All news in category "Vendor and Hyperscaler Watch"

Amazon RDS Proxy Adds IPv6 Support for Connections

🌐 Amazon RDS Proxy now supports IPv6 addresses for pooling and sharing database connections, while continuing to offer existing IPv4 endpoints for backwards compatibility. Customers may specify proxy target connections using either IPv4 or IPv6. The change reduces the need to manage overlapping VPC address spaces and helps mobile, IoT, and modern serverless applications that open many database connections. By pooling connections, RDS Proxy improves database efficiency and application scalability.

Gemini Cloud Assist for Dataproc: Troubleshoot Apache Spark

🛠️ Gemini Cloud Assist Investigations is now in public preview to help troubleshoot Dataproc and Serverless for Apache Spark workloads by automatically analyzing driver and executor logs, Spark UI metrics, configurations, and cross-product telemetry. Accessible from the Google Cloud console and via API, it produces prioritized summaries and clear remediation steps. The tool is tailored to data engineers, data scientists, SREs, and managers to reduce investigation time and accelerate fixes.

Amazon GuardDuty Adds Custom Entity Lists for Domains

🛡️ AWS announced general availability of Amazon GuardDuty custom threat detection using entity lists, extending support beyond IP-only lists to include malicious domains and IP addresses. GuardDuty introduces a new finding type, Impact:EC2/MaliciousDomainRequest.Custom, triggered when activity related to a listed domain is observed. Entity lists also allow suppression of alerts from trusted sources and simplify cross-region permission management, avoiding IAM policy size limits. The feature is available in all GuardDuty Regions except China and GovCloud (US).

Azure Phase 2: Mandatory MFA for Resource Management

🔒 Microsoft is starting Phase 2 of mandatory multi-factor authentication for Azure resource management operations on October 1, 2025. Enforcement at the Azure Resource Manager layer will be applied gradually via Azure Policy, requiring users to complete MFA before performing management actions. Workload identities (managed identities and service principals) are not affected. Administrators should enable MFA, test policy in audit mode, and ensure Azure CLI 2.76 and Azure PowerShell 14.3 or later are in use for best compatibility.

Aurora PostgreSQL Limitless Now Supports PostgreSQL 16.9

🚀 Amazon Aurora PostgreSQL Limitless Database now supports PostgreSQL 16.9 compatibility. This release delivers PostgreSQL community bug fixes and performance improvements along with Aurora-specific additions, including support for the hstore and auto_explain extensions. The serverless, distributed engine transparently scales compute and queries across multiple Aurora Serverless instances while preserving single-database transactional consistency, distributed query planning, and transaction management. Available across multiple AWS regions; review the documentation and pricing for details.

AWS Config Tracks Resource Tags for IAM Policies Globally

🔍 AWS Config now records resource tags for IAM policy resource types, enabling you to capture tag values and track their changes directly in your Config recorder. You can scope both Config-managed and custom rule evaluations by tag and use Config aggregators to selectively collect IAM policies across accounts. This capability is available in all supported AWS Regions at no additional cost.

Microsoft Gives Free One-Year 365 to U.S. Students

🎓 Microsoft is offering a free 12-month subscription to Microsoft 365 Personal for U.S. college students, including community college attendees, with the offer available through October 31, 2025. The subscription includes Word, Excel, PowerPoint, OneNote, and Outlook with the Copilot AI assistant, plus 1 TB of OneDrive storage and ransomware protection. Students must verify enrollment via a school email or documentation, and a 50% discount is available if they keep the plan after the first year. Microsoft also announced educator grants, community college certifications, AI training, and expanded Copilot access for U.S. schools.

Avoid Outdated IGA: Choose No-Code for Faster Governance

🔐 Many organizations face rising identity-driven attacks but traditional IGA deployments are slow, costly, and require extensive custom integrations. tenfold promotes a no-code IGA platform with a library of ready-made plugins and a visual configuration interface that dramatically shortens setup from months or years to weeks. The vendor says this reduces technical debt, lowers resource demands, and still allows custom code where necessary.

AWS GA: Org Notification Configurations for Organizations

📣 AWS announced general availability of Organizational Notification Configurations for AWS User Notifications, enabling centralized configuration and visibility of notifications across an AWS Organization. The Management Account or up to five Delegated Administrators (DAs) can configure and view notifications for specific OUs or all accounts rolling up to the organization. Events from member accounts generate notifications in the Management Account and can push to the AWS Console Mobile Application and the Admin Console Notifications Center. This capability works with any Amazon EventBridge-supported event and is available in all Regions where AWS User Notifications is offered.

Automation Is Transforming Pentest Delivery Workflows

🔁 Automation is reshaping how penetration test findings are delivered and acted upon. Traditional static reports—PDFs, emailed documents, and spreadsheets—create delays and manual handoffs that undermine remediation speed. Platforms like PlexTrac centralize scanner and manual findings and enable real-time routing, ticketing, and retesting to reduce MTTR and standardize workflows across teams. By automating triage, assignment, and triggered validation into existing tools (Jira, ServiceNow, Slack), teams get faster handoffs, consistent remediation lifecycles, and measurable operational gains. Start small, iterate workflows, and measure MTTR improvements to avoid common pitfalls like overengineering or stale automation.

