< ciso
brief />
Vendor and Hyperscaler Watch Banner

All news in category “Vendor and Hyperscaler Watch

4625 articles · page 80 of 232

HP launches TPM Guard to block physical TPM attacks

🔒 HP announced TPM Guard, a hardware-plus-firmware solution introduced at its Imagine event, which creates an authenticated, encrypted tunnel between the TPM and the CPU to protect keys in transit. The design cryptographically binds the TPM to the host processor so the chip stops functioning if removed. HP says the feature thwarts low-cost physical attacks that can intercept TPM communications and will be available via firmware update on selected G2 commercial PCs starting in July, with broader integration in future models.
read more →

Dynamic Workers: Cloudflare's Fast JavaScript Sandboxes

🚀 Cloudflare's Dynamic Worker Loader API enables Workers to instantiate isolated JavaScript sandboxes at runtime, letting LLM-generated code run securely and on-demand. Using lightweight V8 isolates rather than containers, Dynamic Workers start in milliseconds, are far more memory efficient, and scale across Cloudflare's edge. The feature supports TypeScript RPC interfaces, credential injection for outbound HTTP, and helper libraries for bundling, virtual filesystems, and Code Mode integration.
read more →

Five Ways Chrome Enterprise Strengthens Browser Security

🔒 Chrome Enterprise outlines five enhancements aimed at reinforcing browser security for organizations, addressing modern risks from session theft to malware-driven credential theft. Highlights include Device Bound Session Credentials to prevent session hijacking, cache encryption to protect data at rest, and App-bound encryption to block unauthorized apps from reading browser-stored secrets. Administrators also get tighter download controls and deeper integrations with partners such as Citrix and Okta to improve access decisions and incident response.
read more →

GKE and OSS Innovation Highlights at KubeCon EU 2026 Updates

🚀 Google Cloud previews GKE and open-source innovations at KubeCon Europe 2026, focusing on making Kubernetes the best platform for AI and agentic workloads. Autopilot compute classes can now be enabled per workload on Standard clusters, and GKE Cluster Autoscaler will be open-sourced to advance vendor-neutral provisioning. GKE is certified for the CNCF Kubernetes AI Conformance program, and projects like llm-d, DRA drivers for TPUs, and DRANET aim to standardize inference and resource management. Features such as the Model Context Protocol, Kubernetes Agent Sandbox, and GKE Pod Snapshots target secure, fast startup and manageability for agents.
read more →

Kubernetes as AI Infrastructure: llm-d Joins CNCF Sandbox

🚀 Google Cloud and partners announced that llm-d has been accepted into the CNCF Sandbox to promote open, accelerator-agnostic standards for distributed LLM inference. As a founding contributor alongside Red Hat, IBM Research, CoreWeave, and NVIDIA, Google emphasizes running any model on any accelerator in any cloud without vendor lock-in. GKE Inference Gateway now integrates the llm-d Endpoint Picker (EPP) to enable model-aware routing that optimizes for KV-cache hits, inflight requests, and queue depth, yielding concrete production gains in Vertex AI tests. Complementary work on the Kubernetes LeaderWorkerSet (LWS) API and vLLM extensions for Cloud TPUs targets scalable multi-node orchestration and up to 5x throughput improvements.
read more →

Microsoft Open Source and AKS at KubeCon Europe 2026

🚀 At KubeCon + CloudNativeCon Europe 2026, Microsoft outlined coordinated open-source and AKS enhancements designed to bring AI workloads to Kubernetes with enterprise-grade operational patterns. Upstream work includes DRA reaching GA, Workload Aware Scheduling for Kubernetes 1.36, DRANet Azure RDMA compatibility, and new projects such as AI Runway, HolmesGPT (CNCF Sandbox), and Dalec. AKS platform updates add identity-aware networking with Azure Kubernetes Application Network, meshless Istio routing, WireGuard and Cilium-based encryption, built-in GPU telemetry into managed Prometheus/Grafana, per-flow L3/L4 and L7 observability, a managed Cilium cluster mesh via Fleet Manager, Elastic SAN shared storage, AKS Desktop GA, and safer upgrades with blue-green agent pool upgrades and agent pool rollback.
read more →

