All news with #cloud security tag

🔒 CrowdStrike introduces three CNAPP innovations in Falcon Cloud Security to improve cloud risk prioritization and remediation. Application Explorer unites runtime application mapping with infrastructure context to show which apps access sensitive data and external AI models. Adversary intelligence aligns findings to over 280 tracked threat groups and Timeline Explorer reconstructs change histories to show root cause and validate fixes.

🔒 This post explains AWS IAM policy types and how to apply them in a multi-account environment. It describes identity-based and resource-based policies, permissions boundaries, service control policies (SCPs), and resource control policies (RCPs), with ownership guidance for central security and application teams. Using a practical multi-account example, it shows how to combine these controls to enforce least privilege and protect data while enabling team autonomy. It also recommends policy validation and provides sample code.

🔍 Enterprises now sit directly in adversaries' collection paths: they may not be primary targets but their shared telecom, cloud, MSP, and identity dependencies are being exploited upstream. Commercial spyware like Predator and state‑aligned groups documented in Singapore's February 2026 telco breaches show how device and backbone compromises create persistent, upstream access. CISOs must assume provider compromise, demand attestation, harden session and identity layers, and shift detection to low‑noise, long‑duration intelligence operations.

🔒 Amazon Bedrock AgentCore now lets administrators apply Chrome Enterprise policies to AgentCore Browser and upload custom root CA certificates for both AgentCore Browser and Code Interpreter. These capabilities enable enforcement of organizational controls such as URL restrictions, disabling downloads or password managers, and implementing URL blocklists while agents operate. Custom root CA support allows agents to connect to internal systems and work with corporate TLS interception without certificate errors. The features are available in 14 AWS Regions where AgentCore is offered.

🚀 Amazon Web Services has expanded availability of Amazon EC2 C8gn instances—powered by the latest-generation AWS Graviton4 processors—to additional regions including Jakarta, Hyderabad, Tokyo, São Paulo, and Zurich. C8gn provides up to 30% better compute performance versus Graviton3-based C7gn instances, and uses 6th-generation Nitro Cards to deliver up to 600 Gbps network bandwidth. Instance sizes scale to 48xlarge with up to 384 GiB of memory, up to 60 Gbps EBS bandwidth, and EFA support on larger SKUs to improve cluster latency and throughput for network‑intensive and CPU‑bound inference workloads.

🔍 AWS Lambda now exposes Availability Zone (AZ) metadata through a new metadata endpoint in the execution environment. Developers can retrieve the AZ ID (for example, use1-az1) to implement AZ-aware routing and prefer same-AZ endpoints to reduce cross-AZ latency. The feature supports all runtimes, custom runtimes, and container images, and works with SnapStart, provisioned concurrency, and VPC-enabled functions. Available at no extra cost in all commercial Regions.

🔒 SpyCloud's 2026 Identity Exposure Report details a structural shift in credential theft, reporting a 23% increase in its recaptured datalake to 65.7B distinct identity records. Attackers are increasingly targeting non-human identities — exposed API keys, session tokens and AI-linked credentials — which often lack MFA and rotate infrequently. The report also flags large volumes of phished records, session artifacts, and malware-exfiltrated data that enable persistent, scalable access across cloud and enterprise environments.

🔒 Most major cloud breaches in recent years have stemmed from basic misconfigurations rather than sophisticated zero-days or custom malware. The article highlights incidents such as Snowflake (2024), AT&T, Ticketmaster and Capital One to show how exposed credentials, public storage buckets and missing controls led to vast data exposure. Immediate actions recommended are enabling MFA everywhere, enforcing account-level public access blockers, activating comprehensive logging across AWS/Azure/GCP, and prioritizing remediation of exposed buckets and keys, while longer-term fixes include CSPM tools and infrastructure-as-code security checks.

🔒 AWS Config has added 75 new managed rules to help govern security, durability, and operational best practices across AWS environments. You can discover, enable, and manage these rules directly from AWS Config, and apply them at account or organization scale. The release includes coverage for services such as Amplify, SageMaker, Route 53, and more, and supports grouping via Conformance Packs for streamlined multi-account deployment.

🔒 Cloudflare expands Regional Services with Custom Regions, enabling customers to define precise geographic boundaries for TLS termination and Layer 7 processing. The update also adds Cloudflare-managed regions for Turkey, the UAE, IRAP (Australia) and ISMAP (Japan). Custom Regions use expressions like country_code to build membership sets, enabling localized AI inference, targeted campaigns, government deployments, and corporate-aligned governance while retaining global L3/L4 DDoS protection.

