All news with #cloud security tag

🔍 AWS Transform now includes enhanced migration assessment capabilities that support what-if scenarios, customizable assumptions, flexible file formats, and expanded TCO assessment features. These updates enable rapid building of migration business cases and faster decision-making. The tool accepts inputs from RVTools, CMDBs, AWS discovery exports, and many third-party discovery tools. New analysis options cover EC2, FSx, S3, SQL Server on EC2, virtual desktops, and additional Cloud Value Framework pillars.

🚀 Amazon Keyspaces (for Apache Cassandra) is now available in the Asia Pacific (Malaysia) and Asia Pacific (Thailand) Regions, enabling customers to build Cassandra-compatible applications with lower latency and keep data within the Region to meet residency requirements. The managed, serverless service offers virtually unlimited throughput and storage while customers pay only for used resources. These Regions provide the same features as other AWS Regions, including point-in-time recovery, Multi-Region replication, CDC streams, and IPv6 support, reducing operational overhead of running Cassandra clusters.

🚀 Azure NetApp Files extends cloud storage performance for Electronic Design Automation (EDA) by delivering predictable, high-throughput shared storage at massive concurrency. New capabilities like large volumes and breakthrough mode enable thousands of parallel jobs with consistent latency, validated by SPECstorage® Solution 2020 EDA_BLENDED benchmarking. Leading semiconductor firms are adopting ANF for production EDA workloads.

🚀 Amazon DocumentDB (with MongoDB compatibility) Serverless is now available on DocumentDB 8.0. This on-demand, auto-scaling configuration automatically adjusts capacity based on application demand and can deliver up to 90% cost savings versus provisioning for peak load. DocumentDB 8.0 also offers up to 7x improved query latency, up to 5x better compression, broader MongoDB API compatibility (6.0–8.0), enhanced vector search, and other new features.

🔒Security Hub Extended expands AWS Security Hub to include curated partner solutions in a single, unified console. Customers can discover, evaluate, and deploy vendor products with one click and pay-as-you-go pricing on their AWS bill, avoiding lengthy procurement and multi-year commitments. Integrated onboarding, OCSF-normalized findings, and AWS-native correlation surface combined attack paths and risk scoring. The offering launched in February 2026 with an expanding partner ecosystem.

🧩 ExtendDB v0.1 implements the DynamoDB API with pluggable storage backends, enabling developers to run DynamoDB-shaped workloads outside AWS-managed service. The reference backend uses PostgreSQL, and the architecture supports community-contributed adapters. Maintained by AWS under the Apache 2.0 license, ExtendDB targets local development, CI testing, on‑premises deployments, and disconnected edge sites. The project is open on GitHub for contributions.

🔧 This third post in the Azure IaaS series argues that cloud performance must be managed as a coordinated system across compute, storage, and networking rather than as isolated resource choices. It highlights platform features like Azure Boost, Ultra Disk, and Premium SSD v2 that offload processing, tune I/O, and decouple capacity from throughput. The article examines requirements for AI, cloud-native, and business-critical workloads and explains how Azure services such as AKS, Azure Container Storage, ExpressRoute, and advanced networking (eBPF/Cilium, Accelerated Networking) combine to deliver consistent, scalable, and recoverable performance.

🔧 AWS announced that AWS Transform now includes a modernization engine and broad file-format support to streamline network migrations. The engine analyzes and optimizes constructs across naming, sizing, security, and structure while surfacing conflicts with existing VPCs in target accounts, replacing days of manual review with instant guidance. Customers can upload network configuration files in any format for translation into AWS-compatible networks, review and edit mapped VPCs or subnets, and retain control before provisioning.

🚀 AWS announces general availability of a new AWS Local Zone in Istanbul, Türkiye, bringing compute, storage, networking, and select services closer to end users. The Local Zone supports Amazon EC2 (C7i, M7i, R7i), Amazon S3 One Zone-Infrequent Access, Amazon EBS (local snapshots and gp3/gp2/io1/sc1/st1), Amazon ECS, Amazon EKS, VPC, AWS Direct Connect, and Application Load Balancer. To enable, turn on the zone (eu-central-1-ist-1a) in the EC2 console or use the ModifyAvailabilityZoneGroup API to reduce latency and meet data residency needs.

🧊 Amazon Redshift now writes directly to Apache Iceberg tables via the auto-mounted awsdatacatalog and supports ALTER TABLE DDL to change schema, partitioning, and table properties. Supported operations include ADD/DROP/ALTER columns, RENAME COLUMN, SET TABLE PROPERTIES, and ADD/DROP/REPLACE PARTITION FIELD to evolve partition strategies and compression settings. Tables modified by Redshift remain interoperable with other Iceberg engines and respect AWS Lake Formation permissions.