CrowdStrike Expands Falcon Flex Consumption to Services

⚡ CrowdStrike is extending the Falcon Flex consumption model to its expert-led services, allowing customers to draw down a standalone services entitlement across incident response, proactive security, advisory, platform services, and training. The approach reduces procurement friction and supports pre-arranged incident response readiness independent of Falcon subscriptions or standard retainers. For qualifying new customers, the Zero Dollar Flex Fund provides 200 hours (160 incident response, 40 proactive) over 12 months to simplify first-time engagement.
read more →

CrowdStrike Agentic MDR and SOC Transformation Services

⚡CrowdStrike introduces agentic MDR through Falcon Complete, combining deterministic automation, adaptive AI agents, and human analyst oversight to accelerate detection and response at machine speed. The service leverages Falcon Fusion SOAR and proprietary tooling to execute expert-engineered playbooks, delivering faster median time to contain and consistent, repeatable remediations. Complementary SOC Transformation Services modernize SIEM, data pipelines, workflows, and governance so organizations can adopt agentic operations safely and deliberately.
read more →

Falcon Data Security: Protecting Data Where It Moves

🔒 CrowdStrike introduces Falcon Data Security, a unified solution that discovers, classifies, and defends sensitive information across endpoints, browsers, SaaS, cloud services, and GenAI workflows. The offering uses a shared classification engine for consistent identification of PCI, PII, PHI, and other sensitive types, and applies AI to reduce manual tagging. Real-time visibility into data in motion — including egress context and runtime cloud flows via eBPF telemetry — lets teams stop risky transfers at the moment they occur. Natively integrated with the Falcon platform, it correlates data events with device, user, and adversary telemetry to prioritize and automate response.
read more →

CrowdStrike Adds Adversary-Aware Prioritization to CNAPP

🔒 CrowdStrike introduces three CNAPP innovations in Falcon Cloud Security to improve cloud risk prioritization and remediation. Application Explorer unites runtime application mapping with infrastructure context to show which apps access sensitive data and external AI models. Adversary intelligence aligns findings to over 280 tracked threat groups and Timeline Explorer reconstructs change histories to show root cause and validate fixes.
read more →

AWS HealthOmics Launches Batch Run for Genomics Workflows

🧬 AWS announced that HealthOmics now supports batch run submission, enabling customers to submit up to 100,000 runs of a workflow in a single request. All runs in a batch share a common configuration with optional per-run overrides for specific sample inputs or parameter values. The batch APIs provide full lifecycle management—including a batch ID for tracking, bulk cancel/delete, and progress monitoring—to simplify orchestration and troubleshooting. The feature is available across all HealthOmics regions and the service is HIPAA-eligible.
read more →

Palo Alto Updates Prisma AIRS and Browser for AI Agents

🔒 Palo Alto Networks updated Prisma AIRS and its Prisma Browser to discover and map AI agents, models and connections across cloud, SaaS and endpoints, scan agent artifacts for vulnerabilities, and simulate agent-targeted attacks. Prisma AIRS 3.0 — contingent on the planned acquisition of Koi Security — will add an AI Agent Gateway to enforce agent runtime and identity security. Prisma Browser now detects user-generated AI activity, enforces content-aware boundaries, prevents sensitive data from leaking to unmanaged LLMs, and blocks prompt-injection attacks. Separately, following its CyberArk deal, Palo Alto introduced Next Generation Trust Security (NGTS) to automate certificate discovery and lifecycle management.
read more →

Prisma SASE: Enabling Secure Agentic AI Workspaces

🔒 Palo Alto Networks announces the next evolution of Prisma SASE, engineered to secure the emerging era of agentic AI by treating autonomous agents as first-class identities. The platform reimagines Prisma Browser as a secure AI workspace, extending AI-powered data protection across endpoints, network, SaaS and GenAI apps while detecting prompt injection and agent hijacking. It also adds autonomous operations and resilient deployment options, including SASE Private Location and hyperscaler integration, to ensure always-on performance for machine-speed workflows.
read more →

