All news in category "Vendor and Hyperscaler Watch"

Bedrock Batch Inference: Claude Sonnet 4 and GPT-OSS

🚀 Amazon Bedrock now supports Batch inference for Anthropic Claude Sonnet 4 and OpenAI GPT-OSS (120B, 20B), enabling asynchronous processing of large workloads at approximately 50% of on-demand inference cost. The update targets bulk scenarios such as document analysis, large-scale summarization, content generation, and structured data extraction, and is optimized to deliver higher overall batch throughput on these newer models. Batch progress and workload metrics — including pending and processed records, tokens per minute, and Claude-specific pending tokens — are exposed at the AWS account level via Amazon CloudWatch.

AWS Marketplace Launches Streamlined AMI Fulfillment

🚀 AWS Marketplace has introduced a streamlined fulfillment experience for Amazon Machine Image (AMI) and AMI with CloudFormation products across both the website and console. The update combines configuration and purchase steps on a single page, clearly presenting fulfillment options, related AWS services, and seller-provided guidance. It also brings a new in-console launch experience for container products, providing a consistent multi-region, multi-language workflow.

Amazon S3 Express One Zone adds FIS resilience testing

🛠 AWS now supports resilience testing for S3 Express One Zone using AWS Fault Injection Service (FIS), enabling simulated network disruptions that cause data plane requests to timeout for directory buckets. The FIS network disruption action is included in the AZ Availability: Power Interruption scenario and is available in all Regions where the storage class is offered. You can run experiments via the AWS Management Console, AWS CLI, or the FIS API to validate monitoring, recovery procedures, and improve application resilience; consult FIS pricing for cost details.

Amazon Athena Adds CTAS Support for S3 Tables and Iceberg

🆕 Amazon Athena now supports CREATE TABLE AS SELECT (CTAS) statements targeting S3 Tables, enabling creation and population of a managed S3 Table from a single SQL query. The capability supports source data in Parquet, CSV, JSON and lake formats such as Apache Iceberg, Hudi, and Delta Lake. CTAS lets you partition data on the fly and the resulting tables can be queried, JOINed, and updated in Athena. This feature is available in AWS Regions where both Athena and S3 Tables are supported.

Amazon EC2 R8g Instances Now in AWS Asia Pacific (Jakarta)

🚀 Amazon EC2 R8g instances powered by AWS Graviton4 are now available in the AWS Asia Pacific (Jakarta) region. R8g delivers up to 30% better performance versus Graviton3, offers larger sizes—up to 48xlarge and 1.5 TB memory across 12 sizes including two bare-metal options—and targets memory‑intensive workloads. Built on the AWS Nitro System, these instances provide up to 50 Gbps networking and up to 40 Gbps to EBS for databases, in‑memory caches, and real‑time analytics.

Amazon DynamoDB Adds Granular Throttle Error Exceptions

🔔 Amazon DynamoDB now emits more granular throttling exceptions together with matching Amazon CloudWatch metrics. The enhanced exception payloads include a list of reasons for the throttle event and the Amazon Resource Name (ARN) of the table or index affected, helping teams pinpoint what was throttled. CloudWatch metrics are available immediately; to receive the richer exception details you must upgrade to the latest SDK. This capability is available in commercial, GovCloud (US), and China Regions.

DynamoDB: Emit Only Throttled Key Events to CloudWatch

📈 DynamoDB now supports selectively emitting events for throttled keys to CloudWatch Contributor Insights, enabling you to monitor only throttled items rather than all accessed keys. By emitting exclusively throttled-key events, you reduce monitoring costs and noise while maintaining visibility into throttling and usage hotspots. This mode is available in all commercial AWS Regions, GovCloud (US), and China Regions.

AWS Certificate Manager Adds PrivateLink Access for ACM

🔒 AWS Certificate Manager (ACM) now supports AWS PrivateLink, enabling access to ACM APIs from within an Amazon VPC without traversing the public internet. You can create interface endpoints to connect your VPC to ACM using the AWS Management Console, AWS CLI, or AWS CloudFormation. This private connectivity is available in all Regions where ACM and PrivateLink are supported, including AWS GovCloud (US) and China Regions, and helps meet compliance requirements by keeping API traffic inside the AWS network.

Amazon Managed Service for Prometheus Adds Resource Policies

🔒 Amazon Managed Service for Prometheus now supports resource-based policies on workspaces, allowing owners to specify which IAM principals can ingest metrics or run PromQL queries from other accounts. This removes the previous need to assume an IAM role in the workspace owner account for cross-account access. Workspace owners can attach policies to allow-list non-owner principals for Prometheus-compatible API actions, and the capability is available in all regions where the service is generally available.

Amazon Neptune integrates with Cognee for GenAI memory

🧠 Amazon Neptune now integrates with Cognee to provide graph-native memory for agentic generative AI applications. The integration enables developers to use Amazon Neptune Analytics as the persistent graph and vector store behind Cognee’s memory layer, supporting large-scale memory graphs, long-term memory, and multi-hop reasoning. Hybrid retrieval across graph, vector, and keyword modalities helps agents deliver more personalized, cost-efficient, and context-aware experiences; documentation and a sample notebook are available to accelerate adoption.

