All news in category "Vendor and Hyperscaler Watch"

Protecting Azure Infrastructure From Silicon to Systems

🔐 Microsoft describes a hardware-to-cloud security approach that embeds verification, isolation, and transparency across Azure infrastructure. The piece highlights purpose-built technologies such as Azure Boost for control-plane isolation, Azure Integrated HSM for server-local key protection, and a spectrum of confidential computing guarantees for workloads. It also emphasizes open-source and ecosystem efforts—Caliptra, OCP SAFE, and a Code Transparency Service—to enable verifiable supply-chain attestations and immutable firmware provenance.

Amazon RDS Supports MariaDB 11.8 with Vector Engine

🚀 Amazon RDS for MariaDB now supports MariaDB 11.8 (minor 11.8.3), the community's latest long-term maintenance release. The update introduces MariaDB Vector, enabling storage of vector embeddings and use of retrieval-augmented generation (RAG) directly in the managed database. It also adds controls to limit maximum temporary file and table sizes to better manage storage. You can upgrade manually, via snapshot restore, or with Amazon RDS Managed Blue/Green deployments; 11.8 is available in all regions where RDS MariaDB is offered.

Amazon Neptune Adds BYOKG RAG Support via GraphRAG

🔍 Amazon Web Services announced general availability of Bring Your Own Knowledge Graph (BYOKG) support for Retrieval-Augmented Generation (RAG) using the open-source GraphRAG Toolkit. Developers can now connect domain-specific graphs stored in Amazon Neptune (Database or Analytics) directly to LLM workflows, combining graph queries with vector search. This reduces hallucinations and improves multi-hop and temporal reasoning, easing operationalization of graph-aware generative AI.

Amazon Bedrock Data Automation Adds Five Document Languages

📄 Amazon Web Services' Bedrock Data Automation now supports five additional document languages — Portuguese, French, Italian, Spanish, and German — expanding multilingual document processing beyond English. Customers can build blueprints, prompts, and instructions in these languages using BDA Custom Output, while BDA Standard Output will produce summaries and figure captions in the detected document language. This update is generally available across multiple AWS commercial and GovCloud regions and aims to accelerate multilingual document workflows for intelligent document processing and multimodal automation.

CrowdStrike Named Leader in 2025 Exposure Management

🔒 CrowdStrike has been named a Leader in the 2025 IDC MarketScape for Exposure Management. Falcon Exposure Management delivers AI-native, real-time visibility and prioritization of exposures and attack paths across endpoint, cloud, identity and OT/IoT, helping teams focus on what adversaries can feasibly exploit. It unifies VM, ASM and CAASM capabilities and introduces Network Vulnerability Assessment for continuous discovery of unmanaged network devices without additional agents or hardware. Integrated exposure data is correlated across CrowdStrike Threat Graph, Intel Graph and Asset Graph to support faster, automated remediation.

Amazon Bedrock Data Automation Now in GovCloud (US-West)

🚀 Amazon Bedrock Data Automation (BDA) is now generally available in the AWS GovCloud (US-West) Region. BDA automates extraction of actionable insights from unstructured multimodal content—documents, images, video, and audio—helping developers accelerate GenAI-based applications like intelligent document processing and media analysis. It can run standalone or as a parser in Amazon Knowledge Bases RAG workflows and is now offered in eight AWS Regions.

Amazon EC2 R7g Graviton3 Instances Launch in Cape Town

🚀 Amazon EC2 R7g instances powered by Graviton3 processors are now available in AWS Africa (Cape Town). These instances deliver up to 25% better compute performance versus Graviton2 and can use up to 60% less energy for comparable performance, helping reduce cloud carbon footprint. They come in nine sizes, including bare metal, and offer up to 30 Gbps networking and 20 Gbps EBS bandwidth, running on the AWS Nitro System for secure, high‑performance isolation.

What’s New in Google Cloud: Releases, Previews, and News

🔔 Google Cloud published a consolidated roundup of product releases and previews from early July through Aug 22, 2025, covering GA launches, public previews, and platform enhancements. Highlights include Earth Engine in BigQuery (GA), Vertex AI embedding scaling, new GKE features for NUMA alignment and swap, expanded NodeConfig controls, and Cloud Run with GPUs. Customers should review the linked documentation, request preview access via account teams where needed, and plan upgrades or migrations accordingly.

Amazon EKS adds namespace configuration for add-ons

🔧 Amazon Elastic Kubernetes Service (Amazon EKS) now allows you to select a custom Kubernetes namespace when installing both AWS and Community add-ons, giving operators finer control over object organization and isolation within clusters. You can install add-ons into a chosen namespace via the AWS Console, EKS APIs, AWS CLI, or infrastructure-as-code tools like CloudFormation. Note that to move an installed add-on to a different namespace you must remove and recreate it. This capability is available in all commercial AWS Regions.

Amazon RDS for PostgreSQL Adds Delayed Read Replicas

🕒 Amazon RDS for PostgreSQL now supports delayed read replicas, allowing you to specify a minimum time period for a replica to intentionally lag behind its source. This configurable time buffer helps protect against human errors such as accidental table drops or unwanted data modifications by preserving a recoverable replica state. In recovery workflows you can pause replication before problematic changes are applied, resume replication to a specific log position, and promote the replica as the new primary to achieve faster recovery than lengthy point-in-time restores.