AWS Backup Audit Manager Adds Organization-wide Reports

🔔 AWS has extended AWS Backup Audit Manager to produce organization-wide, cross-account and cross-Region reports in six additional Regions: Asia Pacific (Hyderabad, Jakarta, Melbourne), Europe (Spain, Zurich), and Middle East (UAE). Using an AWS Organizations management or delegated administrator account, you can aggregate compliance and operational backup data across accounts and Regions. The feature centralizes policy enforcement and helps demonstrate adherence to business and regulatory data protection requirements.

Passwordless Authentication: 10 Enterprise Solutions

🔐 Passwordless authentication aims to replace fragile passwords with modern, standards-based alternatives to improve security and usability. The piece stresses the central role of the FIDO Alliance and the emergence of Passkeys as an industry evolution. It compares ten vendors — including Okta, Yubico, HYPR and CyberArk — describing device-based cryptographic keys, biometrics, TPM protection and enterprise integrations. Deployment options range from hardware tokens to managed passkey services and offline, air-gapped support to ease migration.

Agent Factory Recap: AI, Future Development, Vibe Coding

🛠️ In Episode #6 of the Agent Factory podcast, Keith Ballinger discusses how AI agents and the Gemini CLI are reshaping software development and elevating developers into orchestration and context engineering roles. He demonstrates 'vibe coding' with live demos that produced a command-line markdown viewer in under 15 minutes and highlights open-source projects Terminus and Aether as practical examples. The episode also addresses infrastructure for AI workloads, multi-cloud and edge orchestration, and the growing need for human review in regulated industries.

Baseten: improved cost-performance for AI inference

🚀 Baseten reports major cost-performance gains for AI inference by combining Google Cloud A4 VMs powered by NVIDIA Blackwell GPUs with Google Cloud’s Dynamic Workload Scheduler. The company cites 225% better cost-performance for high-throughput inference and 25% improvement for latency-sensitive workloads. Baseten pairs cutting-edge hardware with an open, optimized software stack — including TensorRT-LLM, NVIDIA Dynamo, and vLLM — and multi-cloud resilience to deliver scalable, production-ready inference.

Amazon EC2 AMI Usage: Track and Manage AMI Consumption

🔍 Amazon EC2 today announced AMI Usage, a new capability to track AMI consumption across AWS accounts and resources. It generates reports listing accounts that use your AMIs in EC2 instances and launch templates and shows utilization across instances, launch templates, Image Builder recipes, and SSM parameters. This reduces the need for custom scripts, helps safely manage AMI deregistrations, and supports cost optimization. AMI Usage is available at no additional cost in all AWS regions, including China and GovCloud.

Validate SAP HANA Best-Practice Compliance with SSM

🔍 AWS Systems Manager Configuration Manager now supports SAP HANA, enabling automated validation of SAP HANA databases running on AWS against best practices defined in the AWS Well‑Architected Framework SAP Lens. The capability automatically assesses configurations, proactively flags misconfigurations, and provides specific remediation guidance so teams can address issues before they impact operations. Checks can be scheduled or run on demand, and SSM for SAP Configuration Manager is available in all commercial AWS Regions.

Amazon Neptune Adds Public Endpoints for Developers

🌐 Amazon Neptune now supports Public Endpoints, enabling developers to connect to Neptune clusters directly from development desktops without VPNs, bastion hosts, or complex network setups. The capability can be enabled for new or existing clusters running engine version 1.4.6 or later via the AWS Console, CLI, or SDK. Security is maintained using IAM authentication, VPC security groups, and encryption in transit. The feature is available at no additional cost in all Regions where Neptune is offered.

Microsoft Cost Management: July-August 2025 Product Updates

💡 Microsoft Cost Management released a set of July–August 2025 updates to help organizations monitor and reduce Azure spend. The release adds service principal support for the Partner Admin Reader role, enabling EA indirect partners to programmatically access cost data without interactive accounts. Other highlights include a Pricing Calculator user tip, new cost-saving offers such as Azure Firewall ingestion-time transformation (GA) and the Azure Storage Mover preview, updated documentation on billing and reservations, and new instructional videos on cost allocation and Copilot for cost insights.

Managed Service for Prometheus: Quota Visibility via AWS

🔍 Amazon Managed Service for Prometheus now exposes applied quota values and utilization through AWS Service Quotas and Amazon CloudWatch. This integration delivers centralized visibility of service limits across workspaces, enables quick quota increase requests, and provides usage metrics that you can incorporate into CloudWatch alarms and dashboards. Usage metrics are always enabled, provided at no extra cost, and accessible via console, APIs, and CLI in all regions where the service is generally available.

Avnet Reclaims Security Data, Cuts Costs, Boosts AI

🔐 Avnet moved away from vendor-bound SIEM, EDR and RBVM silos toward a centralized security data pipeline built on Cribl, prompted by a legacy SIEM renewal that became a strategy inflection point. The redesign gave Avnet full ownership of telemetry, enabled large-scale ETL and flexible routing, and freed analysts from vendor dashboards. Operationally, licensing and storage costs dropped dramatically to 15% of prior levels while processing capacity doubled and pipeline staffing fell from four engineers to one. With its own data layer in place, Avnet is accelerating analytics and AI use cases such as tailored LLMs and retrieval-augmented generation (RAG) to improve investigations and reduce analyst workload.