< ciso
brief />
Tag Banner

All news with #cloud security tag

605 articles · page 28 of 31

Amazon OpenSearch Ingestion Adds Cross-Account Ingestion

🔁 Amazon OpenSearch Ingestion now supports cross-account ingestion for push-based sources such as HTTP and OpenTelemetry (OTel). This capability lets teams share ingestion pipelines across AWS accounts without relying on VPC peering or AWS Transit Gateway, simplifying centralized observability and analytics workflows. The feature is available today in all regions where OpenSearch Ingestion is offered; customers can configure resource policies in the AWS Management Console or CLI and enable pipeline endpoints from their VPCs to begin ingesting data.
read more →

GCE and GKE Security Dashboards Powered by SCC Now

🔒 Google has added integrated security dashboards to GCE and GKE consoles, powered by Security Command Center. The dashboards surface top security findings, vulnerability trends, CVE prioritization, and container/workload misconfigurations informed by Google Threat Intelligence and Mandiant analysis. Teams can remediate misconfigurations, prioritize patches, and monitor threats directly in their compute and cluster consoles. Full vulnerability and threat widgets require upgrading to SCC Premium (30‑day trial available).
read more →

FortiCNAPP Named Leader in Three KuppingerCole Categories

🚀 FortiCNAPP has been named a Leader in three categories in the 2025 KuppingerCole Compass for CNAPP: Overall Leadership, Market Leadership, and Innovation Leadership. The recognition emphasizes FortiCNAPP’s ability to reduce tool sprawl, improve visibility into cloud risk, and accelerate remediation. Customers cite rapid, intuitive deployment, agentless scanning, AI-driven analytics, and tight integration with the Fortinet Security Fabric as key benefits.
read more →

Amazon Redshift Multidimensional Data Layouts GA for Queries

🚀 Amazon Redshift announces general availability of Multidimensional Data Layouts (MDDL), a dynamic sorting feature that reorganizes data according to actual query filters to accelerate analytics. MDDL creates a multidimensional virtual sort key that co-locates rows typically accessed together, enabling block-level and predicate-column skipping during execution. For tables using the default AUTO sort key, Redshift analyzes query history and automatically selects MDDL or an optimal single-column sort key based on expected benefits. AWS reports up to 10x end-to-end performance improvements for workloads with repetitive filters; MDDL is available in all AWS commercial regions.
read more →

AWS Organizations Adds Full IAM Policy Language to SCPs

🔐 AWS Organizations now supports the full IAM policy language for service control policies (SCPs), allowing administrators to use conditions, individual resource ARNs, and the NotAction element with Allow statements. You can also apply wildcards at the beginning or middle of Action strings and use the NotResource element for finer scoping. These enhancements let teams create more concise and precise organizational guardrails to enforce least-privilege across accounts. The change is backward compatible and available in all AWS commercial and AWS GovCloud (US) Regions.
read more →

AWS Outposts expand to Canada (Central) and N California

📢 Second-generation AWS Outposts racks are now supported in the AWS Canada (Central) and US West (N. California) Regions. Outposts racks extend AWS infrastructure, services, APIs, and tools to on-premises data centers or colocation spaces, providing a consistent hybrid experience. Customers can order racks connected to these Regions to optimize for latency and data residency, run low-latency workloads locally, and maintain centralized management in their home Region.
read more →

Amazon VPC Reachability and Network Access Analyzer Expand

🛰️ Amazon has expanded VPC Reachability Analyzer and VPC Network Access Analyzer to seven additional regions — New Zealand, Hyderabad, Melbourne, Taipei, Calgary, Tel Aviv, and Mexico Central. Reachability Analyzer diagnoses network reachability between source and destination resources, while Network Access Analyzer identifies unintended access paths that may bypass security controls. This regional launch improves troubleshooting, compliance checks, and multi-account network visibility; pricing and documentation are available through AWS resources.
read more →

Microsoft Named Leader in 2025 Gartner IIoT Report

🔷 Microsoft was named a Leader in the 2025 Gartner Magic Quadrant for Global Industrial IIoT Platforms, highlighting its industrial cloud portfolio. Azure’s adaptive cloud—anchored by Azure IoT, Azure Arc, Azure Digital Twins, and Microsoft Fabric—is positioned to unify cloud-to-edge data, enable real‑time intelligence, and scale AI-driven operations. The platform emphasizes security with Microsoft Defender for IoT, Microsoft Sentinel, and Microsoft Entra, while enabling brownfield integration and partner-led solutions to accelerate industrial modernization.
read more →

Microsoft 365: Why Its Dominance Creates Major Risk

🔒 Microsoft 365 has become the central nervous system of modern business, and its market dominance has turned the platform into a lucrative target for attackers. With over 400 million paid seats and tightly integrated apps like Outlook, SharePoint, Teams and OneDrive, a single compromise can cascade across services. Organizations must close backup gaps, adopt zero trust, enforce MFA and deploy cross-application threat detection to reduce catastrophic exposure.
read more →

Amazon EVS Adds HCX Migration Over Public Internet

🌐 Amazon EVS now supports VMware HCX migrations over the public internet using Elastic IP Addresses (EIPs) to provide stable endpoints and faster setup. This option supplements existing private connectivity methods such as AWS Direct Connect and VPN, enabling secure layer‑2 network stretch and workload migration when private links are unavailable. Public HCX connectivity is available in all AWS Regions where EVS is offered and can be a cost‑effective alternative for workloads that do not require private connection performance.
read more →

