencies such as Covered California use Document AI, Assured Workloads, and AI-driven security to speed eligibility decisions and protect sensitive data. Universities including UCR and Caltech are using Vertex AI and AI-optimized HPC for research acceleration. Workspace, Gemini, and Agentspace are cited as productivity and information-management enablers.

AWS Budgets Adds Custom Time Periods for Project Funding

📊 AWS Budgets now supports custom time periods, letting teams define flexible start and end dates for a budget rather than relying on calendar-based cycles. This enables single-budget tracking for time-bound projects (for example, a three-month development sprint starting mid-month) and triggers alerts as spend approaches thresholds. The feature is available today in all AWS commercial Regions except the AWS GovCloud (US) and China Regions.

Why a Cisco Talos Incident Response Retainer Matters

🔒 A Cisco Talos Incident Response (IR) Retainer provides organizations with prioritized access to Talos' global threat intelligence and incident response specialists, combining proactive preparedness with rapid 24/7 mobilization. The retainer includes tailored IR plans, playbooks, readiness assessments, and tabletop exercises, plus proactive threat hunting using the PEAK Framework. Clients receive vendor-agnostic integration guidance, optional Cisco technology deployment, coordinated legal and PR support, and detailed post-incident reviews to reduce downtime and reputational harm.

Benchmarking Google Cloud C3 Machine Types for Trading

🔍 Google Cloud and consultancy 28Stone published benchmarks showing the C3 machine series delivers low-latency, low-jitter performance suited to electronic trading. Tests using DPDK and replayed CME Group equity pcaps reported decision latencies as low as 1.5 µs (P50) and 3.5 µs (P99) and demonstrated consistent profiles at up to 100× data rates. The results highlight sub‑50 µs end-to-end round-trip P99 performance, high throughput with up to 200 Gbps per VM networking, and network innovations such as Titanium offload and Cloud WAN layer‑2 connectivity.

AWS PCS Supports EC2 Capacity Blocks for ML Workloads

🔧 Amazon Web Services has added native support for EC2 Capacity Blocks in the Parallel Computing Service (PCS), enabling use of reserved EC2 instances directly within PCS Slurm clusters. This integration lets Capacity Blocks be associated with PCS compute node groups via an EC2 Launch Template, simplifying capacity planning for GPU‑based ML workloads. The feature is available in all Regions where both services are offered and aims to improve availability and predictability for cutting‑edge GPU jobs.

AWS Network Firewall Enhances Console Monitoring and TLS

🔒 AWS Network Firewall now delivers expanded console monitoring and enhanced TLS inspection capabilities to improve outbound security. The monitoring dashboard adds visibility into traffic to AWS services such as Amazon S3, Amazon DynamoDB, and AWS Backup, including traffic sent over PrivateLink, and surfaces top source and destination IPs by packets and bytes. Customers can filter views by IP and protocol for targeted analysis. A new session holding feature for TLS Inspection prevents TCP/TLS establishment from reaching servers until SNI-based rules are evaluated, strengthening controls against malicious endpoints.

AWS End User Messaging: CloudFormation Support for SMS

📩 AWS End User Messaging SMS now supports AWS CloudFormation, enabling customers to deploy and manage SMS resources using templates. Phone numbers, sender IDs, configuration sets, protection configurations, opt-out lists, resource policies, and phone pools can be provisioned and managed declaratively alongside other AWS resources. This support is available in all Regions where End User Messaging is offered, simplifying deployments and delivery pipelines.

CrowdStrike Launches Threat AI: Agentic Threat Intel

🔍 CrowdStrike unveiled Threat AI, described as the industry’s first agentic threat intelligence system, built on the Falcon platform to reason, hunt, and act across adversary activity. The initial agents — a Malware Analysis Agent and a Hunt Agent — automate complex workflows like reversing, classification, retrohunting, and continuous threat hunting to surface actionable recommendations. CrowdStrike also released a Threat Intelligence Browser Extension for Chrome to provide intelligence in analysts’ workflows, aiming to accelerate investigations and help SOCs respond at machine speed.

CrowdStrike Secures AI Across the Enterprise with Partners

🔒 CrowdStrike describes how the Falcon platform delivers unified visibility and lifecycle defense across the full AI stack, from GPUs and training data to inference pipelines and SaaS agents. The post highlights integrations with NVIDIA, AWS, Intel, Dell, Meta, and Salesforce to extend protection into infrastructure, data, models, and applications. It also introduces agentic defense via Charlotte AI for autonomous triage and rapid response, and emphasizes governance controls to prevent data leaks and adversarial manipulation.

Falcon for IT Brings Risk-Based Patching to Falcon

🔒 Falcon for IT introduces Risk-based Patching to unite security and IT teams within the CrowdStrike Falcon platform. By combining Falcon Exposure Management telemetry, AI-powered patch scheduling, Patch Safety Scores, and sensor intelligence, the feature prioritizes vulnerabilities by real-world exploitability and reduces time to remediation. Ring-based deployments, smart rollout coordination, and pre-deployment safety checks help avoid system-breaking updates while accelerating fixes. Delivered through the existing lightweight Falcon agent, it replaces manual handoffs with a single, unified workflow.

Automating OIDC Client Secret Rotation for ALB on AWS

🔁 This AWS blog demonstrates how to automate OIDC client secret rotation for Application Load Balancer authentication using AWS Secrets Manager, AWS Lambda, and Amazon EventBridge. The solution securely stores IdP credentials (Auth0 in the example), schedules a Lambda handler to fetch and compare tokens, and updates Secrets Manager and ALB listener rules when changes occur. It reduces manual effort, limits plaintext credential exposure, and adds monitoring via CloudWatch alarms.

Multi-Region Key Replication in AWS Payment Cryptography

🔐 AWS introduces Multi-Region keys for AWS Payment Cryptography, a built-in option to automatically synchronize exportable symmetric payment keys from a primary Region to one or more replica Regions. You can choose account-level defaults or per-key replication targets, keep consistent key IDs across Regions, and rely on asynchronous replication with monitoring via new CloudTrail events. The feature improves availability and disaster recovery for global payment operations while preserving granular control over replication.