< ciso
brief />
Tag Banner

All news with #tool calling security tag

21 articles

AWS DMS Schema Conversion Adds AI Agent Automation

🧭 AWS Database Migration Service (DMS) Schema Conversion now integrates AI agent automation via the AWS MCP Server. Agents like Kiro, Claude Code, and Cursor can connect and run migration workflows from IDEs using natural language, performing tasks such as creating projects, browsing source metadata, converting schemas, and exporting results. The dms-schema-conversion skill provides predefined procedures and operational sequencing to guide agents and reduce trial-and-error, and agents can assist with converting stored procedures, functions, and triggers. This capability is available for all existing DMS Schema Conversion engine pairs at no additional charge; regional availability is listed on the Supported AWS Regions page.
read more →

Enforce least-privilege in multi-agent AI chains

🔒 This post describes a reference implementation using Cedar on AWS to prevent silent privilege escalation in multi-agent AI delegation chains. It outlines a three-layer policy model—agent-to-tool, agent-to-agent delegation, and originating user authorization—using verified token claims and HMAC-signed context. The architecture uses an MCP adapter Lambda and a Cedar evaluator Lambda to enforce policies sequentially and halt on the first deny. It includes schema, entity registrations, policy examples, deployment steps, and end-to-end test scenarios demonstrating how the model enforces least privilege.
read more →

Agent Toolkit Adds Secret Safety Skill for Agents

🔒 AWS Secrets Manager introduces a secret safety skill in the aws-core plugin for the Agent Toolkit for AWS, enabling AI coding agents to use secrets without exposing values to models or session logs. The skill prevents models from requesting raw secret values and prompts developers to clarify intent while constructing commands that reference secrets. A child process resolves secret references at execution time, keeping plaintext secrets out of agent context and logs. The feature is available across supported agent harnesses and Regions where Secrets Manager is offered.
read more →

Amazon Bedrock AgentCore adds Web Search capability

🔎 Amazon Bedrock AgentCore now offers Web Search generally available in US East (N. Virginia). The fully managed tool provides agents with current web knowledge, combining an Amazon-operated web index and structured knowledge graph data to return high-value excerpts, entity data, and verified facts. Web Search integrates with AgentCore via the Model Context Protocol (MCP) and keeps data residency within your secured AWS environment with zero data egress.
read more →

Gemini 3.1 Flash-Lite Now GA for Low-Latency Scale

🚀 Today Google Cloud announced that Gemini 3.1 Flash-Lite is generally available on Gemini Enterprise. Built for ultra-low latency, high-volume workloads, and maximal cost-efficiency, Flash-Lite is positioned for production deployments that require fast, iterative responses and precise agentic capabilities such as tool calling and orchestration. Early adopters report significant reductions in latency and operating cost while retaining robust reasoning for developer assistants, customer service agents, and multimodal creative pipelines.
read more →

Amazon Bedrock AgentCore Payments Preview for Agents

💳 Amazon Bedrock AgentCore now offers a preview of AgentCore payments, enabling AI agents to autonomously discover and pay for APIs, MCP servers, web content, and other agents. Built with Coinbase and Stripe, the feature manages wallet authentication, x402 protocol negotiation, stablecoin payment execution, and proof delivery without interrupting an agent's reasoning loop. Developers can attach a Coinbase CDP or Stripe Privy wallet, set session-level spending limits enforced at the infrastructure layer, and observe every transaction through AgentCore's existing logs, metrics, and traces. The Coinbase x402 Bazaar MCP server is accessible via AgentCore Gateway, and the preview is available in four AWS Regions.
read more →

Browser Run for AI Agents — Cloudflare’s Remote Browser

🔎 Cloudflare has renamed Browser Rendering to Browser Run and expanded it into a remote browser platform tailored for AI agents. It runs full Chrome sessions across Cloudflare’s global network and can be driven by code or AI using Puppeteer, Playwright, Quick Actions, direct CDP access, or MCP/WebMCP. New features include Live View for real-time inspection, Human-in-the-Loop handoffs for operator intervention, a CDP endpoint for low-level automation, and Session Recordings for replay and debugging. The service raises concurrency and Quick Actions limits and is available on Workers Free and Paid plans.
read more →

Ceros Provides Visibility and Control for Claude Code

🔒 Ceros, an AI Trust Layer from Beyond Identity, runs alongside Claude Code on developers' machines to provide real-time visibility, runtime policy enforcement, and cryptographically signed audit records. Installation is non-disruptive—two CLI commands and a brief enrollment tie sessions to verified human identities with hardware-bound keys. The admin console surfaces conversation transcripts, tool invocations, MCP server connections, and signed activity logs that support compliance.
read more →

Amazon Bedrock Enables Server-Side Tool Execution Now

🔧 Amazon Bedrock now supports server-side tool execution by integrating AgentCore Gateway with the Responses API. Customers can supply an AgentCore Gateway ARN and Bedrock will discover and invoke gateway tools during inference, eliminating client-side orchestration. Tool results are executed and streamed server-side in real time, with IAM-based access control preserved. This reduces latency and simplifies agentic workflows.
read more →

Amazon Aurora DSQL Integrates with Kiro Powers, Skills

🤖 Amazon Web Services today announced that Amazon Aurora DSQL now integrates with Kiro powers and AI agent skills to accelerate database-backed application development. The integration packages the Aurora DSQL Model Context Protocol (MCP) server with development best practices so AI agents can assist with schema design, performance tuning, and routine database operations out of the box. Kiro powers provides a curated registry of MCP servers, steering files, and agent hooks with one-click installation in the Kiro IDE. The Aurora DSQL skill extends the same guidance to other agent ecosystems via a Skills CLI, allowing agents to dynamically load Postgres-compatible SQL patterns, distributed design advice, and IAM authentication guidance.
read more →