🔔 AWS Organizations now supports higher quotas for service control policies (SCPs): the maximum number of SCPs that can be attached to a single node (root, OU, or account) has increased from 5 to 10, and the maximum SCP size has increased from 5,120 to 10,240 characters. These higher quotas let you write SCPs with finer-grained permissions and conditions and attach more SCPs per node to build more comprehensive security controls across your organization. The changes are available automatically in all commercial AWS Regions, the AWS GovCloud (US) Regions, and the China Regions with no action required.

🔁 Fn::GetStackOutput enables CloudFormation templates and CDK applications to reference stack outputs across AWS accounts and Regions directly. By specifying a target stack name, output key, an IAM role ARN for cross-account access, and optionally a Region, CloudFormation assumes the role and resolves the output during template processing. In CDK, cross-account and cross-Region references use this function automatically, removing the need for custom resources and SSM parameters. Configure appropriate IAM permissions and add the function to templates to get started; the feature is available in all Regions where CloudFormation is supported.

🔒 In this May 2026 Cloud CISO Perspectives entry, Vinod D’Souza and Anthony Belfiore outline how Google and Wiz are combining deep cloud telemetry with advanced AI research to address multicloud security challenges. They emphasize a developer-centric shift that moves remediation into code using tools like Wiz Code and sensors for hybrid Linux, vSphere, and Windows environments. The authors envision agentic SOCs and near real-time defenses that boost analyst efficiency while preserving human-in-the-loop oversight. The collaboration aims to accelerate self-healing infrastructure without compromising availability.

🔒 Microsoft Defender research shows AI and agentic applications on cloud-native platforms are frequently deployed with insecure defaults and missing authentication, creating exploitable misconfigurations. Observed exposures include public MCP servers, unsecured Helm chart installs, and unauthenticated agent frameworks that enable remote code execution, credential theft, and access to internal tools. Defender for Cloud can detect exposed Kubernetes services and unsafe deployment patterns to help teams prioritize remediation.

🔎 Amazon GuardDuty provides specialized detections and runtime monitoring to identify and mitigate cryptocurrency mining in AWS. It analyzes VPC Flow Logs, DNS queries, CloudTrail events, and workload telemetry to surface findings such as CryptoCurrency:Runtime/BitcoinTool.B and Impact:Runtime/CryptoMinerExecuted. Enable GuardDuty across accounts and Regions and combine it with patching, least-privilege access, and preventive controls to reduce risk.

🚀 Imgix serves over 8 billion images and videos daily and has migrated its real-time processing stack to G4 VMs on Google Cloud, powered by NVIDIA RTX PRO 6000 Blackwell GPUs. The move delivered a 50% reduction in median latency and a 5–6× increase in throughput per node without rewriting core application code. Imgix combines nvJPEG, NVENC/NVDEC, custom Vulkan compute shaders and CUDA libraries to accelerate decoding, transformation and encoding, while autoscaling, self-healing GPU management and a 2.5PB GCS cache enable fast, reliable global delivery.

🚀 Amazon Redshift RG instances are now generally available, delivering up to 2.4x faster analytics than RA3 and 30% lower price per vCPU. The RG generation embeds a vectorized data lake query engine that processes Apache Iceberg and Parquet on-cluster, eliminating the need for Redshift Spectrum's separate scan fleet and per-terabyte charges. Built-in capabilities include JIT Analyze, intelligent NVMe caching, smart prefetch, vectorized Parquet scans, and advanced file and partition pruning. RG launches in two sizes (rg.xlarge, rg.4xlarge) and supports Snapshot & Restore, Elastic Resize, and Classic Resize for migrations.

🔧 Amazon Connect Customer now lets developers embed Cases and Customer Profiles into custom agent interfaces through the Amazon Connect SDK. This integration surfaces case details, status, history, and consolidated customer context directly in agents' existing tools, reducing context switching and duplicate development. The SDK is available in all Regions where the service is offered; consult the administrator and developer guides to begin.

🔒 AWS outlines its approach to AI sovereignty, emphasizing customer control over data, deployment location, and access across the AI stack. It highlights infrastructure choices—AWS AI Factories, Outposts, Local Zones, Dedicated Local Zones, and the AWS European Sovereign Cloud—to meet regulatory and operational needs. AWS emphasizes technical protections like the AWS Nitro System, identity controls (IAM and Amazon Bedrock AgentCore Identity), and certifications such as ISO/IEC 42001 to reinforce transparency and trust.

⚡ ENA Express now supports high-bandwidth traffic between Amazon EC2 instances in different Availability Zones within a Region, delivering up to 25 Gbps single-flow performance. The feature uses the AWS Scalable Reliable Datagram (SRD) protocol with multi-pathing and advanced congestion control to reduce head-of-line blocking. ENA Express establishes SRD connections automatically when both instances are enabled and supports TCP and UDP transparently. The capability is available at no additional cost across a broad set of Regions and instance types.