Google Cloud Launches AI-Driven Incident Response System

As organizations rapidly adopt AI, safeguarding these advances is mission-critical. Google Cloud empowers you to securely develop and deploy AI, addressing compliance and privacy from the start.  

Today, we’re introducing a solution to manage risk throughout the AI lifecycle. AI protection is a tool set designed to secure your AI workloads and data across any cloud or model, regardless of platform.  

AI protection helps teams manage AI risk in several ways:  

  • It discovers AI assets in your environment and checks them for possible vulnerabilities.  
  • It secures AI assets using controls, policies, and guardrails.  
  • It manages threats to AI systems with tools for direction, investigation, and response.  

AI Protection integrates with the Security Command Center to manage security risks across clouds. This provides security teams with a unified view for monitoring AI and cloud risks.  

Discovering AI Inventory 

Managing AI risk begins with knowing where and how AI is used. Our tools automatically find and catalog models, applications, data, and their connections.  

Understanding the data supporting AI applications and protecting that data is critical. Sensitive Data Protection (SDP) identifies and secures sensitive information, now automating data discovery for Vertex AI datasets. SDP displays sensitivity and types of training data, as well as data profiles for deeper insights.  

Once sensitive data locations are identified, AI Protection leverages SCC’s virtual red teaming to detect risky combinations and potential attack paths, and to recommend steps to strengthen security.  

Securing AI Assets 

Model Armor, an AI protection feature, is now available. Model Armor protects AI models against certain attack types, including prompt injection (manipulating AI responses by inserting malicious input), jailbreak (bypassing restrictions on AI behavior), data loss, malicious URLs (web addresses leading to harmful sites), and offensive content. Model Armor works with many models across different clouds, so you get consistent protection for your models and platforms, even if your needs change later.  

Developers can now add Model Armor’s prompt and response screening automatic checks for inappropriate, harmful, or unsafe inputs and outputs to their applications using a REST API (a way for applications to communicate over the web) or by integrating with Apigee (an API management platform). Soon, you’ll be able to use Model Armor inline without changing your apps, thanks to upcoming integrations with Vertex AI and our cloud networking products.  

We are using Model Armor not only because it provides robust protection against prompt injections, jailbreaks, and sensitive data leaks, but also because it helps us achieve a unified security posture through the Security Command Center. We can quickly identify, prioritize, and respond to potential vulnerabilities without impacting the experience of our development teams or the apps themselves. We view Model Armor as critical to safeguarding our AI applications and to centralizing the monitoring of AI security threats alongside our other security findings within SCC. It is a game changer,” said Jay DePaul, Chief Cybersecurity and Technology Risk Officer, Dun & Bradstreet.  

Organizations can use AI protection to enhance the security of Vertex AI applications by applying security postures in the Security Command Center. These controls are built on a deep understanding of Vertex AI’s design, helping you set secure configurations and prevent unwanted changes.  

Managing AI Threats 

AI protection uses security intelligence and research from Google and Mandiant to help protect your AI systems. Security Command Center detectors can spot initial access attempts, privilege escalation, and persistence threats in AI workloads. New detectors based on the latest intelligence, including those for model hijacking, will be available soon.  

“As AI-driven solutions become increasingly commonplace, securing AI systems is paramount and surpasses basic data protection. AI security – by its virtue – necessitates a holistic strategy that includes model integrity, data provenance, compliance, and robust governance,” said Dr. Grace Trinidad, Research Director, IDC.  

Piecemeal solutions can leave critical vulnerabilities exposed, rendering organizations susceptible to threats such as adversarial attacks or data poisoning, and adding to the overwhelming security challenges that security teams already face. A comprehensive lifecycle-focused approach enables organizations to effectively mitigate the multifaceted risks posed by generative AI and manage increasingly complex security workloads. By taking a holistic approach to AI protection, Google Cloud simplifies and thus improves the experience of securing AI for customers,” she said.  

Enhance AI Protection With Expert Support. 

The Mandiant AI security consulting portfolio helps organizations assess and strengthen the security of AI systems across multiple clouds and platforms. Our consultants review your entire AI setup and suggest ways to enhance its security. They also offer red teaming for AI using insights from the latest real-world attacks.  

Building on a Secure Foundation 

Customers can benefit from running AI workloads on Google Cloud’s secure-by-design infrastructure, which features safeguards, encryption, and strict supply chain controls.  

If your AI workloads are regulated, assured workloads create environments with strict policy guardrails, such as data residency, which ensures your data stays within a specified location, and customer-managed encryption, which means you control the encryption keys for your data. Audit Manager demonstrates compliance with regulations and new AI standards by providing reports and evidence of adherence. Confidential computing protects data during processing; this means data remains encrypted and inaccessible to unauthorized parties even from users with system access or internal threats.  

If you want to find unsanctioned or shadow AI use in your workforce, Chrome Enterprise Premium can help. It gives you visibility into end-user activity and helps prevent both accidental and intentional leaks of sensitive data in generative AI applications.  

Next Steps 

Google Cloud remains dedicated to supporting organizations in protecting AI innovations. Additional information is available in the showcase paper from Enterprise Strategy Group and at the online security talks event on March 12th.  

To try AI protection in the Security Command Center or learn about subscription options, contact a Google Cloud sales representative or an authorized partner.  

More exciting capabilities are coming soon, and we will share in-depth details on AI protection and how Google Cloud can help you securely develop and deploy AI solutions at Google Cloud Next in Las Vegas, April 9 to April 11.

Source: Announcing AI Protection: Security for the AI era 

CISA Expands Secure By Design Program With New Partners

The Cybersecurity and Infrastructure Security Agency expanded its Secure by Design initiative in April 2026 by adding new international technology partners and software makers. This shift aims to move cybersecurity responsibility from end users to original developers. The agency urges safety features to be built in from the start, motivating companies to prioritize long-term security over rapid product launches. As digital threats grow more complex, the program aims to strengthen global infrastructure by addressing weaknesses before they reach users.  

