All news in category "Vendor and Hyperscaler Watch"

Automation Is Reshaping Penetration Test Delivery Workflows

🔁 Pentesting remains a critical control for uncovering real-world vulnerabilities, but static PDF reports and spreadsheet handoffs create delays and inefficiencies. The piece advocates automating pentest delivery so findings are consolidated and routed in real time through rules-based workflows, enabling teams to act immediately and reduce churn. Platforms like PlexTrac are highlighted for centralizing manual and scanner outputs, automating ticketing into tools such as Jira and ServiceNow, and triggering retests to close the loop. The result is faster remediation, standardized processes, and measurable reductions in MTTR for both service providers and enterprises.

Amazon SageMaker Unified Studio adds S3 file sharing option

📂 Amazon SageMaker Unified Studio now offers a simplified S3-based file storage option for project collaboration. Customers can choose between Git integrations (GitHub, GitLab, Bitbucket Cloud) or Amazon S3 buckets, with S3 set as the default while Git remains fully supported. The S3 option gives a consistent view of files across Studio tools, uses a last-write-wins model, and supports basic versioning when administrators enable it.

Count Tokens API Adds Claude Model Support in Bedrock

🧮 The Count Tokens API is now available in Amazon Bedrock, enabling users to determine token counts for a prompt or input prior to performing inference. Anthropic’s Claude models are supported at launch and the feature is available in all regions where those models run. This improves cost projection, gives more control over token limits, and reduces the risk of unexpected throttling. It also helps ensure inputs fit within a model's context length for more efficient prompt optimization.

Amazon Verified Permissions adds Cedar 4.5 support

🔒 Amazon Verified Permissions now supports Cedar 4.5, introducing the new is operator to enable type-based access checks. Developers can write policies that grant or deny access based on a resource’s declared type—for example, allowing administrators to view a resource only when it is an invoice in a petstore app. The update enhances Cedar’s type system, helps catch type-related errors earlier in policy development, and is available in all AWS Regions where the service runs; new and backward-compatible accounts have been automatically upgraded.

AWS Neuron SDK 2.25: Inference and Monitoring Enhancements

🚀 AWS has released Neuron SDK 2.25.0, now generally available for Inferentia and Trainium instances, adding context and data parallelism support plus chunked attention to accelerate long-sequence inference. The update enhances neuron-ls and neuron-monitor APIs to show node affinities and device utilization, and introduces automatic aliasing (Beta) and disaggregated serving improvements (Beta). Upgraded AMIs and Deep Learning Containers are provided for inference and training.

AWS VPC IPAM Console Adds CloudWatch Alarm Management

🔔 Amazon Web Services has enhanced Amazon VPC IP Address Manager (IPAM) with deeper Amazon CloudWatch alarm integration, bringing alarm visibility and management directly into the IPAM console. Alarms are now visible across IPAM pages and a new resource-level Alarms tab lists alerts associated with specific IPAM resources. You can create alarms from the console (which redirects to CloudWatch with relevant fields pre-populated) and receive proactive monitoring suggestions for resources without alarms. The feature is available in all Regions where IPAM is supported, including AWS China and AWS GovCloud (US).

Microsoft Named Leader in 2025 Gartner Magic Quadrant

🚀 Microsoft has been named a Leader in the 2025 Gartner Magic Quadrant for Cloud-Native Application Platforms and is positioned furthest to the right in Completeness of Vision. The announcement highlights a developer-first approach across containers, functions, APIs, and web frameworks, with integrated tools such as GitHub Copilot and Visual Studio. Azure emphasizes AI-native capabilities through Azure AI Foundry and platform innovations designed to accelerate agentic applications for enterprise scenarios.

CloudWatch adds regional support for natural language queries

🔍 Amazon CloudWatch Logs Insights now extends its natural language query result summarization to 15 additional AWS Regions, delivering AI-generated, concise descriptions of query outputs to speed troubleshooting. Additionally, natural language query generation is available in six more Regions for CloudWatch Logs Insights and Metrics Insights, while PPL and SQL query generation has been added in three Regions. These features let users express intent in plain English to produce queries and receive readable summaries without deep query-language expertise, reducing time to actionable insight.

CloudGuard WAFaaS Now Available on AWS Marketplace

🔒 CloudGuard WAF-as-a-Service is now available on the AWS Marketplace and verified as Deployed on AWS. This pay-as-you-go service simplifies web application and API protection for AWS customers and reduces procurement friction. The offering has been recognized in the Gartner Market Guide for WAAP and named a Leader in the GigaOm Radar. Independent testing reported a 99.4% threat detection rate and 0.81% false positives, underscoring strong efficacy with low noise.

AWS IoT Core Adds Customer-Managed KMS Keys Support

🔐 AWS IoT Core now supports customer-managed keys (CMK) via AWS KMS, enabling encryption of data stored in IoT Core with customer-controlled keys. When CMK is selected, AWS automatically re-encrypts existing stored data and manages the transition to avoid operational disruption. The feature is available in all Regions where IoT Core is supported and enhances control over key lifecycle — creation, rotation, monitoring, and deletion.