Securing Remote MCP Servers on Google Cloud Platform

🔒 A centralized proxy architecture on Google Cloud can secure remote Model Context Protocol (MCP) servers by intercepting tool calls and enforcing consistent policies across deployments. Author Lanre Ogunmola outlines five core MCP risks — unauthorized tool exposure, session hijacking, tool shadowing, token/theft and authentication bypass — and recommends an MCP proxy (Cloud Run, GKE, or Apigee) integrated with Cloud Armor, Secret Manager, and identity services for access control, secret scanning, and monitoring. The post emphasizes layered defenses including Model Armor for prompt/response screening and centralized logging to reduce blind spots and operational overhead.
read more →

AWS Expands Second-Generation Outposts Racks Globally

🌍 AWS now ships second-generation Outposts racks to a broad list of countries, enabling customers to deploy AWS infrastructure and services directly in on‑premises data centers and colocation sites. These racks support the latest x86 Amazon EC2 families — C7i, M7i, and R7i — delivering up to 40% better performance versus prior racks, simplified network scaling, and a new class of accelerated networking instances for ultra-low latency and high throughput. They also help address local data residency and low-latency processing requirements while remaining connected to the nearest AWS Region for management.
read more →

CloudWatch Cross-Account Cross-Region Log Centralization

🔁 Amazon CloudWatch now supports cross-account, cross-region log centralization, allowing customers to copy log data from multiple AWS accounts and regions into a single destination account and integrate with AWS Organizations. Copied log events are enriched with new system fields (@aws.account and @aws.region) to preserve source context, and administrators can scope rules to the entire organization, selected OUs, or specific accounts. The feature supports selective log-group copying, automatic merging of same-named groups, optional backup-region copies, and includes one free centralized copy with additional copies billed at $0.05/GB.
read more →

AWS Budgets Adds Custom Time Periods for Project Funding

📊 AWS Budgets now supports custom time periods, letting teams define flexible start and end dates for a budget rather than relying on calendar-based cycles. This enables single-budget tracking for time-bound projects (for example, a three-month development sprint starting mid-month) and triggers alerts as spend approaches thresholds. The feature is available today in all AWS commercial Regions except the AWS GovCloud (US) and China Regions.
read more →

Amazon EC2 adds detailed NVMe instance store metrics

📊 Amazon announced detailed performance statistics for EC2 instance store NVMe volumes, providing real-time I/O visibility on Nitro-based instances. The capability exposes 11 metrics at one-second granularity, including IOPS, throughput, queue lengths, and latency histograms broken down by IO size. Available by default across AWS Commercial and China Regions at no extra charge, it aligns NVMe monitoring with EBS detailed metrics for a consistent operational experience.
read more →

Amazon AppStream Adds Fractional GPU Graphics G6 Instances

🖥️ Amazon AppStream 2.0 now supports Graphics G6 instances with fractionalized GPU sizes, enabling customers to provision GPU capacity in smaller fractions (for example 1/2, 1/4, or 1/8) instead of full GPU instances. The new G6f and Gr6f options are built on the EC2 G6 family and are designed to optimize shared GPU resources for graphics workloads that need less than a full GPU. These instances are available in 10 AWS Regions and use pay-as-you-go pricing; they can be launched from the AWS Management Console or via the AWS SDK when creating an image builder or fleet.
read more →

Check Point Validates CloudGuard with Nutanix AOS 7.3

🔒 Check Point CloudGuard Network Security is now Nutanix Ready validated with Nutanix Cloud Infrastructure 7.3, delivering integrated network security for Nutanix environments. The update leverages Nutanix Flow Network Security features—entity groups, vNIC-specific policies, and global policy scopes—to extend microsegmentation and policy consistency. Customers can deploy CloudGuard via native Service Insertion and firewall chaining, enabling protection with minimal operational overhead.
read more →

FabCon Vienna: Enterprise-ready Microsoft Fabric updates

📢 At FabCon Vienna, Microsoft unveiled a broad set of Microsoft Fabric enhancements to accelerate data-rich agents and enterprise adoption. Key updates include expanded OneLake shortcuts and mirroring (preview for Oracle and BigQuery), a preview Graph database and Maps for geospatial context, developer tooling (MCP, Extensibility Toolkit, CI/CD) and strengthened security controls like Azure Private Link and customer-managed keys. These features focus on zero-copy data access, governance, and operational scalability for mission-critical workloads.
read more →

Runtime Visibility Reshapes Cloud-Native Security in 2025

🛡️ The shift to containers, Kubernetes, and serverless has made runtime visibility the new center of gravity for cloud-native security. CNAPPs that consolidate detection, posture, and response are essential, but observing active workloads distinguishes theoretical risk from live exposure. AI-driven correlation and automated triage reduce false positives and accelerate remediation. Vendors such as Sysdig stress mapping findings back to ownership and source code to drive accountable fixes.
read more →

AWS CloudWatch OAM Adds VPC Endpoints for Private Traffic

🔒 AWS now offers VPC endpoints for Amazon CloudWatch Observability Access Manager (OAM), enabling private, in-region connectivity between your VPCs and CloudWatch OAM without traversing the public internet. The endpoints support both IPv4 and IPv6 and leverage AWS PrivateLink controls such as security groups and VPC endpoint policies. Available in all commercial regions, AWS GovCloud (US), and China Regions, this lets teams manage cross-account observability links and sinks from VPCs that have no internet access.
read more →