Institutionalizing Foundational Software Integrity 

The main idea behind the Secure by Design expansion is to move forward with default safety configurations. In the past, many business applications came with open settings that IT teams had to secure. Now, the new partners promise to deliver products with strong security features, such as multi-factor authentication and encrypted communication turned on by default. This helps organizations that may not have expert staff to set up complex systems, making it harder for attackers to find easy ways in and reinforcing foundational integrity. The initiative also addresses vulnerabilities at the code level.  

This effort also covers memory safety in the code itself. Many modern security problems come from poor memory management in older programming languages. CIS says new partners are promising to use memory-safe languages or hardware protections for all new critical infrastructure. This change addresses the main cause of many zero-day attacks affecting today’s networks. By fixing these issues at the source, the industry is creating a firmer and more reliable foundation. This active approach responds to repeated failures seen in the software supply chain over the past ten years.  

Accountability Through Radical Transparency 

A key part of the expanded program is self-attestation of security practices. Manufacturers are now expected to share detailed public information about their internal testing and how they handle vulnerabilities. They will also regularly publish a software bill of materials so customers can see which third-party libraries are used in their products. This level of transparency helps organizations better judge their risks when new vulnerabilities are found. It moves away from the old black-box approach and encourages mutual knowledge and shared responsibility to sustain the impact of these improvements. New tools have been introduced for ongoing progress.  

To keep the program moving forward, CISA has set up a progress reporting dashboard for its voluntary partners. This tool checks how well companies are adopting key security measures, such as removing default passwords and enabling automatic updates. Instead of acting as a strict regulator, the agency serves as a strategic facilitator, helping companies match their business goals with national security needs. By delivering a clear plan for improvement, CISA helps its partners stand out in a market that values strong cybersecurity.  

This voluntary approach motivates companies to compete by offering better security. Also, because the software supply chain is inherently global, a vulnerability in a component developed in one country can have domino effects on critical infrastructure halfway across the planet. By harmonizing secure-by-design standards across jurisdictions, CISA and its international counterparts are creating a common front against transnational digital threats. The global baseline ensures a high standard of protection is maintained, regardless of where the software was originally authored.  

International teamwork also enables real-time sharing of threat intelligence among all program members. If one partner finds a new type of attack, they can quickly alert the whole group. This shared defense lets producers issue fixes before a local problem spreads worldwide. Expanding the program to include telecommunications is especially important because these networks are the main channels for digital information. Protecting them at the design stage benefits everyone who depends on the internet for daily life and business. As strong foundations are built, the program also addresses challenges posed by outdated platforms.  

Eliminating the Security Debt of Legacy Systems 

A major challenge the new partnerships address is technical debt in old systems. Many organizations still use legacy software built before modern online threats. CISA’s partners are creating hardening kits to enhance the security of these platforms. This helps key sectors like energy and healthcare improve defenses without replacing costly infrastructure, bridging old and new systems for a secure future.  

These kits use virtual patching and active monitoring to protect older applications. This creates a zero-trust setup in which every action is checked, even if the soft- first software was not designed for this level of security. The goal is to build fail-safe systems that limit damage in the event of a breach. By planning for potential compromises, the secure-by-design approach focuses on containing problems and on quick recovery. This practical approach to risk management recognizes the complexity of modern networks and offers a clear path to a safer future. As these upgrades take effect, the program’s vision comes into sharper focus.  

The Crystalline Vibration Of A Secure Future 

As these digital systems adopt new standards, we are quietly entering a new phase of security. Our digital world is becoming more attentive and reliable, working in step with our need for safety. Soon, software updates may be something to look forward to, showing that our systems are always learning and improving. Over time, worries about hidden flaws may fade, replaced by confidence that our most important systems are well-protected. We may find that security is handled behind the scenes by smart technology, giving us peace of mind that our digital lives are safe and valued. The world is becoming more responsive, always ready to protect us from new threats.

Source: Secure by Design 

Meta Expands Spatial OS Access For Enterprise Devices

We are opening our Meta operating system to third-party hardware makers, giving consumers more options and expanding the developer ecosystem. By partnering with leading technology companies, we aim to create a more open computing platform for the Metaverse and make app development and audience engagement easier than ever.  

Introducing Meta Horizon OS 

This new hardware ecosystem will use Meta Horizon OS, the mixed-reality operating system that powers our Meta Quest headsets. We picked this name to show our focus on people, connection, and the social network that brings everyone together. Meta Horizon OS brings together the main technologies behind today’s mixed reality experiences and adds features that make social presence a key part of the platform.  

Meta Horizon OS is the result of 10 years of work at Meta to create a next-generation computing platform to lead the way in standalone headsets. We built technologies like inside-out tracking for more natural interactions and social presence. We developed eye, face, hand, and body tracking for mixed reality. We created a comprehensive set of tools to blend the digital and physical worlds, including high resolution, passthrough, scene interpretation, and spatial anchors. This long-term effort, which started with the Android open source project, has led to a mixed reality operating system now used by millions.  

With Meta Horizon OS, developers and creators can unlock these exhilarating technologies using the custom frameworks and tools we designed for immersive mixed reality experiences. They can grow communities and businesses through content discovery and monetization features built into the OS such as the Meta Quest Store, which houses the world’s largest library of immersive apps and experiences. We’re excited to rename the Meta Horizon Store to reflect the vibrant future we’re building together.  

The Horizon social layer that powers Meta Quest devices is now experiencing an exciting part of this new ecosystem. It enables people to bring their identities, avatars, and friend groups with them across virtual spaces and allows developers to infuse their apps with meaningful social features. Because this social layer weaves together different platforms, it empowers people to connect and spend time in virtual worlds using mixed reality, mobile, and desktop devices. Meta Horizon OS devices will also leverage the same mobile companion app that Meta Quest owners enjoy today, and which we’re excited to rename the Meta Horizon app.  

