Vertex AI GA for generative AI support

Vertex AI GA for generative AI support

Updates related to Amazon Inspector, Well-Architected Profiles, Google Chronicle, Azure VMWare, Azure Functions, BigQuery

NPW Research

Vertex AI GA for generative AI support

  • Vertex AI now generally supports generative AI, offering enhanced capabilities for building custom AI apps.
  • Access Google's text model powered by PaLM 2, Embeddings API for text, and more.
  • Tools available for model tuning, deployment, backed by enterprise-grade data governance, security, and safety. UPDATE

Management Tools

Amazon Inspector Adds Software Bill of Materials Export

  • Amazon Inspector now offers Software Bill of Materials (SBOMs) export in CycloneDx and SPDX formats.
  • Allows automated and centrally managed visibility into software supply chain and vulnerabilities.
  • Available at no additional cost across all commercial regions where Amazon Inspector is available. UPDATE


Chronicle enhances security ops in Google Cloud

  • Chronicle Security Operations integrates with Security Command Center Premium, Google Cloud telemetry.
  • Offers turnkey threat detection, investigation, response (TDIR) through data collection and analysis.
  • Detect threats with high-fidelity alerts, investigate with visualized storylines, automate responses.
  • Simplifies data ingestion from various Google Cloud services, normalizes, contextualizes cloud telemetry. UPDATE

Google Cloud adds attack path simulation

  • Security Command Center now includes attack path simulation, analyzing vulnerabilities in Google Cloud environments.
  • The feature uses near-real time data to create high-risk attack paths without manual queries.
  • The service is fully automated, provides remediation advice based on findings.
  • An attack exposure score helps prioritize remediation, improving risk posture. UPDATE

Security Command Center Premium bolsters identity protection

  • Google Cloud’s Security Command Center Premium enhances detection of compromised identities.
  • New detectors include excessive failed attempts, anomalous service account impersonation, and dormant service account activity.
  • Offers insights into risky IAM policy changes and behavior by principals. UPDATE

"Secure Web Proxy enhances cloud security"

General availability of Secure Web Proxy, a cloud-first network security offering that enables web egress traffic inspection, protection, and control for Zero Trust networking. UPDATE

"Google Cloud Firewall adds threat intelligence features"

Introduces threat intelligence and geo-location capabilities, allowing curated threat lists and granular control based on geographic locations for enhanced cloud workload security. UPDATE

Google Cloud submits OSCAL package

Google Cloud submitted OSCAL package for DoD Impact Level 5; machine-readable language for security control assessments developed by NIST. UPDATE

Provisioning + Runtime

Azure VMware Solution now supports stretched clusters:

  • Stretched clusters for Azure VMware Solution provides 99.99% uptime.
  • Supports Customer-Managed Keys for vSAN encryption.
  • Ensures high availability for critical applications with zero-recovery point objective.
  • Resilient to AZ failures, integrated with Azure Key Vault. UPDATE

Azure Front Door Migration to Standard/Premium Now Available

  • Azure Front Door Standard and Premium tiers, catering to dynamic/static content delivery and security, were made generally available in March 2022.
  • Migration from Azure Front Door (classic) to Standard or Premium is now possible with zero downtime.
  • Migration takes a few minutes and involves three to five steps depending on configurations. UPDATE

Redis Extension for Azure Functions in Public Preview

  • Redis extension for Azure Functions is in public preview.
  • Enables Redis to trigger serverless workflows, beneficial for write-behind cache and event-based architectures.
  • Compatible with various Redis data types and notifications. UPDATE

Amazon S3 Introduces Dual-Layer Server-Side Encryption

  • Amazon S3 now offers dual-layer server-side encryption with keys stored in AWS Key Management Service (DSSE-KMS).
  • Compliant with National Security Agency CNSSP 15 for FIPS and Data-at-Rest Capability Package Version 5.0.
  • Supports querying and analyzing dual-encrypted data with AWS services like Athena and SageMaker. UPDATE

Amazon Inspector Supports Lambda Function Code Scans

  • Amazon Inspector expands to scan custom application code in Lambda functions.
  • Identifies vulnerabilities like injection flaws, data leaks, and weak cryptography.
  • Generates detailed, actionable security findings routed to AWS Security Hub and Amazon EventBridge. UPDATE

AWS Elastic Disaster Recovery updates

Replicates, recovers AWS network components, configurations, supports Trusted accounts, continuous data replication. UPDATE

Architecture Design

AWS Well-Architected introduces Profiles

Tailor Well-Architected reviews with Profiles, prioritize questions aligned to business goals, share Profiles across accounts. UPDATE

App Building

BigQuery introduces anti-pattern recognition tool

  • BigQuery anti-pattern recognition tool automates identification of SQL query anti-patterns, providing optimization recommendations.
  • Detects inefficient patterns across numerous SQL queries, using ZetaSQL to parse queries into abstract syntax trees.
  • Examines potential optimizations, improving performance and cost efficiency. UPDATE

Dataform in GA for BigQuery SQL pipelines

  • Enables development, version control, and deployment of SQL pipelines in BigQuery.
  • Offers unified UI and API for building scalable SQL pipelines.
  • Features include automated dependency management, data-quality testing, and code reuse.
  • Supports collaboration with software engineering best practices like Git and CI/CD. UPDATE

NPW Insights this week

  1. New York Life modernizes with cloud, cybersecurity
  2. Effective Test Automation Approaches for Modern CI/CD Pipelines
  3. ChatGPT bot streamlines code reviews
Access NPW Insights here