< ciso
brief />
AI And Identity Controls From AWS, Microsoft, And Google

AI And Identity Controls From AWS, Microsoft, And Google

Coverage: 30 Jun 2026 (UTC)

< view all daily briefs >

Major cloud providers detailed new security and platform capabilities spanning AI governance, identity, collaboration safety, compute isolation, and network readiness. Highlights include automated checks for AI infrastructure on AWS, Microsoft’s accelerated post-quantum roadmap, stricter bot handling in Teams, and expanded options for regulated AI deployments. Infrastructure updates focused on isolation, precise timing, IPv6 transition paths, and stronger ties between identity and database workloads.

AI and Identity Security Gains

AWS post introduced the AI Security Best Practices standard in AWS Security Hub CSPM, delivering 31 automated controls to continuously evaluate AI workloads across Amazon Bedrock, Bedrock AgentCore, and Amazon SageMaker. The controls cover network isolation, encryption, VPC placement, KMS key usage, private registry requirements, and authorization, with findings generated for deviations. Coverage extends from AgentCore runtimes and gateways to SageMaker notebooks, endpoints, models, and monitoring jobs. The standard is available in all AWS Regions where Security Hub CSPM operates, including AWS GovCloud (US) and China Regions, with a 30-day AWS Free Tier trial.

Microsoft blog outlined June 2026 security advances, including codename MDASH for multi-model vulnerability discovery and routing into Defender workflows, previews to detect 25+ local AI agents and MCP servers and block prompt-injection at runtime, and Advanced Hunting support. Microsoft Entra Backup and Recovery became generally available for always-on directory object backups and restores, while Defender for Cloud expanded threat protection to open-source databases on AWS RDS and broadened multicloud visibility with ~90 more resource types and 200+ recommendations. Purview’s customizable DSPM reports are GA, and a unified identity risk score now aggregates signals to prioritize alerts and drive Conditional Access.

Microsoft blog detailed an accelerated quantum-safe timeline, targeting post-quantum cryptography transitions across critical products and services by 2029. The plan emphasizes modernizing network cryptography (such as TLS 1.3), building crypto-agility for algorithms and key management, and protecting chains of trust including code signing and update pipelines. Microsoft stresses that inventorying where cryptography is used is the primary challenge and recommends an inventory-first approach, with ongoing technical guidance promised to support orderly migrations and resilience against “harvest now, decrypt later.”

AWS post added a capability in IAM Identity Center for customer managed applications to programmatically discover assigned accounts and roles and retrieve temporary credentials on behalf of users. External identity providers can be configured as trusted token issuers, enabling access without an extra sign-in when users have already authenticated. The feature is scoped to organization instances and requires enablement by management account or delegated administrators. It is available across all commercial AWS Regions, AWS GovCloud (US), and China Regions.

Stronger Controls in Collaboration and Logs

BleepingComputer reported a new Teams admin policy that detects likely third-party bots, places them in the lobby, labels them as non-human, and requires organizer approval before admission. The policy is rolling out on Windows, macOS, Android, and iOS for standard multi-tenant and GCC environments. Microsoft plans allow lists, external bot blocks, admin reports and audit logs, and finer-grained controls, building on recent measures to reduce social-engineering and cross-tenant abuse.

AWS post introduced tag enrichment for CloudWatch Logs at ingestion, making AWS resource tags immediately available for filtering, search, and analysis without changing application instrumentation. The feature helps teams isolate logs by ownership, environment, cost center, or application name, streamlining investigations and scoped analysis. It is available in all commercial AWS Regions except Middle East (UAE), Middle East (Bahrain), and Israel (Tel Aviv), can be enabled via console, CLI, or SDKs, and incurs no additional cost.

Infrastructure, Time, and Network Resilience

AWS post announced EC2 C9g and C9gd instances powered by Graviton5, with up to 25% better compute performance than prior Graviton4-based generations and workload-specific gains cited for databases, web applications, and ML. The instances debut the Nitro Isolation Engine, which applies formal verification to assure isolation from other customers and AWS operators. Initial availability includes US East (N. Virginia, Ohio), US West (Oregon), and EU (Frankfurt), with multiple purchasing options; C9gd adds local NVMe SSDs.

AWS post expanded the Amazon Time Sync Service’s microsecond-accurate time to 26 additional EC2 instance types in all commercial regions. Using Nitro-embedded reference clocks and PHC-enabled instances within a Precision Time Placement Group, applications can get microsecond-accurate time and nanosecond-precision timestamps to order events, measure one-way latency, and speed distributed transactions. Precision Time Placement Groups can also be associated with Cluster Placement Groups to pair low network latency with precise time.

AWS post detailed dynamic connection scaling for IAM database authentication in Amazon RDS, allowing authentication throughput to scale with instance resources and workload characteristics. AWS recommends reusing IAM principals for token generation and reusing tokens where possible to reduce overhead. The capability is supported across all AWS Regions, including AWS GovCloud (US), and applies to Amazon Aurora and RDS engines such as PostgreSQL, MySQL, and MariaDB.

AWS post announced dual-stack IPv6 support in Amazon Neptune, enabling connections over IPv4, IPv6, or both. Customers can choose private dual-stack for VPC-internal endpoints or public dual-stack for internet-facing and hybrid scenarios. The update supports incremental IPv6 migration without disrupting existing IPv4 clients and is available in all Neptune regions.

AI Platforms in Regulated and Enterprise Settings

AWS post made Anthropic’s Claude Opus 4.8 available in AWS GovCloud (US) via Amazon Bedrock. The model offers longer autonomous runs, deeper multi-step reasoning, and improved reliability for development, agentic workflows, and professional knowledge tasks. Bedrock access keeps data within AWS infrastructure and provides Guardrails, Knowledge Bases, and regional data residency controls to meet compliance requirements.

AWS post announced general availability of Amazon WorkSpaces for agents, enabling AI agents to operate legacy desktop applications in managed cloud desktops. Agents inherit identity controls, network isolation, and compliance boundaries from WorkSpaces. New features include MCP tool forwarding for improved interactions, real-time session control for live visibility and revocation, and domain-joined fleets to use Active Directory identities. Pricing scales with active session time.

Google Cloud moved Conversational Analytics in BigQuery to general availability, providing an analyst-like agent that reasons before answering, exposes generated SQL and steps, and cites sources. Agents can be grounded in verified sources and access cross-cloud lakehouse data. Governance inherits BigQuery controls including logging, Access Transparency, CMEK, Private IP, VPC Service Controls, and now EU/US data residency guarantees. Built-in functions support drivers analysis, forecasting, anomaly detection, and reasoning over object tables.