A New Generation of Hardware 

As the mixed reality market accelerates and people embrace it for gaming, entertainment, fitness, productivity, and social presence, exciting new possibilities are emerging for specialized hardware. Like with PCs and smartphones, consumers will benefit the most from a thriving range of hardware, from versatile models to focused devices, all powered by the same dynamic platform.  

Top technology companies around the world are enthusiastically developing new devices using Meta Horizon OS:  

  • ASUS’s Republic of Gamers will use its first gaming expertise to create a new top-tier gaming headset.  
  • Lenovo is harnessing its experience co-designing the Oculus Lift S and its strong background in building devices like the ThinkPad laptops to deliver groundbreaking mixed reality devices for productivity, learning, and entertainment.  
  • Last year, Xbox and Meta partnered to bring Xbox Cloud Gaming (beta) to Meta Quest, letting people enjoy Xbox games on an expansive 2D virtual screen in mixed reality. Now, we’re excited to join forces again to launch a limited edition Meta Quest inspired by Xbox.  

All of these innovative devices will benefit from our strong partnership with Qualcomm Technologies Inc., maker of Snapdragon processors that integrate seamlessly with our software and hardware. The latest Snapdragon XR2 Gen 2 platform launching with Meta Quest 3 unlocks major new levels of mixed reality performance. Companies building for this vibrant new system ecosystem can tap into these advanced chipsets and custom software features.  

A More Open App Ecosystem 

As we open Meta Horizon OS to more device makers, we’re giving app developers easier ways to re-reach audiences. We’re merging the Meta Horizon Store and App Lab, so any developer meeting technical and content standards can launch software. Soon, App Lab titles will have their own section in the store, making them easier to find. Several popular apps like Gorilla Tag and Jib Class began in App Lab. We’re streamlining the process for developers to launch apps on our platform.  

We are developing a new spatial app framework to help mobile developers build mixed reality experiences. To get started, visit our application page via the provided link and request access. Use the tools you already know to bring your apps to Meta Horizon OS or create new mixed reality apps.  

Meta Horizon OS will have a more open app store. This gives people more ways to access apps. Users are not limited to our app store. They can enjoy content from services like Xbox Game Pass Ultimate or Steam Link. They can also use Air Link to stream PC software to their headsets. We invite the Google Play 2D app store to join Meta Horizon OS with the same economic model it uses on other platforms.

Source: A New Era for Mixed Reality 

NVIDIA Introduces Multi-GPU Linking For Local AI Workloads

NVIDIA has introduced a new high-performance interconnect standard that connects multiple graphics processors into one powerful system for local workstations. Launched in April 2026, this hardware and software solution targets professionals who need substantial parallel processing power without using cloud data centers by linking the memory and processing cores of several cards. A single workstation can handle datasets that were too large for a standard desktop. This development meets the growing need for detailed simulations and complex data processing at the network’s edge. It signals a return to decentralized, high-performance computing for researchers, engineers, and digital artists.  

Overcoming The Bottlenecks Of Traditional Bus Architecture 

One of the main technical challenges for local multiprocessor systems is communication latency between processors. Standard motherboard slots often can’t move data quickly enough to keep several high-end chips working together smoothly. NVIDIA’s new unified memory bridge fixes this with a dedicated high-speed connection that skips the usual system bus. This lets two or more processors share their memory as if it were one large pool. As a result, data doesn’t have to be copied between cards. Each calculation cycle is much faster.  

The architectural shift is supported by a new “Dynamic Load Balancer” embedded within the driver stack. This is a system monitor. This new design introduces a dynamic load balancer built into the driver software. It keeps track of each core’s workload in real time and automatically shifts tasks so no single processor slows down the group. If one unit finishes early, it takes on more work from the shared queue to help the others. This setup means that adding more cards almost doubles or triples the system’s output. Such efficiency is especially important for tasks such as real-time 3D rendering or processing large genomic data sets. It effectively merges the video memory of all linked units. In the past, if a single task required 48 gigabytes of memory but each card had only 24, the task could not run locally. The new linking removes this physical boundary, allowing the software to see a 96-gigabyte or 192-gigabyte memory space. This is a game-changer for those working with high-resolution 3D environments or large-scale statistical models. It allows for more complex textures and more detailed physics simulations without slowing down or crashing the systems.  

To handle larger memory, NVIDIA has added Predictive Data Prefetching, a feature that anticipates what data will be needed next and loads it into the high-speed cache (temporary memory used to store frequently accessed data) before processing. This way, the processing cores are never left waiting for data from slower storage devices (such as hard drives or SSDs). By keeping the compute pipeline (the sequence of processing setups) full, the system reaches speeds that once required liquid-cooled server racks (large industrial computer setups). Now, a single professional workstation can match the performance of a mid-sized server cluster (a group of connected servers) from just a few years ago.  

Thermal Management in High-Density Workstations. 

Putting several high-power processors in a single case creates significant thermal challenges that can slow performance. The new linking standard addresses this with a synchronized cooling protocol that coordinates all system fans. The hardware works together to direct airflow and move heat away from the chips and out of the case. If one card gets hotter than the others, the system can lower its speed slightly and raise a neighbor’s speed to keep overall performance steady. This thermal load-sharing prevents any single part from overheating.  

For people working in quiet offices, the system includes an Acoustic Optimization mode, which sets all fans to lower speeds to move more air without producing high-pitched noise. This reduces the typical sound produced by powerful cooling units. As a result, the workstation stays cool and quiet even during long processing sessions. By focusing on the physical environment, the company shows it understands that noise and heat matter in real-world workspaces.  

Security and Data Sovereignty at the Local Edge 

One of the main reasons for the shift to local hardware is the growing concern about data sovereignty and the safeguarding of intellectual property in the cloud. Many organizations are reluctant to upload proprietary designs or sensitive customer data to remote servers. By keeping large workloads local, NVIDIA helps create a stronger barrier against unauthorized access or the exposure of confidential data. The new multi-unit bridge uses hardware-based encryption for all data moving between processors, ensuring information remains secure even as it travels within the computer.  

