All news with #cloud security tag

🔒 IDC interviewed security leaders from global enterprises to quantify the business value of adopting a Hybrid Mesh Network Security architecture. The findings emphasize that a single control plane for managing firewalls across on‑premises, cloud, and remote environments reduces tool sprawl and operational complexity. Organizations reported faster policy deployment, improved incident response, and better alignment with initiatives such as AI transformation, enabling security teams to shift from reaction to proactive prevention and to demonstrate measurable ROI.

🔒 The weaponization of AI is compressing the attack lifecycle and outpacing traditional defenses. Platforms like PlexTrac consolidate cloud misconfigurations, identity risks, application flaws, and pentest findings into a unified, dynamic view of exposure. Combined with Agentic AI for continuous threat assessment and automated remediation, organizations can prioritize actionable risk, orchestrate fixes, and validate controls at machine speed.

🔒 Unit 42 researchers discovered that AI agents deployed with Google Cloud’s Vertex AI ADK can inherit overly broad default permissions, enabling a deployed agent to leak service‑agent credentials and act as a “double agent.” By exploiting the Per‑Project, Per‑Product Service Agent (P4SA), the team pivoted into consumer projects and downloaded restricted Artifact Registry images from Google‑managed producer projects. Google collaborated with Unit 42, updated documentation, and recommended Bring Your Own Service Account (BYOSA) as a mitigation. Palo Alto Networks highlights protection via Prisma AIRS, Cortex Cloud Identity Security, and Cortex AI‑SPM.

☁️ Amazon RDS for Db2 is now available in the Asia Pacific (New Zealand) AWS Region, enabling customers to deploy, operate, and scale Db2 databases in the cloud within minutes. RDS provisions automatically configured parameters to optimize performance and supports Multi‑AZ synchronous replication to a standby instance for high availability. Licensing options include hourly pay‑as‑you‑go purchases from the AWS Marketplace or Bring Your Own License (BYOL), available in both Standard and Advanced Editions. Usage may be eligible for the Database Savings Plan.

🆕 Amazon RDS for SQL Server now offers Microsoft SQL Server Developer Edition in the AWS GovCloud (US) Regions. Developer Edition is a free, full-featured, non-production license that mirrors Enterprise capabilities, helping teams reduce licensing costs for development, testing, and demonstrations. Amazon RDS-managed features — automated backups, automated software updates, monitoring, and encryption — are supported for SQL Server 2019 and SQL Server 2022 instances.

🚀 Amazon CloudFront now supports bringing your own IPv6 addresses (BYOIP) for Anycast Static IPs using VPC IP Address Manager (IPAM). Administrators can create unified IPAM pools for IPv4 (/24) and IPv6 (/48) and assign dual‑stack Anycast Static IP lists, preserving existing allow‑lists and branding when migrating to CloudFront. The feature is available in most commercial AWS Regions with a few regional exceptions.

📈 Amazon S3 Express One Zone now publishes request metrics to Amazon CloudWatch, providing minute-level visibility into request counts, data transfer volumes, error rates, and latency for latency-sensitive applications. These request metrics complement existing storage metrics and are accessible via the CloudWatch console, S3 console, S3 API, and AWS CLI across all Regions where the storage class is available. Standard CloudWatch pricing applies.

🔁 Amazon CloudWatch centralization now supports selecting logs by data source name and type in addition to log group names. Customers can target AWS service logs (automatically discovered) and application logs (via log group tags) to copy telemetry from multiple accounts and regions into a single destination account. Rules can focus on types like VPC Flow Logs, EKS Audit Logs, and CloudTrail Logs to simplify security and operational monitoring. Create or modify centralization rules in the console, AWS CLI, or SDKs; standard CloudWatch Logs pricing applies for ingestion, storage, and data transfer.

🔒 AWS Security Hub is now available in the AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions. Security Hub offers a unified cloud security posture by correlating and enriching signals from Amazon GuardDuty, Amazon Inspector, and Security Hub CSPM to prioritize active risks. The service delivers near‑real‑time risk analytics, exposure findings, automated response workflows, attack path visualization, and centralized organization-wide deployment with streamlined pricing for improved cost predictability.

📡 Amazon Kinesis Video Streams (KVS) now supports WebRTC in AWS GovCloud (US) Regions, enabling real-time, two-way media streaming with sub-second latency for security-sensitive workloads. This extends KVS's secure ingest, storage, and processing capabilities to mission-critical use cases such as live surveillance, body-worn camera streaming, drone feeds, and IoT monitoring while preserving data residency and compliance. The feature is available in AWS GovCloud (US-East) and (US-West).

🧬 AWS HealthOmics now supports VPC-connected workflows, allowing bioinformatics pipelines to access AWS resources across regions and public internet resources through a customer VPC. New Configuration APIs let teams specify VPCs and manage public internet dependencies at a per-run level without changing workflow code. This capability is HIPAA-eligible and available in all HealthOmics regions.