🔍 Mesh CSMA operationalizes Gartner's Cybersecurity Mesh Architecture to unify disparate security tools into a single, contextual risk model that reveals multi‑hop attack paths to crown jewels. The agentless platform automatically discovers critical assets, builds an identity‑centric Mesh Context Graph™, correlates misconfigurations, entitlements, and vulnerabilities, and ranks complete attack chains by live threat intelligence. It prescribes and orchestrates precise cross‑domain remediations mapped to existing tooling and continuously validates detection coverage so teams can close exploitable paths before they are used.

🔒 AWS announced completion of its second GDV community audit, conducted with 36 German insurers representing over 63% of the market by premiums. The pooled audit evaluated AWS controls against the BSI C5 framework and covered services including Amazon EC2 and the Europe (Frankfurt) Region (eu-central-1). Remote fieldwork used videoconferencing, a secure audit portal, SME sessions, and evidence inspection; results are available to participating members and their regulators to support compliance and cloud adoption.

🔒 Check Point has integrated with NVIDIA DSX Air’s cloud-based testing environment to let organizations pre-validate security-aware AI data center designs before deploying hardware. The capability enables large-scale simulation and end-to-end validation of AI Factory deployments across compute, networking, orchestration and security. By validating integrations, configurations and automation in advance, teams can reduce resource intensity and accelerate secure rollouts.

🔐 Starting today, AWS Network Firewall is available in the AWS European Sovereign Cloud, enabling European customers — especially highly regulated industries, government agencies, and organizations with strict data sovereignty requirements — to deploy managed firewall protections while keeping data and operations within EU borders. The service delivers the same capabilities offered in other AWS Regions and automatically scales with VPC traffic to provide high-availability protections without customers needing to maintain underlying infrastructure. Refer to the AWS Region Table and service documentation for availability and configuration guidance.

🔗 Amazon OpenSearch Service now supports cross-account data access, allowing users to query OpenSearch domains hosted in different AWS accounts from a single OpenSearch UI application within the same region. The capability works for domains in both public and VPC configurations and removes the need to switch endpoints or replicate data. It supports authentication via IAM (including SAML through IAM federation) and IAM Identity Center, enabling centralized observability and analytics while keeping data in place and preserving account-level access controls.

🛡️ This post presents the AMI Lineage solution to help organizations track and govern Amazon Machine Images (AMIs) across AWS. It explains how AWS lineage metadata (announced at the end of 2024) can be combined with a centralized Amazon Neptune graph, EventBridge, Lambda, API Gateway, and Security Hub to validate image origins, enforce SCPs, and assess CVE impact. The architecture uses a three-account model (management, security tooling, member) to centralize sensitive processing, automate compliance checks, and provide queryable lineage and remediation workflows for security teams.

🔐 AWS now supports account regional namespaces for Amazon S3 general purpose buckets, removing the need to find globally unique bucket names and enabling predictable, per-customer or per-team naming. To use it, include the new bucket namespace request header with the CreateBucket API or add your account regional suffix in CloudFormation templates. Security teams can enforce namespace-only creation via SCPs and IAM policies. This feature is available in 37 Regions, including AWS China and GovCloud, at no extra cost.

🔒 Organizations are accelerating cloud migration to reduce IT operating costs, boost resilience, and prepare for expanded AI use, with IDC citing operational efficiency as the primary driver. Agentic AI automates discovery, orchestration, and continuous modernization across hybrid environments to shorten timelines and lower risk. Healthcare, financial services, and manufacturing face distinct regulatory, latency, and legacy constraints, and Microsoft positions Azure, Azure Copilot, and GitHub Copilot alongside migration frameworks, Azure Migrate, and the Azure Accelerate program to enable secure, industry-specific modernization informed by customer results.

🛡️ The AWS European Sovereign Cloud has published initial independent assurances including SOC 2 Type 1 and C5 Type 1 attestations plus seven ISO certifications covering 69 services. Announced after general availability in January 2026, these reports validate control design and implementation mapped to the ESC-SRF, with EU-resident operations and strict data residency. Customers can access the reports via AWS Artifact; AWS plans to expand coverage over time.

⚠️ The Cloud Threat Horizons report from Google Cloud's Office of the CISO warns that AI-assisted exploitation has compressed the window from vulnerability disclosure to active attacks from weeks to days. In H2 2025, third-party software flaws became the leading initial access vector, surpassing weak credentials. The report urges automated defenses, identity-based controls, and tamper-resistant logging to improve forensic readiness.