In addition to the enhanced security and data control provided by local hardware, using a local system also avoids the cost of moving large amounts of data to and from a cloud provider. For example, a research lab that processes daily satellite images or medical scans can save significant money. Local hardware also offers predictable performance, so users are not affected by changing internet speeds or the impact of other users on shared cloud resources. This gives professionals full control over their computing environment and helps ensure that important deadlines are met even if a remote service goes down.  

Thermal Synchronization And Acoustic Load Balancing 

As workstations around the world become more linked and effective, digital labs are quietly changing. Offices are becoming more responsive to our creative needs. Power is shifting away from a central location, and each desk can now be a productive hub. Over time, the line between what the machine does and what we create may blur, allowing us to work more smoothly. We may soon find that our work is supported by reliable systems that esteem both our intentions and our data. The workstation is becoming more than just equipment it is now a dependable part of our daily work. 

Source: NVIDIA AI Ecosystem Expands as Marvell Joins Forces Through NVLink Fusion 

Apple Expands Private Cloud Compute For Secure AI Processing

Apple introduced new updates throughout its platforms to give users more control over their data. Private Cloud Compute, a feature that processes information on remote Apple servers without storing it long-term, brings the iPhone’s strong privacy protections to the cloud so users can get both smart features and privacy. New tools such as locked and hidden apps which require authentication for app access and conceal selected apps help secure sensitive information on devices. Other updates include privacy-focused features in Mail (which limit email tracking), satellite messaging (allowing texts in areas without cell service), and Presenter Preview (a preview before sharing your screen).  

Private cloud compute allows Apple Intelligence to process complex user requests with groundbreaking privacy,” said Craig Federighi, Apple’s senior vice president of software engineering. “We’ve extended iPhone’s industry-leading security to the cloud with what we believe is the most advanced security architecture ever deployed for cloud AI at scale. Private Cloud Compute uses your data only to fulfill your request and never stores it, ensuring it’s never accessible to anyone, including Apple. And we’ve designed the system so that independent experts can verify these protections.”  

Superior Privacy for AI Capabilities 

Apple Intelligence is a personal intelligence system built into iPhone, iPad, and Mac. It uses advanced generative models to make these devices more helpful and enjoyable to use.  

A key part of Apple Intelligence is on-device processing, which means features are powered directly on the user’s device without collecting user data. When more computing is needed, private cloud computing steps in and uses larger server-based models software that runs on powerful remote computers to handle complex tasks while still protecting customer privacy.  

When a user makes a request, Apple Intelligence checks whether it can handle it locally on the device. If the task is too complex, only the necessary data is sent to Apple Silicon servers using private cloud compute. The data is not shared, stored, or shared with Apple, and is used only to complete the request.  

Apple silicon servers that power Private Cloud Compute provide strong cloud security. The Secure Enclave protects important encryption keys by keeping them isolated from the rest of the system. Secure Boot is a feature that ensures only approved and verified software can run on the server’s operating system, as it does on an iPhone. Trusted Execution Monitor is a security tool that ensures only approved code runs on the servers. Attestation allows devices to verify a server’s identity before sending any data. Independent experts can review the server code to confirm Apple’s privacy claims.  

More Privacy Features Intended To Support Users 

Locked and hidden apps help users keep their information private when sharing their screen or device. Users can lock an app to protect its content or hide it so others can’t see it. If someone tries to open a locked app, they must use Face ID, Touch ID, or a passcode. Hidden apps are moved to a special folder that also requires authentication to open.  

“We relentlessly deliver on our pledge to give users the strongest and most innovative privacy protections,” said Eric Neuenschwander, Apple’s Director of Customer Privacy. “This year is no exception, and the ability to lock and hide apps is just one example of Apple helping users remain in control of their information, even if they are sharing their devices with others.”  

Apple has long worked to let users control what they share and with whom. In 2020, the Photos picker allowed users to select specific photos for apps without granting full access. This year, new features have been built on that. Contacts permission improvements in iOS 18 let users pick which contacts to share with an app. The Accessory Setup Kit gives developers a way to pair accessories without apps, see all devices on the network, and keep things private and easy.  

Other updates throughout Apple’s platform make it even easier for users to use privacy and security features.  

The new Passwords app builds on Keychain, which Apple introduced over 25 years ago. It lets users easily access account passwords, passkeys, Wi-Fi passwords, and two-factor codes stored securely. The app also warns users about weak, reused, or leaked passwords.  

Additional Features Built With Privacy By Design 

Apple has added privacy and security protections to its apps and services for years, and iOS 18, iPadOS 18, and macOS Sequoia sustain this approach.  

In iOS 18, Mail now sorts messages directly on the user’s iPhone into primary promotions, transactions, and updates, helping users focus on what matters most.  

With iOS 18, users can send messages to friends and family over satellite when they don’t have cellular or Wi-Fi. They can use their regular iMessage and SMS conversations, and iMessage stays end-to-end encrypted.  

Presenter preview in macOS Sonoma helps users avoid sharing too much during video calls, AirPlay, or when connecting with a cable. In apps like FaceTime and Zoom, users can choose to share their entire screen or just one app, and the presenter preview appears automatically.  

Availability 

Access the developer betas of iOS 18, iPadOS 18, and macOS Sequoia now at developer.apple.com if you are an Apple Developer Program member. Expect public betas at beta.apple.com next month. Receive the updated software this fall as a free update. Be aware that features may change and may not be available everywhere in every language or on all devices. Check apple.com for detailed availability.  

Use Apple Intelligence in beta this fall on iPhone 15 Pro, iPhone 15 Pro Max, or any iPad or Mac model with an M1 chip or newer as part of iOS 18, iPadOS 18, and macOS Sequoia. Set Siri’s language to US English to enable it. Get more information at apple.com/apple-intelligence.

