< ciso
brief />
Tag Banner

All news with #rag security tag

36 articles

AlloyDB enables accurate multilingual search with AI

🧭 AlloyDB introduces native AI Functions to solve tokenization issues for logographical languages like Chinese, Japanese, and Korean. By calling Gemini models from SQL via ai.generate(), developers can perform in-database segmentation, stop-word removal, and embedding generation without ETL pipelines or external services. The approach uses stored-procedure batching, generated columns for search vectors and embeddings, and RUM plus ScaNN indexes to enable fast hybrid lexical and semantic search.
read more →

Amazon S3 Vectors Now Available in GovCloud

🔔 Amazon S3 Vectors is now available in AWS GovCloud (US-East) and AWS GovCloud (US-West). The service offers purpose-built vector storage for AI agents, inference, Retrieval Augmented Generation (RAG), and semantic search at billion-vector scale. S3 Vectors provides the elasticity, durability, and availability of Amazon S3 with dedicated APIs to store, access, and query vectors without provisioning infrastructure. Check AWS Regions and endpoints for the full availability list.
read more →

Amazon RDS adds support for Oracle Database 26ai

🚀 Amazon RDS for Oracle now supports Oracle Database 26ai, Oracle's Long Term Support release, with integration to Amazon Bedrock providing access to foundation models such as Anthropic Claude, Amazon Nova, and Meta Llama. Oracle Database 26ai enables Select AI for generating and running SQL from natural language prompts and supports in-database RAG via Oracle AI Vector Search, avoiding the need for a separate vector store. The release also offers JSON Relational Duality Views and SQL Property Graphs and is available in Enterprise Edition across commercial and GovCloud regions.
read more →

Open telco AI models accelerate network automation

📡 Modern telecom networks require domain-specific AI because general models lack the precise, vendor-specific context needed for mission-critical operations. GSMA’s Open Telco AI platform and AT&T’s OTel family—fine-tuned on Google’s open-source Gemma models—use curated telco datasets and RAG-based abstention to reduce hallucinations. The initiative produced 30 optimized models, demonstrated strong Gemma performance in AT&T tests, and already exceeded 18 million downloads.
read more →

Amazon Bedrock Managed Knowledge Base Launch

🚀 Amazon Bedrock Managed Knowledge Base is now generally available as a fully managed retrieval-augmented generation (RAG) service. The offering removes the need to manage vector databases, data pipelines, and retrieval infrastructure by handling ingestion, storage optimization, and advanced retrieval. It supports six native connectors—S3, SharePoint, Confluence, Google Drive, OneDrive, and a web crawler—with automatic syncing and managed vector storage tuned for price-performance. Native integration with Amazon Bedrock AgentCore provides auto-generated permissions and observability for agent deployments.
read more →

Amazon S3 Vectors raises per-query result limit

🔍 Amazon S3 Vectors now returns up to 10,000 similarity search results per query, a 100x increase from the prior limit. This larger topK helps applications retrieve a more comprehensive candidate set for multi-stage pipelines that perform reranking, aggregations, or deduplication. Use the latest AWS SDK and specify up to 10,000 results in QueryVectors; results are paginated so you can process the first page while additional pages are fetched. A small data-returned fee applies beyond the free 512 KB per query.
read more →

Foundry IQ: Unified knowledge and serverless retrieval

🔎 Foundry IQ streamlines bringing enterprise and external knowledge into agent workflows by unifying content, improving ingestion, and offering a serverless model for retrieval. The service provides a Model Context Protocol (MCP) server, integrates Microsoft Web IQ for low-latency external context, and includes GA security and compliance features. Serverless Developer tier is in public preview with CU-based billing estimates and scale-to-zero capacity.
read more →

