< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4606 articles · page 8 of 231

Palo Alto Networks Defines Identity Security Future

🔒 Palo Alto Networks announces Idira™, its next-generation identity security platform, following the acquisition of CyberArk to position identity as a core control plane for AI-driven enterprises. The platform treats every identity—human, machine and AI agent—as privileged, offering real-time discovery, just-in-time privilege and continuous governance. Partners are urged to adopt new advisory and delivery models to help customers reduce fragmentation and secure hybrid, cloud-native, and AI-enabled environments. The move aligns with customer demand for integrated, AI-powered security and supports partner enablement through the NextWave program.
read more →

AWS Security Hub Adds AI Security Best Practices

🛡️ AWS Security Hub CSPM introduces the AI Security Best Practices standard, offering 31 automated controls to detect misaligned AI resources. The standard evaluates Amazon Bedrock, Bedrock AgentCore, and Amazon SageMaker workloads against recommended configurations without manual rule creation. It covers domains like network isolation, encryption, VPC placement, KMS usage, private registries, and authorization, producing findings to help teams remediate issues. Available in all Regions where Security Hub CSPM operates, including GovCloud (US) and China.
read more →

Cloud Monitoring adds long-lookback PromQL alerts

🔔 Google Cloud announces preview support for long-lookback alert policies in Cloud Monitoring using PromQL, enabling queries across up to two years of metric history. The feature unlocks dynamic thresholding—alerts that compare recent behavior to historical baselines—helping catch anomalies that static thresholds miss. Google outlines example algorithms (moving averages, z-score, and seasonal time-offsets), discusses trade-offs like flakiness for new workloads, and shows a practical use case for preventing runaway spend.
read more →

CloudWatch Dynamic Instrumentation for Live Debugging

🛠️ Today AWS announced Dynamic Instrumentation for Amazon CloudWatch Application Signals, enabling capture of runtime state from live applications without restarts or redeployments. Developers can inspect variable values, method arguments, return values, and stack traces at configured code locations, removing the need to add logs and redeploy. Instrumentation is configured via the AWS Distro for OpenTelemetry SDKs and the CloudWatch Application Signals MCP server or CLI/SDK, and captured snapshots are delivered to CloudWatch Logs correlated with traces.
read more →

IAM Identity Center: Customer Managed App Account Access

🔐 IAM Identity Center now lets customer managed applications programmatically discover user-assigned AWS accounts and roles and retrieve temporary credentials for account access. If your application authenticates users via an external identity provider (IdP), you can configure that IdP as a trusted token issuer and enable AWS account access so users who already signed in through the IdP can obtain credentials without re-authenticating. Administrators must explicitly enable this for each customer managed application, and only management account or delegated administrators can grant the capability, ensuring centralized governance. The feature is available across all commercial, GovCloud (US), and China Regions.
read more →

Gemini Enterprise Agent Platform Remote MCP Server

🔗 The Gemini Enterprise Agent Platform remote MCP server lets external AI agents securely access Google Cloud Agent Platform resources. It acts as a standardized bridge so tools like Antigravity CLI or Claude Code can call models in Model Garden, manage Notebooks, and use shared prompts without leaving the IDE. Enable the API, configure your client, and use provided Toolset Endpoints to start integrating quickly while maintaining governance.
read more →

June 2026 Microsoft Security product updates

🔒 This update summarizes June 2026 releases across Microsoft Security that strengthen identity, multicloud, data, and developer protections. Highlights include codename MDASH for multi-model agentic vulnerability scanning, expanded Microsoft Defender agent and MCP detection, GA for Microsoft Entra Backup and Recovery, and extended database threat protection for AWS RDS. New reporting, multicloud coverage, and a unified identity risk score help teams detect, prioritize, and recover faster.
read more →

AlloyDB Omni: Secure hybrid database for finance

🔒 Google Cloud introduces AlloyDB Omni, a hybrid deployment of AlloyDB for PostgreSQL designed to modernize financial services databases while preserving data residency and regulatory compliance. The offering promises PostgreSQL compatibility to reduce vendor lock-in, high transactional performance, and integrated analytics and AI capabilities delivered on-premises, at the edge, or in hybrid clouds. It targets legacy licensing, sovereignty, and real-time insights gaps, and highlights customer outcomes demonstrating faster transactions and accelerated analytics.
read more →

Designing Azure IaaS for Long-Term Cost Efficiency

🔍 This third post in the Azure IaaS series outlines best practices to design, build, and optimize cloud infrastructure for sustained cost efficiency. It explains how compounded architectural choices across compute, storage, and networking drive costs and offers Azure capabilities—such as VM families, automated tiering, and resilient networking—to align resources with workload needs and reduce TCO.
read more →

SageMaker AI Adds Serverless Customization for Gemma 4

🧰 Amazon SageMaker AI now supports serverless model customization for Gemma 4 E4B and 31B models using supervised fine-tuning (SFT), direct preference optimization (DPO), and reinforcement fine-tuning (RFT). You can adapt these Google DeepMind-built Gemma models to specific domains and workflows, and SageMaker AI handles infrastructure provisioning and training orchestration so teams pay only for what they use. The launch expands serverless customization to include models from Nova, Nemotron 3, Qwen, Llama, gpt-oss, and DeepSeek families, and is available in US East (N. Virginia), US West (Oregon), Asia Pacific (Tokyo), and EU (Ireland).
read more →