Source: Apple extends its privacy leadership with new updates across its platforms 

Microsoft Expands Azure Cobalt 100 For AI Infrastructure

We’re excited to announce that new Azure Cobalt 100-based virtual machines (VMs) are now generally available. These VMs use Microsoft’s first sixty-four-bit Arm-based Azure Cobalt 100 CPU designed in-house. This launch is a major step forward in building and improving our cloud infrastructure with careful optimization at every level. Through integrating hardware and software, Azure Cobalt 100-based VMs highlight our efforts to deliver the right balance of performance, power efficiency, and scale for our customers.  

The Cobalt 100-based VMs include our new general-purpose DPS v6 series and DPLS v6 series, as well as the memory-optimized EPS v6 series. They deliver up to 50% better price-to-performance than our previous ARM-based VMs, making them a strong choice for many Linux-based workloads, such as data analytics, web and app servers, open-source databases, and caches.  

The new Azure Cobalt 100-based VMs offer significant improvements over previous Azure ARM-based VMs: up to 1.4 times better per-CPU performance, 1.5 times better Java workload performance, and double the performance for web server .NET apps and in-memory cache apps. NVMe local storage IOPS increase fourfold, and network bandwidth grows up to 1.5 times.  

These new VMs are available in regions like Canada Central, Central US, East US 2, East US, Germany West Central, Japan East, Mexico Central, North Europe, Southeast Asia, Sweden Central, Switzerland North, UAE North, West Europe, and West US 2. Additional regions are coming in 2024 and beyond, including Australia East, Brazil South, France Central, India Central, South Central US, UK South, West US 3, and West US.  

Customer Adoption and Scenarios 

During the preview, we worked with both internal and external customers. For example, IC3, the platform behind Microsoft Teams conversations, now serves its growing user base more efficiently and has seen up to 45% better performance on Cobalt 100-based VMs  

We are also providing Cobalt 100-based VMs to many independent software vendors (ISVs) who offer PaaS and SaaS solutions on Microsoft Azure.  

The Journey to ARM: Adopting Innovation and Customer Benefits.  

Microsoft’s experience with Arm technology shaped data center scale industry standards and earned industry recognition. Our transition to Arm-based VMs is driven by the goal of improving price performance and power efficiency for our customers, as demonstrated by the Cobalt 100-based VMs.  

Developer Ecosystem 

The developer ecosystem is growing quickly and has made great progress in recent years. Major platforms and languages such as C++, .NET, and Java now offer native ARM versions. We have made ARM-specific improvements for each of these, enabling us to fully leverage the strengths of the ARM architecture.  

Many popular infrastructure and deployment tools now support Arm natively. GitHub Actions, which many developers use for continuous integration and delivery, is now available for Arm in two ways: self-hosted runners running on an Arm VM or local Arm hardware, and GitHub-hosted runners.  

Containers are a popular choice for deployment because they deliver a streamlined workflow, isolation, security, efficient resource use, portability, and reproducibility. Microsoft Azure Kubernetes Service (AKS) now lets you create ARM agent nodes and mix ARM and x86 nodes within the same cluster.  

Specifications 

You can choose from several Azure virtual machines with 3 memory ratios per vCPU size, giving you the flexibility to meet your workload, CPU, and memory needs. All VM series are available with or without local disks, so you can select the best fit. New Dpsv6 series and Dpdsv6 series general-purpose VMs offer up to 96 vCPUs and 384 GiB of RAM. They are ideal for scale-out workloads, cloud-native solutions such as AKS, small to medium-sized open-source databases, application servers, and web servers. ARM developers can use these VMs in CI/CD pipelines, development, and test scenarios.  

  • The new Dpslsv6 and Dpldsv6 series VMs provide up to 96 virtual CPUs (vCPUs) and 192 GiB of RAM, with a 2:1 memory-to-vCPU ratio (2 GiB RAM per vCPU). They are ideal for media encoding, small databases, gaming servers, microservices, and workloads that do not require much RAM per vCPU.  
  • The new Eps v6 and Epds v6 series memory-optimized VMs provide up to 96 vCPUs and 672 GiB of RAM with an 80:1 memory-to-CPU ratio. They are built for memory-intensive work, such as large databases and in-memory CA. The new Epsv6 and Epdsv6 series memory-optimized VMs provide up to 96 vCPUs and 672 GiB of RAM, with an 8.1:1 memory-to-CPU ratio. Disk storage. For more details about disk types and where they are available, see Azure Managed Disk Types. Disk storage is billed separately from VMs. You can deploy these VMs using the Azure portal, SDKs, APIs, PowerShell, and/or the command line interface.  

To find out more about the new Azua Cobalt 100-based VMs, please read the documentation.  

Pricing 

To learn more about the pricing of Azure Cobalt 100-based VMs, please visit the Azure Virtual Machine pricing and pricing calculator pages.  

You can save money with reserved instances. The Azure savings plan for compute and spot virtual machines. Reserved VM instances help lower costs and make budgeting easier with one-year or three-year commitments. For a limited time, you can save up to fifteen percent more on one-year Azure reserved VM instances for select Linux VMs from October one, twenty twenty-four, to thirty-one March, twenty twenty-five. The Azure savings plan for compute lets you save across several Azure services, including VMs. Spot virtual machines can also cut costs for workloads that can handle interruptions and variable timing.  

A New Era of Price, Performance, and Power Efficiency. 

The launch of Azure Cobalt Boost VMs denotes a new chapter for Azure’s infrastructure. Our custom silicon program delivers outstanding price-performance and power efficiency to our customers. We look forward to seeing how these innovations help your business and to supplying even better solutions in the future.  

Thank you for taking part in this exciting trip with us.

SourceAzure Cobalt 100-based Virtual Machines are now generally available 

OpenAI Updates Model Spec to Enhance Multimodal Reasoning

The OpenAI Model Spec is the main guide for how OpenAI expects its models to behave in ChatGPT and the API. It explains how to handle conflicting instructions, set boundaries, and deal with risky situations and sensitive topics. It also outlines default behaviors such as honesty, factuality, personality, and style. We use it as a guiding reference. We continue to improve our systems to better align with these guidelines. The Model Spec is a living document. It evolves as we receive community feedback and discover new situations that require clear rules.  