Spring 2025 PCI 3DS Compliance Package Available Now

🔒 AWS has renewed its PCI 3DS certification for Spring 2025 and expanded scope to include three additional services—Amazon Verified Permissions, AWS B2B Data Interchange, and AWS Resource Explorer—and three Regions: Asia Pacific (Thailand), Asia Pacific (Malaysia), and Mexico (Central). The compliance package includes an Attestation of Compliance (AOC) and an AWS Responsibility Summary to clarify shared responsibilities for handling payment card data. Coalfire served as the third-party Qualified Security Assessor (QSA) for the renewal. Customers can retrieve the detailed reports via the AWS Artifact self-service portal to support their audits.

PAN-OS 12.1 Orion: Quantum-Ready Multicloud Security

🔐 PAN-OS 12.1 Orion delivers a framework for quantum-ready and multicloud security, combining automated asset discovery, continuous risk assessment and centralized management via Strata Cloud Manager. It introduces an industry-first cipher translation to make legacy applications quantum-safe, plus quantum-optimized fifth-generation NGFW hardware for high-scale PQC inspection. The release also expands AI-driven detections and one-click deployment across AWS/Azure/GCP.

Palo Alto Networks' Quantum Security and PQC Tools

🔒 Palo Alto Networks announced a portfolio of quantum security innovations in PAN-OS 12.1 Orion and new fifth‑generation NGFWs to help organizations accelerate quantum readiness. The company introduces a Cryptographic Inventory in Strata Cloud Manager to identify and remediate weak or vulnerable cryptography. It delivers PQC support for NIST and prestandard algorithms and hybrid classical/post‑quantum options for VPNs and TLS. A new cipher translation proxy preserves legacy systems while migration proceeds, and Palo Alto Networks is advancing QRNG and QKD standards through industry initiatives.

Falcon Next-Gen Identity Security Unifies Protection

🔒 CrowdStrike announced Falcon Next-Gen Identity Security, a unified solution to protect human, non-human, and AI agent identities across on-premises, cloud, and SaaS environments. It consolidates initial access prevention, modern secure privileged access, identity threat detection and response (ITDR), SaaS identity security, and agentic identity protection into a single sensor and management console. Delivered via the AI-native Falcon platform, the offering provides real-time visibility, dynamic access enforcement, and autonomous response to reduce identity-driven breaches and simplify hybrid identity security.

Instagram Friend Map Risks: Privacy and Physical Safety

⚠️ Meta’s new Friend Map feature on Instagram is framed as an opt-in way to see friends’ locations and shared hangouts, but it raises serious privacy and safety concerns. Enabling the map can expose precise real‑time or habitual location data that bad actors could exploit for stalking, targeted harassment, or profiling. The feature blurs digital privacy and physical security, so users should carefully review settings, limit audiences, or decline participation if concerned about their safety.

AWS Achieves HITRUST Certification for 177 Services

🔒 Amazon Web Services announced that 177 AWS services achieved HITRUST certification for the 2025 assessment cycle, with five services certified for the first time: Amazon Verified Permissions, AWS B2B Data Interchange, AWS Payment Cryptography, AWS Resource Explorer, and AWS Security Incident Response. A third‑party assessor audited the services under the HITRUST CSF v11.5.1 framework. Customers can inherit the certification for validated assessments when they use in‑scope services and follow the AWS Shared Responsibility Model, and evidence is available through AWS Artifact.

Connect with Security Leaders at Microsoft Ignite 2025

🔒 Microsoft Security invites CISOs, SecOps leads, identity architects, and cloud security engineers to Microsoft Ignite 2025 in San Francisco (Nov 17–21) and online (Nov 18–21) to explore secure AI adoption and modern SecOps. Register with RSVP code ATXTJ77W to access the half-day Microsoft Security Forum (Nov 17), hands-on labs, live demos, and one-on-one meetings with experts. Attendees can join networking events including the Secure the Night party, pursue onsite Microsoft Security certifications, and engage in roundtables focused on threat intelligence, regulatory insights, and protecting data, identities, and infrastructure.

Agent Factory: Enterprise Design Patterns for Agentic AI

🤖 Microsoft introduces the Agent Factory series to share best practices and design patterns for enterprise agentic AI that reasons, acts, and collaborates across workflows. The post outlines five core patterns—tool use, reflection, planning, multi-agent, and ReAct—and links them to real-world outcomes such as reduced proposal time and automated incident delivery. It stresses the need for a unified platform to manage security, identity, observability, and connectors. Azure AI Foundry is presented as a scalable end-to-end solution with flexible model choice, 1,400+ connectors, open protocols, and managed Entra Agent ID and RBAC.

Closing Common Cloud Security Gaps with FortiCNAPP Platform

🔒 FortiCNAPP unifies cloud security across posture, workload runtime, control plane, and application layers to address common gaps that expose cloud-native applications. The platform delivers continuous asset discovery and inventory mapping, built-in CSPM with compliance mappings, runtime workload protection, and CDR that correlates host telemetry with cloud audit logs via composite alerts. Integrated FortiWeb WAF/API protections and CI/CD scanning enable a shift-left workflow so developers and security teams can detect and remediate risks earlier without slowing delivery.

Android pKVM Achieves SESIP Level 5 Certification Milestone

🔒 Google announced that protected KVM (pKVM) has achieved SESIP Level 5 certification, making it the first software security system for large-scale consumer electronics to reach this assurance. The certification followed a hands-on evaluation by Dekra under the TrustCB SESIP scheme compliant to EN-17927 and includes AVA_VAN.5 vulnerability analysis. pKVM will enable high-criticality isolated workloads such as on-device AI and provides an open-source, verifiable foundation for device manufacturers.