AWS launches EC2 C9g/C9gd with Graviton5 CPUs

🚀 Starting today, Amazon EC2 C9g and C9gd instances powered by AWS Graviton5 processors are generally available. C9g targets HPC, batch processing, gaming, video encoding, distributed analytics, CPU-based ML inference, real-time analytics, and ad serving, while C9gd adds NVMe SSDs for low-latency local storage. These instances deliver up to 25% better compute vs Graviton4, with up to 35% faster performance for web and ML workloads and feature a 5x larger cache and the Nitro Isolation Engine for formal, mathematically assured isolation. Available in select US and EU regions and purchasable via Savings Plans, On-Demand, Spot, and Dedicated options.
read more →

AWS unveils Interconnect — last mile with AT&T

🔌 AWS introduces AWS Interconnect - last mile, a fully managed connectivity service that eases connections from branch offices, data centers, and remote sites to AWS. Now in a gated preview with AT&T in the US, the offering lets customers select region, bandwidth, Direct Connect Gateway ID and partner subscriber ID to initiate provisioning. AWS issues an activation key to complete AT&T provisioning while automating BGP, VLAN, and ASN setup, providing pre-provisioned capacity, high availability, and SLA-backed zero-downtime maintenance.
read more →

Lessons from underground: combating BEC threats

📣 Flare researchers examined underground forum discussions and tools used to orchestrate Business Email Compromise (BEC) campaigns, finding that attacks extend beyond email to include remote access, cash-out networks, and call centers. Actors target finance and leadership SaaS accounts, increasingly using AI to craft realistic messages and scale operations. Defenders should monitor exposed credentials, enforce MFA, train high-risk staff, and treat multi-channel contacts cautiously.
read more →

Fortinet Update on Frontier AI Use in Security

🔒 Fortinet describes its integration of frontier AI models (Anthropic’s Glasswing/Mythos and OpenAI’s Daybreak/GPT 5.5 Cyber) alongside on-premises models to scale security testing across firmware, source code, and penetration testing. The company emphasizes responsible innovation, mature vulnerability management, and human validation of AI findings. Fortinet reports limited exploitable firmware issues but greater findings from source-code analysis and commits to mitigation, virtual patching, and secure-by-default deployments.
read more →

AWS Security Hub Adds Microsoft Azure Monitoring

🔒 AWS Security Hub now monitors Microsoft Azure resources, extending risk analytics, cloud security posture management, vulnerability management, and security response across both clouds. The service auto-discovers Azure VMs, ACR images, Function Apps, and identities, evaluating misconfigurations, internet exposure, and software vulnerabilities. Findings from AWS and Azure appear in a single prioritized view with consistent formats and automation workflows, and a 30-day free trial for Azure monitoring is available.
read more →

Microsoft adds smarter bot protection to Teams

🛡️ Microsoft introduced a Teams admin policy that prevents third-party bots from joining meetings without organizer approval. The feature, announced in March, will roll out across Windows, macOS, Android, and iOS for standard multi-tenant and GCC clouds. When enabled, Teams detects potential bots, places them in the lobby, clearly identifies them, and prompts organizers to confirm admission. Additional controls planned include allow lists, blocking policies, reports, and audit logs to give admins greater visibility and control.
read more →

Microsoft strengthens bot protections for Teams

🔒 Microsoft introduced a Teams admin policy that prevents third-party bots from joining meetings without organizer approval. The feature, announced earlier in the Microsoft 365 roadmap, will roll out across Windows, macOS, Android, and iOS for multi-tenant and GCC customers. When enabled, Teams detects potential bots, places them in the lobby, identifies them clearly, and prompts organizers to admit them. Microsoft plans further controls such as allow lists, blocking policies, and audit reports to enhance visibility and governance.
read more →

Kali Linux 2026.2 adds nine tools and NetHunter fixes

🛠️ Kali Linux 2026.2, the second release of 2026, is available with 9 new tools, kernel and package updates, and numerous Kali NetHunter improvements. The release upgrades the default kernel to 6.19 (with 7.0 in kali-experimental), updates desktop environments to GNOME 50 and KDE Plasma 6.6, and refines service helper scripts. VM images now omit graphics firmware to shrink initrd sizes and speed boot times, while NetHunter gains Magisk standalone kernel flashing, new kernels, and various bug fixes.
read more →

Amazon GameLift Servers adds DDoS protection SDKs

🛡️ Amazon GameLift Servers now includes DDoS Protection client SDKs for C# and Unity, enabling developers to protect session-based multiplayer games from denial-of-service and distributed denial-of-service attacks. The service co-locates a relay network with game servers and uses access token-based authentication to allow only authorized client traffic. It enforces per-player UDP traffic limits, offers negligible latency, and is provided at no extra cost to GameLift Servers customers. The new SDKs complement existing C++ and Unreal Engine support and are available in multiple AWS regions.
read more →

CloudWatch Pipelines Adds OpenTelemetry Metrics Support

🔧 Amazon CloudWatch pipelines now supports processing and enriching OpenTelemetry (OTel) metrics during ingestion. CloudWatch pipelines is a fully managed service that ingests, transforms, and routes telemetry data to CloudWatch without requiring you to manage infrastructure. Customers can centrally apply transformations and add business context tags, strip high-cardinality labels, and rename metrics to enforce consistent naming, all with no application changes. The feature is available in Regions where CloudWatch pipelines and native OTel metrics are supported, and processing incurs no additional charge beyond standard ingestion pricing.
read more →