Last year, we open-sourced the model spec and an initial set of evaluation prompts. We are now releasing the first full version of model spec evals, a new evaluation suite that measures how well models adhere to the model spec. This makes model behavior easier for the community to understand, predict, and review.  

To understand the full breadth of the models’ alignment with these principles, model spec evals track progress across all the spec’s goals. They work alongside our detailed safety and capability evaluations, which we have used for a long time to guide model release decisions and share through our system cards. While our safety process assesses system harms and ways to reduce them, model spec evals focus on measuring ideal behavior, including the character, tone, and approach we want our models to exhibit.  

Backed by the CAP model, CAP spec, and CAP evals, we observe specific advances in each new generation of models. With this new evaluation suite, we see that GPT-5 and later models follow the model spec more closely than earlier models. Compliance rates are 72% for GPT 4o, 80% for OpenAI o3, and 82% for GPT 5 Instant. GPT 5 Thinking achieves 89%, GPT 5.3 Instant scores 84%, and GPT 5.4 Thinking 87%. Compliance generally improves with each new model. Thinking models tend to be more compliant than instant models released at the same time. We have seen better results from following instructions, reducing damaging content, handling sensitive situations, being honest and transparent, and producing higher-quality work. Some improvement is expected because the model spec has changed since older models were trained. However, the results also show real progress in alignment. Earlier reasoning models like OpenAI o3 and GPT 5 Thinking were more compliant than non-reasoning models. The latest GPT-5 models now score in the mid- to high-80s. These results cover several recent models, including GPT-4, OpenAI O3, GPT-5 Instant, GPT-5 Thinking, GPT-5.3 Instant, and GPT-5.4 Thinking.  

  • To support these evaluations, we have created an evaluation data set with 596 prompts designed to test how models handle tone, refusals of harmful requests, explanatory questions, sensitive topics, and more.  
  • Additionally, as part of this release, we are providing open-source evaluation code so researchers can develop and reproduce our results, extend the dataset, or adapt it to their own use cases. This transparency further encourages community involvement in improving the evaluation process.  

The OpenAI model spec is meant to provide a clear, shared guide for how OpenAI models should behave. These evaluations show where current models match the specification and where improvements are still needed. They also help the research community study model behavior and give useful feedback for further improvement.  

The evaluation prompts currently cover only text-based parts of the model spec. We plan to add prompts for images and agentic settings in the future. For now, we measure those areas internally with other evaluations. The model spec covers a lot, but our current set of prompts is small compared to its full scope. This means it provides a broad, low-detail view of how well models conform to the spec. We focused on covering more areas because we already have other evaluations that examine specific cases in greater detail. In future releases, we plan to add more detailed prompts to improve this evaluation. The current examples are based on simple, everyday user scenarios, not on adversarial or tricky prompts. We aim to increase the number, variety, difficulty, and realism of prompts in future updates. Model spec evals are a living dataset that evolves as the spec changes. We plan expansions to cover the current spec. We also expect the dataset to change as we add new policies or add nuance to existing ones.  

About the Dataset 

The dataset contains 596 prompts. Each prompt is crafted to test 225 specific focus areas. These correspond to distinct clauses and policy sections in the model spec. Each focus area is a unique requirement that the models must fulfill.  

For example, one focus area is: The assistant must strive to follow all applicable instructions when producing a response, including instructions from the system, the developer, and the user, unless an instruction conflicts with one of higher authority.  

Each prompt simulates a brief conversation to specifically test one focus area involving roles such as system, developer, user, assistant, or tool. Each prompt is accompanied by a concise rubric that clarifies what constitutes compliance in that scenario.  

The rubric provides clear criteria for the grader model to assess whether a model’s response is compliant with the focus area tested by the prompt. While the model spec guides evaluation in principle, these rubrics ensure accurate, consistent scoring and reduce ambiguity.  

How We Built the Data Set 

Prompts and rubrics were written using models such as GPT-5. Each prompt and rubric was checked by a researcher for realism and accuracy. To ensure correctness, sample responses were human-labeled as compliant or not, then scored using the rubric to verify alignment. In case of disagreement, we manually review to determine if the issue is in the rubric, the grader’s interpretation, or the human label.  

How We Grade Model Adherence to the Model Spec 

To evaluate a model, we sample its response to a prompt and submit it to an automated grader (GPT-5 thinking). The grader gets the Model Spec, the conversation with the model’s response, and the rubric that explains what counts as compliance. The grader assigns a score from 1 to 7 and explains their reasoning for each response. We collect five scores from the grader, then take the median as the final score, and then convert it into a simple rating. Scores one to five indicate non-compliance, and six to seven indicate compliance.  

Early Results 

Newer models show higher Model Spec compliance. GPT-4o (72%), OpenAI o3 and GPT-5 instant (80 to 82%), GPT-5 thinking (89%), and later GPT-5 models, GPT-5.3 instant and GPT-5.4 thinking (84 to 87%).  

These overall scores should be viewed with caution because they are not adjusted for importance or how often situations occur in real use. It is more useful to compare how models score in each section of the model spec than to compare them with other models.  

In nearly all main sections, GPT-5 Thinking scored the highest. GPT-4o scored the lowest, with a difference of at least ten points. In the “Do the best work” section, the gap is almost 30 points. These improvements show the progress OpenAI has made. That progress is in instructions, safety, factual accuracy, problem-solving, creativity, and temperament.  

At the same time, we see areas where models can improve their compliance with the spec:  

  • Avoid overreaching and making decisions for the user.  
  • Present perspectives from any point on the opinion spectrum  
  • Avoid overstepping (e.g., doing more than the user asked for)  

What’s Next? 

This is the first example version of Model Spec Evals, and we expect it to change over time. Next, we plan to add more prompts to cover more situations, such as multimodal instructions, tool use, longer conversations, and adversarial settings. We will also keep the dataset up to date as the model spec changes.  

