Reading view

Private health records of half a million Britons offered for sale on Chinese website

Technology minister tells Commons ‘de-identified’ information from UK Biobank advertised for sale on Alibaba

The confidential health records of half a million British volunteers have been offered for sale on Chinese website Alibaba, the UK government has confirmed.

The “de-identified” data, belonging to participants in the UK Biobank project, was found for sale on three separate listings last week. Ian Murray, the technology minister, told the Commons on Thursday that, after working with the Chinese government and Alibaba, the records had now been removed. It is not believed any sales were made.

Continue reading...

© Photograph: Dave Guttridge/UK Biobank/PA

© Photograph: Dave Guttridge/UK Biobank/PA

© Photograph: Dave Guttridge/UK Biobank/PA

  •  

A technical walkthrough of multicloud full-stack security using AWS Security Hub Extended

Building on our recent announcement of AWS Security Hub Extended —our full-stack enterprise security offering — we want to show you how we’re simplifying security procurement and operations for your multicloud environments. Whether you’re a security architect evaluating solutions or a CISO looking to streamline vendor management, this post walks through the streamlined experience that transforms how you acquire, deploy, and manage end-to-end enterprise security solutions across endpoint, identity, email, network, data, browser, cloud, AI, and security operations. Security Hub Extended brings together AWS security services with carefully curated security partners. Delivering better outcomes together through unified procurement, billing, and operations that significantly reduce vendor management overhead so you can focus on what matters most: protecting your organization.

The challenge we’re addressing

Security teams today spend too much time on vendor management, evaluating services, negotiating contracts, and managing multiple billing cycles instead of focusing on what matters most: managing risk. But the procurement challenge runs even deeper. Until now, customers really only had one option: sign multi-year agreements based solely on proof-of-concept testing and estimated annual usage. This forces organizations to commit budget before they can validate whether a solution will work for them at scale.

AWS Security Hub Extended transforms this procurement model. Security Hub Extended offers customers the option to get started with pay-as-you-go pricing and no commitments, so they can move fast and validate solutions in their actual environment. After they’ve confirmed a solution works at scale, they can then align their vendor strategy and sign longer-term commitments for even more favorable pricing.

Security Hub Extended provides a curated set of carefully chosen partner solutions with competitive pricing, unified billing through your AWS account, and seamless integration. Our initial launch partners, selected by customers for their proven value, include 7AI, Britive, CrowdStrike, Cyera, Island, Noma, Okta, Oligo, Opti, Proofpoint, SailPoint, Splunk, Upwind, and Zscaler.

Getting started with Security Hub Extended

AWS Security Hub consolidates threat analytics from Amazon GuardDuty, vulnerability management from Amazon Inspector, and sensitive data discovery from Amazon Macie, correlating these signals with Security Hub Exposure findings to determine overall risk, reachability, and assumability. Security Hub Extended builds on this foundation by adding curated partner solutions, extending these unified security operations across your entire organization including multicloud, on-premises, and endpoint environments. If you’re already using Security Hub, you can navigate directly to the Extended plan section.

Getting started with Security Hub is straightforward. From the AWS Management Console, search for Security Hub to start the onboarding walkthrough. If you’re not already a Security Hub customer, you can quickly complete onboarding by designating an AWS organization delegated administrator (DA) account. You can then centrally enable and manage Security Hub across your entire organization’s accounts and AWS Regions from a single location (see Introduction to AWS Security Hub). After you’ve onboarded, navigate to the Extended plan section to add curated partner solutions.

Figure 1- Security Hub centralized configuration

Figure 1: Security Hub centralized configuration

From this single interface, you can enable detection and response capabilities across your entire organization, provide granular configurations at the organizational unit or member account level, select specific Regions, and turn individual features on or off as needed.

Understanding risk through attack paths

The Security Hub risk correlation engine identifies potential exposures by correlating threats, vulnerabilities, and misconfigurations to reveal how they connect and could lead to compromise of critical resources.

Figure 2 - Security Hub exposure attack path visualization

Figure 2: Security Hub exposure attack path visualization

The attack path visualization in the preceding figure reveals critical insights including upstream root causes and blast radius, showing the potential impact if a threat actor exploits a vulnerability. You can use this visualization to focus on fixing the root cause rather than addressing symptoms. For example, updating one security group configuration can eliminate the entire attack path, cutting off all downstream exposure.