Cryptographic Reset: Operational Shifts in Trust Now

🔐 The cryptographic foundation of the internet is undergoing a rapid operational reset driven by shorter certificate lifecycles and the transition to quantum-resistant algorithms. The CA/Browser Forum reduced public TLS validity to 200 days on March 15, 2026, with further reductions planned to 100 days in 2027 and 47 days by 2029, dramatically increasing renewal velocity. Manual certificate processes and spreadsheets will not scale; organizations need network-native discovery, continuous certificate visibility, and fully automated lifecycle management. Palo Alto Networks' Next-Generation Trust Security brings certificate lifecycle controls into the network to automate discovery, renewal, deployment and governance.
read more →

Palo Alto Networks Unveils Prisma AIRS 3.0 Platform

🔒 Palo Alto Networks today introduced Prisma AIRS 3.0, a unified security platform designed to secure the emerging AI enterprise and agentic systems across cloud, SaaS, endpoints and browsers. The release emphasizes three pillars—Discover, Assess, Protect—expanding visibility from AI applications to live maps of enterprise agents and surfacing shadow AI. New capabilities include Agent Artifact Scanning, multiagent red teaming, an AI Agent Gateway for centralized policy enforcement, and agent identity controls to govern delegated access. Palo Alto positions the platform as a single control plane to replace point solutions and manage agent-specific runtime threats.
read more →

AWS IAM Policy Types for Secure Multi-Account Access

🔒 This post explains AWS IAM policy types and how to apply them in a multi-account environment. It describes identity-based and resource-based policies, permissions boundaries, service control policies (SCPs), and resource control policies (RCPs), with ownership guidance for central security and application teams. Using a practical multi-account example, it shows how to combine these controls to enforce least privilege and protect data while enabling team autonomy. It also recommends policy validation and provides sample code.
read more →

Training Frontier Models Efficiently on Ironwood TPUs

⚡ This technical guide explains how to extract peak training performance on Ironwood TPUs using the JAX and MaxText ecosystems. It highlights native FP8 support, Tokamax kernels for on-chip efficiency, offloading collectives to SparseCore processors, VMEM tuning, and sharding strategies (FSDP, TP, EP, CP, and hybrids). Practical flags and libraries such as Qwix and Tokamax are recommended for implementation.
read more →

RSAC '26: Supercharging Agentic AI Defense with Threat Intel

🔒 Google Cloud outlined a coordinated set of AI-driven security advances at RSAC ’26, anchored by the completed acquisition of Wiz and new agentic defense capabilities. The company highlighted Mandiant's M-Trends 2026 findings on rapid adversary operations and published guidance on AI risk and resilience. Previewed offerings include Google Security Operations with autonomous triage agents, dark web intelligence powered by Gemini, and expanded protections across model, data, and network security.
read more →

Bringing Dark Web Intelligence into the AI Era with Google

🛡️Google Threat Intelligence introduces a new dark web intelligence capability powered by Gemini that analyzes millions of dark web events daily and elevates only threats relevant to your organization. Using autonomous organizational profiling, it reduces manual keyword configuration and filters noise to surface actionable risks early in the attack lifecycle. Internal tests report approximately 98% accuracy, and GTIG analysts add human context to ground AI findings.
read more →

Varonis Atlas: End-to-End AI Security for Enterprises

🔒 Varonis today announced general availability of Varonis Atlas, an end-to-end AI security platform that discovers, assesses, tests, and enforces controls across AI systems and the data they access. The platform integrates AI inventory, AI-SPM, pentesting, runtime guardrails, monitoring, AIDR, and third-party risk into a single solution built on the Varonis Data Security Platform. Atlas emphasizes data-aware security, customer-owned telemetry, and compliance reporting to help enterprises govern AI at scale.
read more →