🔒 Microsoft frames digital sovereignty as a practical, consultative discipline that extends beyond privacy to encompass continuity, resilience, and responsible AI adoption. The post outlines a Sovereign Cloud continuum—including the EU Data Boundary, hybrid and private cloud options, and expanded disconnected operations—to provide organizations with choice, visibility, and control. It emphasizes transparency, risk-based engagement, and long-term accountability as core means to build durable trust while enabling innovation.

📡 AWS Direct Connect now publishes three Amazon CloudWatch metrics for virtual interfaces, giving network teams native visibility into BGP session health and route counts. The new VirtualInterfaceBgpStatus, VirtualInterfaceBgpPrefixesAccepted and VirtualInterfaceBgpPrefixesAdvertised report session state, on-prem prefix intake, and routes advertised by AWS, enabling proactive alarms and validation of configuration changes. These metrics apply to private, public and transit VIFs in all commercial AWS Regions and integrate with CloudWatch alarms, dashboards and Amazon SNS to reduce detection time and simplify hybrid network operations.

🔍 Databricks has previewed Lakewatch, an agentic SIEM designed to extend the lakehouse into security analytics and offer a lower-cost alternative to traditional SIEMs. The vendor says it will charge for compute rather than data ingestion or storage, claiming up to an 80% reduction in total cost of ownership while retaining years of hot data. Analysts acknowledge the ingestion-cost problem and note potential savings for organizations that retain large volumes, but warn that costs can shift to compute and processing if usage is uncontrolled. Databricks bolstered its security credibility with acquisitions such as Antimatter and SiftD.ai, indicating a broader security roadmap.

⚙️ AWS Batch now supports quota management with job preemption for SageMaker Training, enabling prioritized GPU allocation and automatic preemption of lower-priority workloads. You can create up to 20 quota shares per job queue and choose resource-sharing strategies, with both cross-share and in-share preemption modes to restore or reallocate borrowed capacity. Capacity utilization is visible at queue, quota share, and job levels, and you can update job priorities after submission and set preemption retry limits. The feature integrates with the SageMaker Python SDK via the aws_batch module and is available in all AWS Regions where AWS Batch is offered; AWS provides an example notebook and user-guide documentation for implementation guidance.

⚡ DRA (Dynamic Resource Allocation) modernizes Kubernetes device management by replacing static Device Plugins with a request-based model built on ResourceSlice and ResourceClaim. It enables granular, attribute-based requests such as minimum VRAM, specific hardware models, or PCIe locality, and abstracts hardware via DeviceClass so the scheduler can match workloads to suitable devices. NVIDIA contributed a GPU driver and Google donated a TPU driver, and DRA is generally available in GKE. This reduces manual node pinning and improves utilization for LLM and AI workloads.

🔐 At the World Economic Forum’s Industry Strategy Meeting in Munich, leaders explored how rapid AI deployment and rising data sovereignty pressures are reshaping digital infrastructure and investment. The piece argues that cybersecurity must be embedded from day zero to enable trusted data exchange, interoperability between sovereign systems, and secure distributed AI. It highlights the shift from large general models toward specialized, context-aware architectures and notes Fortinet’s role in public-private collaboration to operationalize secure systems.

🔒 Cloud virtual machines deliver speed, scale and agility, but uncontrolled VM sprawl creates persistent security gaps. Many instances are provisioned quickly and then left unmanaged—missing OS updates, scoped permissions and continuous monitoring—so they can be abused for lateral movement or used as throwaway attack infrastructure. Organizations should inventory VMs, tighten workload identities and apply continuous, identity‑aware monitoring to reduce risk.

🔍 Cloud workloads often become insecure not because of exotic attacks but due to operational complexity, sprawl and poor visibility across heterogeneous environments. Tomáš Foltýn warns organizations can end up with an Frankencloud, where admin fatigue, disparate consoles and unclear ownership create exploitable gaps. The remedy he proposes is improved visibility, consistent cross‑environment policy enforcement and carefully applied automation to scale security as workloads grow. Industry reports cited in the article underline that credential compromise, misconfiguration and emerging software exploits remain the primary entry points for attackers.

🔒 CrowdStrike introduces Falcon Data Security, a unified solution that discovers, classifies, and defends sensitive information across endpoints, browsers, SaaS, cloud services, and GenAI workflows. The offering uses a shared classification engine for consistent identification of PCI, PII, PHI, and other sensitive types, and applies AI to reduce manual tagging. Real-time visibility into data in motion — including egress context and runtime cloud flows via eBPF telemetry — lets teams stop risky transfers at the moment they occur. Natively integrated with the Falcon platform, it correlates data events with device, user, and adversary telemetry to prioritize and automate response.