Accessing Security Hub Extended

You can find Security Hub Extended, shown in the following figure, in the left navigation pane under Management in your Security Hub delegated administrator (DA) account; Security Hub Extended will only be visible from the delegated administrator account. The Extended plan brings curated third-party security solutions directly into the Security Hub experience. Because Extended is built into Security Hub, there’s no separate console to manage. You discover, subscribe to, and operate curated partner solutions from the same place you manage enterprise security, delivering unified operations across your entire security estate.

Figure 3- Security Hub Extended partners

Figure 3: Security Hub Extended partners



Transparent, competitive pricing consolidated with Security Hub

Unlike traditional third-party engagements that require lengthy negotiations, private pricing deals, and multi-year commitments, Security Hub Extended offers complete pricing transparency. Every partner solution displays clear, competitive monthly pay-as-you-go rates billed directly with Security Hub requiring no commitments. For example, Cloud Security from Upwind costs $3.75 per resource per month, and Identity Security from Okta costs $20 per user per month.

All Security Hub Extended offerings are also eligible for AWS Enterprise Discount Program (EDP) discounts that will be applied automatically. If you have an existing AWS enterprise discount agreement, those discounts automatically apply to Security Hub Extended offerings, further reducing your effective costs. All partner solutions you deploy through Security Hub Extended appear on your consolidated AWS bill, no separate invoices or payment processes.

Streamlined onboarding

Adopting curated partner solutions through Security Hub Extended is straightforward. Choose View Product to initiate an automated workflow. Depending on the solution, you’ll either be directed to the partner onboarding console or provide information for the partner to guide you through their onboarding process tailored to your environment.

Billing begins only after you’re fully activated on the partner solution and starts automatically, no additional action is required to benefit from the unified billing. If you’re already using one of the curated partner solutions, transitioning to Security Hub Extended for consolidated billing and flexible pricing won’t disrupt your current services. Now, instead of receiving separate invoices for each partner in addition to Amazon Inspector, GuardDuty, and Security Hub CSPM you get one unified bill through Security Hub. This consolidates visibility to support better understanding of spend and to manage cost.

Unified operations

Security Hub Extended unifies security operations by consolidating findings from AWS and curated partner solutions. All findings use the Open Cybersecurity Schema Framework (OCSF) for consistency, without the need for complex data normalization, transformation, and extract, transform, and load (ETL) processes.

When you deploy solutions such as CrowdStrike, Noma, and Upwind alongside Splunk and 7AI through Security Hub Extended, security findings automatically flow into Security Hub and then seamlessly route to Splunk and 7AI. All in OCSF format so your security team can focus on responding to threats, not managing pipelines, so you can quickly identify and respond to security risks that span boundaries—from endpoint compromises to cloud infrastructure—without spending valuable time on manual integration work.

The full-stack security vision

Security Hub Extended represents a shift in how you discover, procure, and build comprehensive security programs. Instead of managing dozens of vendor relationships, negotiating separate contracts, agreeing to multi-year annual commitments, and integrating disparate tools, you now have one procurement process through AWS, one bill with transparent competitive pay-as-you-go pricing, one console for unified security operations, one support channel for AWS Enterprise Support customers, and one schema (OCSF) for all security findings. The result: reduced security risk, improved team productivity, and a more unified approach to security operations across your enterprise.

Get started

Try Security Hub Extended today and experience how simplified procurement and unified operations can transform your security program. Security Hub Extended is generally available globally in all AWS commercial Regions where Security Hub is available. We’ve also published a walk through video to further explain how Security Hub Extended works.

It’s still Day 1, but we’re iterating fast, so share your feedback with us on AWS re:Post for Security Hub or through your AWS Support contacts and watch for future blog posts on our progress.


Matt Meck

Matt Meck

Matt is a Worldwide Security Specialist at Amazon Web Services, based in New York, with 10 years of experience in the tech industry. For the past 4 years at AWS, he’s focused on Detection and Response, helping solve complex security challenges in the rapidly evolving security space. He works closely with product teams, customers, partners, and field teams to deliver effective security solutions.

 

Michael Fuller

Michael Fuller

Michael has been with AWS for 16 years and led product for AWS Security Services for 11 years. Michael has 29 years in the industry and held several roles in product management, business development, and software development for IBM, Cisco, and Amazon. Michael has a Bachelor’s of Science in Computer Engineering from the University of Arizona and an MBA from the University of Washington.