Managed MCP Servers for Google Cloud Databases and Tools

🔌 Google Cloud now offers managed MCP servers for databases and developer tooling, enabling MCP-compliant AI agents (including Gemini) to access data and infrastructure without deploying additional infrastructure. The expansion adds AlloyDB for PostgreSQL, Spanner, Cloud SQL, Bigtable and Firestore, plus a Developer Knowledge MCP server for IDE documentation access. These servers use IAM-based authentication and Cloud Audit Logs for observability and governance, letting teams scale agentic workloads securely.
read more →

Researchers Find 175,000 Publicly Accessible Ollama Hosts

🔍 A joint investigation by SentinelOne SentinelLABS and Censys identified 175,000 publicly reachable Ollama hosts across 130 countries, spanning cloud and residential networks. Nearly half of observed instances advertise tool-calling capabilities that can execute code, access APIs, and interact with external systems, significantly raising the threat profile. Researchers warn these unmanaged LLM deployments lack standard authentication and monitoring, enabling active LLMjacking campaigns and resale of illicit access.
read more →

Amazon Bedrock Adds Server-Side Custom Tools for Responses

🔧 Amazon Bedrock now supports server-side tools in the Responses API using OpenAI API–compatible service endpoints. With Bedrock invoking tools directly rather than relying on client orchestration, AI applications can perform real-time, multi-step actions—searching the web, executing code, and updating databases—within the governance, compliance, and security boundaries of your AWS accounts. Developers may supply custom Lambda functions or use AWS-provided tools such as notes and tasks. Server-side tool use is available today for OpenAI's GPT OSS 20B and GPT OSS 120B in multiple AWS regions, with broader model and region support coming soon.
read more →

gRPC as a Native Transport for the Model Context Protocol

🔗 Google Cloud describes work to enable gRPC as a native transport for the Model Context Protocol (MCP), offering an alternative to JSON-RPC transcoding for organizations that already use gRPC. Native gRPC eliminates the need for transcoding gateways and preserves existing tooling, while delivering lower latency, smaller Protobuf-encoded payloads, and full-duplex streaming. The MCP core maintainers agreed to pluggable transports in the SDK, and Google Cloud will contribute a community-backed gRPC transport package to promote consistent, interoperable deployments.
read more →

Enhanced Tool Governance and Scaling for Vertex AI

🛡️ Google Cloud has integrated Cloud API Registry into Vertex AI Agent Builder, giving administrators centralized governance over agent tools and a curated catalog developers can access via a new ApiRegistry ADK object. The update broadens ADK support — including Gemini 3 Pro/Flash and TypeScript — and improves state management, interactions, and recovery. An early A2UI toolkit and Interactions API support aim to simplify multimodal I/O and shared UI components. Agent Engine features such as Sessions and Memory Bank are GA, regional availability is expanding, and several pricing adjustments take effect in December 2025 and January 2026.
read more →

Amazon Aurora PostgreSQL Integrates with Kiro Powers

🚀 AWS announces integration of Amazon Aurora PostgreSQL-Compatible Edition with Kiro powers, enabling agent-assisted database development using prepackaged MCP servers, steering files, and hooks. The Aurora PostgreSQL power bundles data plane (queries, schema) and control plane (cluster creation) capabilities with targeted best-practice guidance. Available via Kiro IDE and the Kiro powers catalog for one-click installation across AWS Regions.
read more →

Amazon Connect Adds MCP Support for AI Agents and Tools

🤖 Amazon Connect now supports the Model Context Protocol (MCP), enabling AI-driven customer self-service and employee assistance agents to invoke standardized tools to fetch information and perform actions during interactions. Amazon Connect offers out-of-the-box MCP tools for tasks like updating contact attributes and retrieving case information, and allows flow modules to be exposed as MCP tools so business logic is reusable across deterministic and generative workflows. Organizations can also integrate custom or third-party tools via flow modules or the Amazon Bedrock AgentCore Gateway to automate actions such as order lookups, refunds, and customer-record updates without human intervention.
read more →

AWS Knowledge MCP Server Adds Topic-Based Search for Domains

🔎 The AWS Knowledge MCP Server now supports topic-based search across specialized documentation domains, enabling more precise queries against areas such as Troubleshooting, AWS Amplify, AWS CDK, CDK Constructs, and AWS CloudFormation. This enhancement lets MCP clients and agentic frameworks target domain-specific resources to reduce noise and improve relevance. The capability complements existing API reference and general documentation search features and is available immediately at no additional cost, subject to standard rate limits.
read more →

PayPal and Google Cloud Launch Agentic Commerce Solution

🛒 PayPal and Google Cloud announced a joint agentic commerce offering that integrates Google Cloud’s Conversational Commerce agent with payments powered by PayPal. The solution leverages the open Agent2Agent (A2A) Protocol and the Agent Payments Protocol (AP2)—which extends A2A and the Model Context Protocol—to enable agent-to-agent payment flows secured by Verifiable Digital Credentials. Merchants can deploy Google’s out‑of‑the‑box conversational agent or build custom agents with the Agent Development Kit (ADK), retaining control over tone, branding, and the customer relationship while benefiting from integrated payment and fraud controls.
read more →

Amazon Q Developer CLI Adds Remote MCP Server Support

🔒 Amazon Q Developer CLI now supports remote MCP servers to centralize tool integrations and OAuth-based authentication, enhancing scalability and security in development workflows. Administrators specify HTTP transport, the authentication URL, and optional headers in agent configuration or mcp.json. Upon successful OAuth authentication, the CLI enumerates tools on the MCP server and exposes them to the agent. This capability is available in both the CLI and the Amazon Q Developer IDE plugins.
read more →