Amazon RDS for Db2 Adds Support for Read Replicas Now

🔁 Amazon RDS for Db2 now supports read replicas, allowing customers to add up to three replicas per instance to offload read-only workloads and reduce load on the primary database. Replicas can be created in the same Region or across Regions and use asynchronous replication so read queries do not impact the writer. You can promote a replica for disaster recovery to enable read/write operations. Note that IBM Db2 licenses are required for all replica vCPUs; customers may use On‑Demand licenses from the AWS Marketplace or BYOL.

Microsoft’s open-source journey: from Linux to AI scale

🔎 Microsoft recounts its transition from an early Linux contributor in 2009 to one of the largest open-source supporters in cloud and AI today. The post highlights Azure as a top contributor to the CNCF, the 2015 launch of VS Code, the 2018 GitHub acquisition, and the role of AKS and managed PostgreSQL in enterprise deployments. It also describes COSMIC, explains how OpenAI’s ChatGPT runs at global scale on Azure infrastructure, and lists projects Azure teams are building in the open.

MoQ: A unified, low-latency media relay on QUIC at scale

🔁 Cloudflare announces the first Media over QUIC (MoQ) relay network, built on a modern transport to unify ingest and delivery for real-time media. MoQ — an open IETF protocol developed alongside vendors like Meta, Google, and Cisco — treats media as named, subscribable tracks and forwards immutable wire Objects via relays without transcoding. The design leverages QUIC features such as no head-of-line blocking, connection migration, and 0-RTT resumption to deliver sub-second latency at broadcast scale, while simplifying architectures that previously required many disparate protocols.

AWS releases MCP server for Billing and Cost Management

🧾 AWS has published an open-source Model Context Protocol (MCP) server for Billing and Cost Management, available in the AWS Labs GitHub repository. The server exposes AWS service APIs and a dedicated SQL-based calculation engine to produce reliable, reproducible cost calculations across large volumes of usage data. It integrates with any MCP-compatible AI assistant or agent — including Q Developer CLI, the Kiro IDE, Visual Studio Code, and Claude Desktop — enabling customers to analyze historical spend, find optimization opportunities, and estimate costs for new workloads with minimal configuration.

Automation Is Reshaping Penetration Test Delivery Workflows

🔁 Pentesting remains a critical control for uncovering real-world vulnerabilities, but static PDF reports and spreadsheet handoffs create delays and inefficiencies. The piece advocates automating pentest delivery so findings are consolidated and routed in real time through rules-based workflows, enabling teams to act immediately and reduce churn. Platforms like PlexTrac are highlighted for centralizing manual and scanner outputs, automating ticketing into tools such as Jira and ServiceNow, and triggering retests to close the loop. The result is faster remediation, standardized processes, and measurable reductions in MTTR for both service providers and enterprises.

Count Tokens API Adds Claude Model Support in Bedrock

🧮 The Count Tokens API is now available in Amazon Bedrock, enabling users to determine token counts for a prompt or input prior to performing inference. Anthropic’s Claude models are supported at launch and the feature is available in all regions where those models run. This improves cost projection, gives more control over token limits, and reduces the risk of unexpected throttling. It also helps ensure inputs fit within a model's context length for more efficient prompt optimization.

Amazon SageMaker Unified Studio adds S3 file sharing option

📂 Amazon SageMaker Unified Studio now offers a simplified S3-based file storage option for project collaboration. Customers can choose between Git integrations (GitHub, GitLab, Bitbucket Cloud) or Amazon S3 buckets, with S3 set as the default while Git remains fully supported. The S3 option gives a consistent view of files across Studio tools, uses a last-write-wins model, and supports basic versioning when administrators enable it.

Amazon Verified Permissions adds Cedar 4.5 support

🔒 Amazon Verified Permissions now supports Cedar 4.5, introducing the new is operator to enable type-based access checks. Developers can write policies that grant or deny access based on a resource’s declared type—for example, allowing administrators to view a resource only when it is an invoice in a petstore app. The update enhances Cedar’s type system, helps catch type-related errors earlier in policy development, and is available in all AWS Regions where the service runs; new and backward-compatible accounts have been automatically upgraded.

AWS Neuron SDK 2.25: Inference and Monitoring Enhancements

🚀 AWS has released Neuron SDK 2.25.0, now generally available for Inferentia and Trainium instances, adding context and data parallelism support plus chunked attention to accelerate long-sequence inference. The update enhances neuron-ls and neuron-monitor APIs to show node affinities and device utilization, and introduces automatic aliasing (Beta) and disaggregated serving improvements (Beta). Upgraded AMIs and Deep Learning Containers are provided for inference and training.

AWS VPC IPAM Console Adds CloudWatch Alarm Management

🔔 Amazon Web Services has enhanced Amazon VPC IP Address Manager (IPAM) with deeper Amazon CloudWatch alarm integration, bringing alarm visibility and management directly into the IPAM console. Alarms are now visible across IPAM pages and a new resource-level Alarms tab lists alerts associated with specific IPAM resources. You can create alarms from the console (which redirects to CloudWatch with relevant fields pre-populated) and receive proactive monitoring suggestions for resources without alarms. The feature is available in all Regions where IPAM is supported, including AWS China and AWS GovCloud (US).