Max-Severity ChromaDB Flaw Lets Attackers Hijack Servers

⚠️ A max-severity flaw (CVE-2026-45829) in the Python FastAPI server of ChromaDB allows unauthenticated attackers to load and execute remote models before authentication is enforced, enabling arbitrary code execution on exposed servers. The issue impacts PyPI-distributed releases used widely in AI retrieval stacks; a 1.5.9 release exists but it is unclear if the fix addresses this vulnerability. Mitigations include using the Rust frontend, avoiding public exposure of the Python API, and restricting network access to the ChromaDB API port.
read more →

LLMjacking Risks: Securing Private AI Servers 2026

🔒 A hands-on April 2026 experiment shows how quickly attackers can target private AI servers: a Raspberry Pi honeypot posed as a high-performance stack (Ollama, LM Studio, AutoGPT, LangServe, text-gen-webui) and claimed a local Qwen3-Coder 30B instance plus RAG/MCP assets. Shodan discovered the server within three hours and, over a month, it logged 113,000+ requests from thousands of IPs with 23% probing AI capabilities. Observed tactics included fingerprinting endpoints like /v1/models and /.well-known/mcp.json and systematic hunts for exposed .env files, highlighting the importance of securing RAG, MCP and private AI deployments from day one.
read more →

Securing RAG Pipelines in Enterprise SaaS Platforms

🔒 Enterprise SaaS products increasingly adopt Retrieval-Augmented Generation (RAG) to give AI agents access to customer-specific knowledge, but that bridge also creates severe security liabilities. The article reviews recent high-profile failures — from the EchoLeak zero-click exfiltration to vector database reconstructions, indirect prompt injections in IDEs and large-scale knowledge-base poisoning — and breaks down the typical three-phase RAG architecture: ingestion & embedding, vector storage & retrieval, and LLM generation. It advocates a defense-in-depth posture combining pre-ingest DLP, retrieval-time RBAC/ABAC, prompt isolation and output filtering, and highlights Google Cloud services like Cloud DLP, Vertex AI vector search, Vertex AI model armor and Security Command Center to operationalize those controls.
read more →

Cloudflare AI Search: A Search Primitive for Agents

🔍 Cloudflare introduced AI Search, a plug-and-play search primitive that provides a unified retrieval layer for agents, support bots, and coding assistants. It pairs hybrid semantic (vector) and BM25 keyword matching, managed storage, and built-in vector indexes so developers can create instances at runtime without provisioning separate infrastructure. The service integrates with Workers, the Agents SDK, and Wrangler, supports metadata boosts and cross-instance queries, and can optionally rerank results with a cross-encoder.
read more →

Introducing QueryData: Near-100% Accurate Data Agents

🔍 QueryData launches in preview, offering near-100% accuracy translating natural language into database queries across AlloyDB, Cloud SQL (MySQL and PostgreSQL) and Spanner. Built on Google Cloud’s Gemini LLM and augmented by rich database context, it uses schema ontologies, query blueprints and ambiguity detection to generate precise queries. Deterministic security is enforced via Parameterized Secure Views (PSVs), and integration is supported through a unified QueryData API, the MCP Toolbox for Databases, and context-engineering tools including an Evalbench framework.
read more →

Amazon S3 Vectors Adds Availability in 17 Regions Globally

🚀 Amazon expanded S3 Vectors into 17 additional AWS Regions — now available in 31 Regions worldwide. S3 Vectors is the first cloud object storage with native vector support, built for AI agents, inference, Retrieval-Augmented Generation (RAG), and semantic search at billion-vector scale. It supports up to two billion vectors per index, elastic scaling to 10,000 vector indexes per bucket, low-latency queries (frequent queries as fast as 100 ms; infrequent under one second), and native integration with Amazon Bedrock Knowledge Bases to help reduce RAG costs.
read more →