 

  •  

Palo Alto Networks and Google Cloud

Expand Strategic Collaboration to Secure the AI Enterprise

The transition from generative AI to agentic AI represents one of the most significant shifts in the history of enterprise technology. As organizations move from simple chatbots to autonomous agents that can execute business processes, the attack surface isn't just changing, it's exploding.

At Google Cloud Next 2026 in Las Vegas, Palo Alto Networks is proud to announce a series of groundbreaking integrations with Google Cloud. These innovations are designed to do more than just monitor the new AI-driven landscape; they are built to secure it by design. AI deployment is currently outpacing AI governance. By embedding our security platform into Google Cloud’s infrastructure, we are giving today’s enterprises the foundation to become the autonomous organizations of tomorrow.

Here is a look at the four major milestones of our partnership being unveiled this week.

Secure AI Agents with Google Cloud + Prisma AIRS

As autonomous AI agents become the new enterprise standard, security can no longer be an afterthought; it must be architectural. By integrating Prisma AIRS™ natively with Google Cloud Gemini Enterprise Agent Platform, we provide the proactive defenses required to govern complex agentic workflows. This integration ensures that as you scale your autonomous workforce, your security scales with it, providing comprehensive operational integrity without hindering the speed of innovation.

We are delivering capabilities across three critical pillars:

  • Protecting Agent-Specific Runtime Risks: In an agentic ecosystem, the primary risk is unauthorized or a destructive action taken by the AI agents themselves. Prisma AIRS secures the "agent-to-tool" interface, preventing poisoned context from triggering malicious scripts or destructive actions. The solution monitors agent execution in real-time, so agents cannot leak sensitive credentials or tool schemas, maintaining the boundary between agents and their access to enterprise data.
  • Securing the GenAI Application Surface: Modern AI applications and agents require a secure-by-design approach. Prisma AIRS AI Runtime Security™ provides prevention of more than 30 adversarial prompt injection and jailbreak techniques, as well as malicious code and URLs within LLM outputs. Prisma AIRS utilizes over 1,000 predefined patterns out of the box and ML-powered Enterprise DLP to stop sensitive data leakage.
  • Enforcing Enterprise AI Safety and Grounding: Trust in AI is built on the consistency and safety of its output. Prisma AIRS allows organizations to define safety policies in natural language and filter toxic content across eight distinct categories to protect brand reputation. Using contextual grounding, Prisma AIRS can prevent misleading outputs that contradict internal RAG data, keeping agents tied to real facts.

This integration ensures that as you scale your autonomous workforce, your security posture scales with it, providing operational integrity without hindering the speed of innovation.

Security-as-Code for Prisma AIRS Integration with Application Design Center (ADC)

The traditional bolt-on approach to security is no longer viable in a cloud-first world. Google Cloud’s Application Design Center (ADC) is revolutionizing how applications are built, using an intuitive canvas and natural language via Gemini Code Assist.

Palo Alto Networks is announcing that it will be published as a template within the Application Design Center, providing more capabilities to engineering teams:

  • Drag-and-Drop Security – Visually "snap" VM-Series firewalls and Prisma AIRS AI protections directly into network flows.
  • AI-Driven Architecture – Use natural language prompts to generate secure-by-default, multiregion architectures.
  • Simultaneous Deployment – Deploy entire application stacks and security services in a single, unified workflow, ensuring protection is present from the very first minute of deployment.

Zero-Day Protection at Scale with Advanced Malware Sandboxing for Google Cloud NGFW Enterprise

The battle against malware has shifted to the cloud. Modern attacks are faster, more evasive and capable of bypassing traditional defenses.

That is why we are excited to announce Advanced WildFire®, powered by Palo Alto Networks, natively integrated into Google Cloud NGFW Enterprise, delivering AI-driven malware prevention directly within Google Cloud environments.

This integration embeds inline sandboxing and real-time threat intelligence directly into Google Cloud’s distributed firewall to stop advanced and unknown threats before they impact workloads, enabling:

  • Secure Detonation – Suspicious files are safely executed in a controlled sandbox environment to uncover hidden and unknown threats.
  • Inline Traffic Inspection – Inbound and outbound traffic is analyzed in real time to prevent lateral movement of malicious payloads across cloud environments.
  • AI-Driven Threat Prevention – Leverages global threat intelligence by Palo Alto Networks to block zero-day threats before they compromise workloads.

With Advanced WildFire embedded directly into Google Cloud NGFW Enterprise, organizations can extend consistent protection across their cloud infrastructure while maintaining operational simplicity.

Cloud NGFW Enterprise Advanced Malware Sandboxing will be available in Public Preview soon.