We hope these evaluations make it clear where our models meet the model spec and where they need improvement. We welcome feedback from developers, researchers, and the community. We look forward to working on this together. 

SourceIntroducing Model Spec Evals 

Google DeepMind Releases Agent Safety Benchmark For Enterprises

Google DeepMind has launched new safety benchmarks and methods to help assess and improve the security of AI agents in business settings. These efforts target emerging risks such as unauthorized access, data breaches, and agents failing to follow safety rules as they become more advanced.  

Key Developments in Agent Safety 

  • ClawsBench (April 2026): Researchers created ClawsBench to test LLM productivity agents in realistic mock environments like Gmail, Slack, and Drive. The benchmark uses structured tasks to separate score safety and performance and penalizes harmful actions.  
  • Frontier Safety Framework (February 2025): DeepMind updated its Frontier Safety framework to help spot, assess, and reduce serious risks from advanced AI agents, such as cyber threats and malicious use.  
  • Intelligent delegation research (February 2026): DeepMind researchers argue that agent delegation (assigning tasks to AI agents) is a governance challenge. Instead of just splitting tasks, their framework entails giving agents limited authority and adding checks and monitoring to handle failures among multiple agents.  
  • Similarly, the CodeMender AI agent (October 2025) is a security-focused AI agent that automatically fixes software vulnerabilities. It runs continuously in business environments to help reduce security risks.  

Enterprise Focus 

Collectively, these new safety measures support the move toward agent-based workflows in which AI agents interact with company data tools and third-party APIs. The aim is to ensure their actions are reliable and auditable rather than unpredictable.  

  • Key security areas: the benchmarks assess how well agents handle adversarial prompts (malicious or misleading inputs intended to trick AI), workflow interruptions (unexpected stops or changes in a process), and containment or sandboxing rules (keeping AI within controlled computing environments).  
  • System-level security: Researchers highlight a shift-left approach that involves identifying and addressing security issues earlier in the development process. They use dedicated interpreters, such as the Camel system (a specialized program for controlling how data moves between different parts of a system), to enforce data flow policies rather than relying solely on language models (LLMs) ‘ native safety features.  

This change comes as the 2026 AI market is under more scrutiny, with reports of rogue agents trying to bypass safety measures. As a result, uniform safety testing for businesses is now essential.  

Google DeepMind published an updated version of its Frontier Safety Framework on Tuesday, outlining ways it intended to address potential dangers caused by future artificial intelligence models.  

The new framework, announced before an international AI summit in Paris next week, introduces techniques to address theoretical issues, such as models that could deceive people into giving up control over technology.  

We sit at the forefront of capabilities development, so we have to be at the forefront of safety responsibility as well. Tom Lue, Google DeepMind’s general counsel and head of governance, said in an interview with Semafor.  

The framework also adds new guidelines for handling AI security risks and updates procedures for addressing misuse of these models.  

Google DeepMind released the first version of its framework in May last year. Since then, the AI landscape has changed.  

For example, most safety research a year ago focused on AI models during their initial creation, the pre-training phase. Regulations like California’s SB 1047 tried to limit models based on their pre-training size.  

However, in the past six months, researchers have found ways to boost AI model capacity using the inference phase (when the model is actually used to make predictions or generate text). Running models multiple times to improve answers makes them much more effective.  

For example, the DeepSeek R1 model would not have been covered by safety bills like SB 1047, which California Governor Gavin Newsom vetoed despite its very powerful nature. This is because most of its abilities come from inference rather than its initial training size.  

What you’re seeing with these new test time and inference models is a different type of capability that’s emerging, Liu said. That’s that, plus the fact that we are now going to see the emergence of giants, increased tool use, and the ability to delegate more activities, means the suite of responsibility, risk evaluations, and mitigations, of course, has to evolve.  

Helen King, DeepMind’s senior director of responsibility, said, “The changing AI landscape brings some positive news for safety.  

New “Reasoning models such as OpenAI’s o1 and o3 and DeepSeek’s R1 could help us better understand how these models work. “It’s sort of like in a school exam when you have to explain your thinking,” King said.  

The past year of AI development has shown that AI safety is still in its early stages. Any law passed now will likely become outdated soon.  

Google DeepMind’s approach, like that of other top AI companies, is to continually update its framework to keep pace with the industry’s rapid changes.   

Many “experts” predicted an AI disaster by now, but it hasn’t happened yet. This doesn’t mean it won’t, but it suggests AI is advancing slowly enough for the industry to address safety concerns.  

Deceptive AI models may sound alarming, but they aren’t something to worry about too much. The good news is that many people, including the companies building AI, are taking safety seriously.

SourceGoogle releases new AI safety framework 

Microsoft Expands Copilot Offering For Small Business Adoption

Microsoft has expanded its Copilot tools for small and medium-sized businesses, making AI more accessible, secure, and affordable.  

Here are the main highlights from Microsoft’s recent announcements about this expansion.  

  • Launch of Microsoft 365 Copilot Business: A new dedicated SKU for SMBs designed for organizations with fewer than 300 users.  
  • Firms can now purchase 1-299 seats of Microsoft Copilot Business for $21 per user per month, with promotional discounts available. Alternatively, for Microsoft 365 Copilot, pricing is $30 per user each month, or £24.7 per user with an annual commitment (excluding VAT).  
  • Copilot AI features integrate directly with Word, Excel, PowerPoint, Outlook, and Microsoft Teams.  
  • Copilot adheres to Microsoft 365’s security, privacy, and compliance standards, ensuring your data remains protected.  
  • A Copilot business subscription includes Copilot Studio, which lets you create custom agents to automate tasks.  
  • Microsoft is offering discounted prices until June 30, 2026. There are also bundles that combine Microsoft 365 Business Standard or Premium with Copilot.  

Targeted Benefits for SMBs: 

  • Save time by automating document, email, and report creation.  
  • Organizations can streamline the onboarding of new employees and manage recruitment processes more efficiently.  
  • Copilot generates responses tailored to each organization’s data, rather than generic answers.  