Spanner's Multi-Model Advantage for Agentic AI in Production

🔍Spanner positions itself as a unified, globally consistent database designed for agentic AI by combining relational, key-value, graph, vector and full-text search capabilities in one platform. The post argues this interoperable multi-model approach reduces data silos, removes brittle synchronization logic, and improves governance, availability, and development velocity. Google highlights features such as GQL graph support, a Cassandra native endpoint for lift-and-shift, and ScaNN-based ANN vector search. The customer example of MakeMyTrip illustrates significant operational simplification and faster AI feature delivery.
read more →

Five Priorities CISOs Must Address at RSAC 2026 Summit

🤖RSA Conference 2026 reframes AI from a single track to the event itself, with roughly 40% of sessions AI-weighted and artificial intelligence woven across identity, cloud, threat intelligence and human-focused tracks. CISOs face a dual mandate: accelerate AI adoption to remain competitive while protecting the enterprise from new attack surfaces such as RAG pipelines, vector databases, prompt injection and model inversion. Key priorities at RSAC include securing the AI stack, defining AI governance and compliance (including preparation for the EU AI Act), managing non‑human identities, mitigating shadow AI and AI-assisted coding risks, and preparing SOCs for autonomous remediation.
read more →

Transforming Developers into AI Architects with Google Cloud

🧭 This post launches Google Cloud's "Data Strategy = AI Strategy" series and reframes the database as the central context engine for production AI. It argues that by using fully PostgreSQL-compatible services such as AlloyDB and Cloud SQL, teams can eliminate latency and improve retrieval accuracy while reducing infrastructure friction. The article emphasizes three enterprise pillars — speed, scale, and security — and describes hands-on labs that cover batch embeddings, real-time inference with Gemini 3 Flash, and row-level security for zero-trust agents.
read more →

Private Connectivity for RAG AI Applications on Google Cloud

🔒 This Google Cloud blog outlines a reference architecture to deliver private-IP only connectivity for retrieval-augmented generation (RAG) applications that must not transit the public internet. It describes a multi-project topology—routing project, Shared VPC host, and service projects for Data Ingestion, Serving, and Frontend—and maps required services such as Cloud Interconnect/Cloud VPN, Network Connectivity Center, Private Service Connect, Cloud Router, Cloud Armor, and VPC Service Controls. The post also details RAG population and inference flows to show end-to-end private traffic paths and highlights management and routing orchestration for hybrid and VPC spokes.
read more →

Using the Neo4j Gemini CLI Extension on Google Cloud

🔗 Gemini CLI's Neo4j extension connects graph databases to Gemini's reasoning via the Model Context Protocol (MCP). The extension bundles four MCP servers to manage Neo4j Aura, translate natural language into Cypher, support interactive data modeling and visualization, and use Neo4j as long-term memory for agentic flows. Developers can provision databases, run Cypher queries, and persist knowledge from the terminal to accelerate GraphRAG workflows.
read more →

Amazon Neptune Analytics Expands to Seven Regions Globally

🔔 Amazon Neptune Analytics is now available in seven additional AWS Regions: Middle East (Bahrain), Middle East (UAE), Israel (Tel Aviv), Africa (Cape Town), Canada (Calgary), Asia Pacific (Malaysia), and Europe (Zurich). Neptune is a serverless graph database that automatically scales graph workloads, reduces operational overhead, and improves AI accuracy and explainability by modeling connected data. It also provides fully managed GraphRAG with Amazon Bedrock Knowledge Bases and integrates with the Strands AI Agents SDK and popular agentic memory tools to accelerate graph-powered AI development.
read more →

Model Security Misses the Point: Secure AI Workflows

🛡️As AI copilots and assistants are embedded into daily work, recent incidents show the primary risk lies in surrounding workflows rather than in the models themselves. Malicious Chrome extensions that exfiltrated ChatGPT and DeepSeek chats and prompt injections that tricked an AI coding assistant into executing malware exploited integration contexts, not model internals. The piece advises mapping AI usage, applying least-privilege, enforcing middleware guardrails to scan outputs, and using dynamic SaaS platforms like Reco to detect and control risky workflows.
read more →