Defining the Future with the Google Cloud Marketplace

Palo Alto Networks has joined the Google Cloud Marketplace Agent-as-a-Service as a launch partner to introduce the Prisma AIRS Model Security agent. Operating as an Agent-as-a-Service, this solution scans AI models for vulnerabilities and policy noncompliance before they reach production.

Available in the Agent Gallery inside Gemini Enterprise, this marketplace offering runs entirely within the customer’s own Google Cloud environment, providing both new and existing Prisma AIRS users a seamless and simple deployment experience inside Gemini Enterprise.

Securing AI Innovation at Scale

The collaboration between Palo Alto Networks and Google Cloud is built on a shared vision: Security should be an accelerator for innovation, not a bottleneck. As we look toward the future of the AI-powered enterprise, our commitment remains to provide the most robust, platform-driven security for every workload, every agent and every interaction.

Want to see these integrations in action? Contact your Palo Alto Networks representative to learn more about how we are securing the future of the cloud together. If you’re attending Google Cloud Next 2026, join us at these sponsored sessions:

The post Palo Alto Networks and Google Cloud appeared first on Palo Alto Networks Blog.

  •  

Scaling AI Agents with Confidence

The Google Cloud and Palo Alto Networks Partnership

As AI agents move into business-critical environments, they are transforming everything from security operations to internal workflows. However, scaling these AI applications introduces unprecedented hurdles for security executives, from detecting "shadow AI" and unsanctioned usage to governing complex nonhuman identities across multimodel environments.

To overcome these challenges, organizations need more than just tools; they need a layered architecture built on a foundation of platformization. The long-standing partnership between Palo Alto Networks and Google Cloud provides this essential framework, offering customers:

  • Integrated Security Ecosystems: Seamlessly manage the full agent lifecycle with visibility and observability across your entire AI infrastructure.
  • Jointly Engineered Solutions: Leverage over 80 co-engineered integrations designed to eliminate the tradeoff between a cloud-native experience and best-in-class security.
  • Proven Scale and Performance: Benefit from a partnership that has already delivered impactful, AI-driven solutions to protect joint customers from evolving threats.

Google Cloud Marketplace enables customers to discover, try, buy and use industry-leading applications that have been validated to run on Google Cloud. Palo Alto Networks has closed $2.4 billion in GCP bookings, helping address evolving customer needs, such as simplified procurement and seamless deployment.

Kevin Ichhpurani, President, Global Partner Ecosystem at Google Cloud:

We’re pleased to celebrate Palo Alto Networks as our Global Technology Partner of the Year… Palo Alto Networks has consistently delivered impactful, AI-driven security solutions that help Google Cloud customers better protect their organizations from evolving threats.

The extensive, long-standing collaboration between Palo Alto Networks and Google Cloud includes jointly engineered offerings, built on 80 solution integrations that help customers build, run and secure AI-enhanced cloud infrastructure and applications with end-to-end protection.

Palo Alto Networks Wins 2026 Global Technology Google Cloud Partner of the Year Award

At Google Cloud Next, Palo Alto Networks has been recognized with four 2026 Google Cloud Partner of the Year awards. By partnering with Google Cloud, we help customers securely leverage the power of the cloud and AI-driven growth with comprehensive cloud-native security offerings. Wins included the following:

  • Global Technology
  • Marketplace: Technology
  • Marketplace: Security
  • Security: Artificial Intelligence

These Partner of the Year Awards underscore our expanding partnership with Google Cloud. We share a mutual dedication to improve cloud, network security and AI observability, as well as the progress we’ve made in protecting our joint customers from today’s and tomorrow’s cyberthreats.

By combining our industry-leading security engineering with Google Cloud’s industry-leading cloud infrastructure and services, we’re providing advanced protection for every stage of a customer’s digital journey. We want customers to feel secure from the formative steps of lifting workloads into the cloud, to expanding digital innovation across platforms, to reaching new levels of business scale and velocity.

Protecting these journeys requires alignment and modernization of infrastructure (lift and shift), applications (refactoring) and user access models (zero trust). It requires an advanced AI drive security operations transformation across all IT domains, leveraging machine learning and sophisticated models to minimize human interventions and unguarded sides.

Our relationship with Google Cloud is based on a deep engineering relationship, yielding integrated solutions that help customers achieve better digital outcomes. Our partnership can help your organization eliminate tradeoffs between a cloud-native experience and best-in-class security. We have more than 80 co-engineered integrations, helping to improve and protect hybrid workers, cloud migrations and application modernization efforts.