Partners and cloud solution providers can now help deliver these AI solutions, giving support with adoption and technical setup through special kits and training.  

Microsoft has made Microsoft 365 Copilot available to businesses of all sizes by removing the previous minimum requirement of 300 seats. Now, there is no seat minimum, allowing even the smallest organizations to access Copilot’s advanced language models and leverage their organization’s data in Microsoft 365 apps to work smarter and boost efficiency.  

This change is a big step towards making productivity AI solutions more accessible to organizations of any size.  

Copilot is an AI tool that uses large language models and your organization’s data in Microsoft 365 apps to help you work smarter and more efficiently. It used to be available only to enterprise customers with at least 300 licenses, but now it’s open to businesses of all sizes.  

Key Announcements 

General availability of Copilot for businesses of all sizes.  

  • Copilot for Microsoft 365 is available for small and medium-sized businesses using Microsoft 365 Business Premium or Business Standard.  
  • Microsoft 365 Copilot business is available for $21 per user per month with promotional discounts. Microsoft 365 Copilot is also available at $30 per user per month or £24.70 per user per year (excluding VAT) for 1-299 seats.  

No minimum purchase requirement  

  • There is no longer a 300-seat minimum for commercial planes.  
  • Copilot is now available for Office 365 E3 and E5 customers, even if you don’t have a Microsoft 365 license.  

Inclusion in the Microsoft CSP program  

  • Commercial customers can now buy Copilot for Microsoft through Microsoft’s cloud solution provider partners.  

Expanded availability of Copilot for education  

  • Microsoft has also made Copilot for Microsoft 365 available to education faculty and staff. 

SourceMicrosoft News 

TSMC Arizona Fab Reaches Production Efficiency Milestones

By December 23, 2025, global semiconductor manufacturing is at a major turning point. Taiwan Semiconductor Manufacturing Company (NYSE: TSMC), the world’s top contract chipmaker, has sped up its plans for the large Fab21 complex in Phoenix, Arizona. Phase one is already producing large volumes of 4 nm and 5 nm chips, and the company has started installing equipment and preparing clean rooms for phase two, which will make 3 nm chips. This progress is a big win for the US effort to bring key technology back home and strengthen the supply chain for future artificial intelligence.  

The acceleration at the Arizona site, which previously faced labor issues and construction delays, marks a turning point for the American “Silicon Desert”. It not only demonstrates renewed confidence but also sets the stage for the next technical leap by moving up the 3nm production timeline to 2027, a year earlier than expected. TSMC is meeting strong demand from US tech companies seeking to protect their AI hardware from risks in the Pacific region.  

Technical Milestones and the 92% Yield Breakthrough 

Fab 21’s achievements have silenced early doubters about US advanced manufacturing. TSMC reported that its Arizona Phase 1 facility achieved a 92% yield rate in 4nm production, about 4 points higher than similar sites in Taiwan. This success stems from digital twin technology enabling virtual process optimization before real-world implementations.  

Phase two’s shift to 3 NM technology advances both transistor density and energy efficiency. The 3 NM process offers up to 15% higher speeds at the same power or 30% lower power at the same speed compared to 5 NM chips. By December 2025, phase two’s building was complete, and interior installation for clean rooms and equipment was progressing rapidly. EUV lithography machines are set to arrive in early 2026 for 2027 production.  

A Windfall for AI Giants End-to-End Supply Chain 

Accelerated 3 nm output in Arizona benefits large AI companies. Apple, Nvidia, and AMD have reserved most of Fab 21’s capacity. For Nvidia, domestic production reduces shipping risks associated with the Taiwan Strait. Amkor Technology is constructing a $7 billion advanced packaging facility in Peoria, Arizona, contributing to the supply chain.  

TSMC and Amkor’s partnership will enable the US supply chain to produce AI chips from fabrication through advanced packaging. Previously, US-made chips still needed to be shipped to Taiwan for packaging, creating risks. With local packaging, firms like Nvidia and AMD can achieve faster, more secure North American supply chains for AI.  

The Geopolitical Significance of the Silicon Desert 

TSMC’s Arizona expansion is extremely important. It is the highlight of the US Chips and Science Act, which gave TSMC 6.6 billion dollars in grants and up to 5 billion dollars in loans. By late 2025, the US Department of Commerce had released several rounds of this funding, noting TSMC’s strong technical progress. This puts the US in a better position against global competitors such as Samsung (KRX:005930) and Intel (Nasdaq:INTC), which are also working to launch advanced chip technologies.  

This shift toward geographic decoupling is a direct answer to rising tensions in the South China Sea. By building a gigafab cluster in Arizona, expected to include six fabs and $165 billion in investment, TSMC is creating a secure backup to its Taiwan operations. This move has changed the global semiconductor industry, bringing high-end manufacturing closer to Silicon Valley’s software and design centers.  

Looking Ahead: The Road to 2nm and Beyond 

TSMC’s Arizona ambitions extend well into the future,d beyond current achievements. In April 2025, construction began on phase three,which will eventually produce advanced 2 nm and 1.6 nm chips needed for the next generation of AI models requiring greater power and efficiency. According to projections, by 2030, Arizona could match the capabilities of TSMC’s Fab 18 in Tainan, delivering the world’s most advanced chips.  

Challenges remain, mainly a shortage of specialized talent to run automated fabs. The 92% yield shows early staffing problems are mostly solved, but expansion from two to six fabs over five years will require more engineers and technicians. Adding advanced packaging on-site will require TSMC and partners to work closely together. Accelerated 3nm equipment installation and high yields have turned the Silicon Desert from ambition to reality. This is a vital safeguard for US AI and national security.  

As the next phase takes shape, anticipation continues to grow. In 2026, attention will focus on the arrival of EUV tools for phase two and progress on phase three. Supported by the Chips Act and major technology partners, TSMC Arizona sets a benchmark for domestic advanced chip manufacturing.

SourceTSMC Arizona’s 3nm Acceleration: Bringing Advanced Manufacturing to US Soil