Microsoft restricts Chinese firms' early MAPP exploit access

🔒 Microsoft has restricted distribution of proof-of-concept exploit code to MAPP participants in countries where firms must report vulnerabilities to their governments, including China. Affected companies will receive a more general written description issued at the same time as patches rather than PoC code, Microsoft said. The change follows the late-July SharePoint zero-day attacks and concerns about a possible leak from the early-bug-notification program.

AWS Incident Response Achieves HITRUST CSF Certification

🔒 AWS Security Incident Response is now HITRUST CSF certified, demonstrating alignment with rigorous security and privacy controls used by healthcare, life sciences, and other regulated sectors. The certification confirms that organizations can leverage AWS Security Incident Response to automate alert monitoring, streamline incident coordination, and access 24/7 security experts. Customers can inherit AWS HITRUST scores to reduce audit burden and integrate via console, CLI, or APIs.

AWS Security Incident Response Adds ITSM Integrations

🛡️ AWS Security Incident Response now integrates with popular ITSM platforms like Jira and ServiceNow, offering bidirectional synchronization for issues, comments, attachments, and case updates. The connectors are provided as open-source projects on GitHub with sample code, deployment instructions, and implementation best practices. A modular design and technical documentation make it straightforward to extend support to additional ITSM targets and to leverage AI assistants for rapid customization.

Quantum-safe security: Progress toward PQC adoption

🔒 Microsoft outlines a multi-year plan to transition to post-quantum cryptography, stressing that preparation must begin now. The post highlights investments in both quantum research (including Majorana 1 and 4D geometric error correction) and cryptographic readiness, plus collaboration with standards bodies such as NIST and IETF. It describes tools like the Adams Bridge Accelerator, PQC previews, and the Quantum Safe Program with a phased roadmap targeting early adoption by 2029 and completion by 2033.

Amazon MSF for Apache Flink Adds Customer Managed Keys

🔐 Amazon Managed Service for Apache Flink now supports Amazon KMS Customer Managed Keys (CMK), giving customers the option to use their own keys instead of AWS-owned keys. This provides greater control over encryption at rest, key rotation, and access policies for data stored in MSF. The update helps address compliance and governance requirements and is available by region; refer to the documentation for implementation details.

Agent Factory: Build Your First AI Agent with Tools

🔧 This Microsoft Azure blog post, the second entry in the six-part Agent Factory series, explains how tool ecosystems are defining the next wave of agentic AI. It argues the industry is moving from single-model prompts to extensible platforms that let agents discover and invoke a broad set of capabilities at runtime. The piece highlights the Model Context Protocol (MCP) and Azure AI Foundry for secure, enterprise-grade tool integration, and summarizes five best practices for governance, identity, and observability to achieve scalable, production-ready agents.

AWS Launches Customizable Billing and Cost Dashboards

📊 AWS announces general availability of AWS Billing and Cost Management Dashboards, a customizable feature that consolidates spending data from AWS Cost Explorer, Savings Plans, and Reserved Instance coverage and utilization reports. Users can build cost, usage, Savings Plans, and Reserved Instance widgets with line, bar, stacked bar, or table visualizations, arrange layouts, and share dashboards across accounts. The capability is available at no additional cost in all AWS commercial Regions except AWS China Regions.

Harmony SASE MCP Server Enables AI-Driven Visibility

🔗 The Harmony SASE MCP Server connects AI and IDE assistants to Harmony SASE, enabling direct, secure access to networking and security context. Built on the open Model Context Protocol (MCP), it exposes a curated set of endpoints so AI tools like Claude, Cursor, and GitHub Copilot can enrich workflows, accelerate investigations, and integrate SASE telemetry into familiar analyst and developer interfaces.

Fortinet Unified SASE: Integrated Networking and Security

🔒 Fortinet presents Fortinet Unified SASE as a natively integrated platform that combines cloud-delivered FortiSASE with Fortinet Secure SD‑WAN on a single operating system to avoid the fragmentation common in many SASE solutions. The article stresses a single-agent experience via FortiClient, one management plane powered by FortiOS, and consolidated threat intelligence from FortiGuard Labs. It highlights flexible deployment choices, global POPs, and sovereign SASE options to meet data residency and compliance requirements. Fortinet also emphasizes AI/ML-driven correlation and GenAI-assisted policy and investigation to improve detection and operational efficiency.

Frenemies in Cybersecurity: Balancing Competition & Sharing

🤝 In a Threat Vector podcast, Michael Sikorski and Michael Daniel of the Cyber Threat Alliance discuss how competing vendors must nonetheless collaborate to counter shared threats. Daniel recalls how pooled observations during the 2017 WannaCry outbreak revealed its worm-like propagation and accelerated industry response. He emphasizes that the main obstacles to sharing are human—culture, legal risk, and lack of executive prioritization—and that concrete guardrails (antitrust-compliance statements, embargo protocols, and equal treatment) build the trust needed for timely intelligence exchange. The post cautions that as adversaries adopt AI and automation, systematic collaboration is essential.