We remain committed to our goals of outpacing cyberthreats, helping customers at every stage of their cloud journey, and creating a world where tomorrow is more secure than today.

Whether you’re just beginning your cloud journey or managing complex transformational projects, our jointly engineered, AI-driven solutions are designed to deliver seamless, scalable security. Explore the dynamic partnership between Palo Alto Networks and Google Cloud. Join us at Google Cloud Next '26 in Las Vegas from April 22-24 to discover how to secure your development lifecycle from code to cloud.

The post Scaling AI Agents with Confidence appeared first on Palo Alto Networks Blog.

  •  

Experience AI-Powered Check Point Firewall at Google Cloud Next

Today’s enterprises demand Zero Trust security, everywhere. Cloud security teams require high-performance protection without the burden of managing firewalls at scale. For this reason, organizations are seeking managed network security solutions that reduce operational overhead while improving consistency, visibility, and prevention across complex multi-cloud environments. Responding to that demand, Check Point is continuing rollout of an AI-powered cloud firewall as a service now available for preview on Google Cloud, as well as Amazon Web Services (AWS) and Microsoft Azure.  There will be demos of the new firewall service at the Check Point Booth #3101 in the Google Next Solution Expo.  Check Point Cloud Firewall as a Service eliminates the complex overhead of managing firewall software infrastructure, giving busy DevOps and Security teams time to focus on policy management, compliance, and other strategic initiatives.   Continued Evolution of Cloud Firewalls  Cloud Firewall as a Service on Google Cloud marketplace delivers the power of Cloud Firewall (formerly Guard Network Security) with advanced threat prevention, AI-driven security intelligence, automated policy […]

The post Experience AI-Powered Check Point Firewall at Google Cloud Next appeared first on Check Point Blog.

  •  

Palo Alto Networks Joins DNS-OARC as a Platinum Member

Palo Alto Networks recently joined the DNS-OARC community as a Platinum Member. Together, our organizations share a commitment to advancing collaboration in research and operational excellence across the global DNS ecosystem. DNS is critical to both internet infrastructure and security, and this collaboration facilitates the sharing of real-world insights among researchers and practitioners.

Our Contribution

We help organizations secure their digital environment with a comprehensive portfolio of cybersecurity solutions spanning Network, Cloud, Security Operations, AI and Identity. Trusted by more than 70,000 customers worldwide and informed by Unit 42® Threat Intelligence, their AI-driven platforms help organizations reduce complexity, modernize with confidence, and securely enable innovation.

As a Platinum Member, our subject matter experts will actively participate in the DNS-OARC community by engaging in discussions and contributing to research on evolving DNS threats and network challenges. The growing intersection of DNS and security makes access to intelligence and experience increasingly important. It strengthens the community’s ability to respond to emerging challenges and improves resilience across the internet.

Through our participation, our customers will gain stronger protection informed by community-driven intelligence and real-world operational insight. These learnings are continuously integrated into our threat intelligence and security capabilities. Our participation signals our support for DNS-OARC’s mission of fostering open dialogue and shared learning across the DNS ecosystem. This collaboration helps bridge DNS operations with broader security practices, improving coordination between operators, researchers and security practitioners.

Our Commitment to the DNS-OARC and Global Communities

Collaboration between our organizations strengthens the connection among DNS operations and modern security practices by bringing together operational insight and a global community dedicated to advancing the internet’s resilience.

For the DNS-OARC community, our commitment enhances knowledge sharing around evolving DNS threats, large-scale network operations and practical approaches to emerging challenges.

For organizations and customers, it reinforces a stronger alignment between DNS infrastructure and security, expands access to community-driven intelligence and supports more resilient, well-informed defenses.

Tong Zhao, Senior Manager of DNS Security Engineering, Palo Alto Networks:

We recognize the critical role of DNS-OARC in DNS operations and research. The teams from Palo Alto Networks believe that our DNS-OARC membership aligns perfectly with our goals. We are eager to participate in and contribute to the DNS community.

Our partnership with the DNC-OARC highlights the value of open collaboration in helping both the community and its participants stay ahead of an increasingly complex threat landscape. To learn more about how our expertise and insights support DNS-OARC’s mission to improve the security and stability of the internet’s DNS, visit DNS-OARC.

The post Palo Alto Networks Joins DNS-OARC as a Platinum Member appeared first on Palo Alto Networks Blog.

  •  
❌