Die britische Armee setzt Videospiele wie Call of Duty zur Kampfvorbereitung ein. Bei einem E-Sports-Turnier sollen Soldaten ihr Können zeigen. (Call of Duty, Spiele)
Quelle: Golem
Google startet die Vermarktung seiner KI-gestützten Suchergebnisse und setzt damit auf einen Vorsprung gegenüber Konkurrenten wie ChatGPT. (Google, KI)
Quelle: Golem
On November 12-14, the Docker team was out in numbers at JFrog SwampUP Berlin 2025. We joined technical sessions, put on a fireside chat, and had conversations with attendees there. We’d like to thank the folks at JFrog for having us there and putting on such a great show!
Here’s our takeaways from the event about software supply chain security trends:
Software supply chain attacks reach unprecedented scale leveraging open source packages
An analysis of recent software supply chain attacks by JFrog’s CTO Asaf Karas shed light on how malicious actors leverage AI and software supply chains on their exploits. Recent attacks combine existing techniques, like phishing, in combination with AI prompts that recursively write and execute code in order to compromise hundreds of thousands of systems running popular open source packages. A few examples include Shai Hulud, Red Donkey, and the recent NPM package phishing attack. So far, despite these attacks’ scale, damages have been limited due to the still rudimentary nature of these exploits. Expect more software supply chain attacks as well as more sophistication in the coming year.
New Roles of Governance as a Security Layer
The best way to avoid software supply chain attacks is to not have malicious code entering software supply chains in the first place. That’s where governance comes into play. Taking control of gate points during the software development lifecycle, for example during dependency scanning, build pipelines, and deployments is not enough. It is necessary to block malicious or risky code before it enters the software supply chain. Not only that, but also tools need increased interoperability to detect all potential attack vectors.
Addressing MCP Challenges in AI Development
MCP’s ability to leverage both deterministic and non-deterministic outcomes by connecting an LLM client to many different servers seems to be the main reasons companies are betting on the technology to build applications that deliver value to customers. Moreover, because each server can run independently from one another, it becomes possible to add governance layers on MCP servers, reducing risks of hallucination or unexpected results. Overall, we agree with JFrog’s assessment and look forward to opportunities where Docker and JFrog MCP technologies can work together for a safer and smoother enterprise AI developer experience.
Building on Strong Open Source Foundations Is Core in the AI Era
The fireside chat between Gal Marder, JFrog’s Chief Strategy Officer, and Michael Donovan, Docker’s VP of Product, explored how organizations can protect themselves from risks in unverified open source dependencies. They emphasized the importance of starting with strong foundations: using hardened images, maintaining them throughout their lifecycle, including those that have reached end of life, and ensuring visibility and governance across every stage. Strong third-party integrations are essential to manage this complexity effectively and extend security and trust from development to delivery.
Conclusion: Build strong foundations, keep it consistent, stay ahead
Software development is changing fast as AI becomes part of everyone’s workflow, developers and attackers alike. The best way to stay ahead is to build protection early by starting with strong foundations and keep it consistent across every stage with governance, visibility, and strong partnerships. Only then can teams innovate with confidence and speed as the landscape evolves. Exciting times!
Learn more
Subscribe to the Docker Navigator Newsletter
Explore the MCP Catalog: Discover containerized, security-hardened MCP servers
Explore the DHI Catalog: Discover secure, minimal, production-ready container images
Docker Partner Programs: Discover trusted partners, tools, and integrations
New to Docker? Create an account
Have questions? The Docker community is here to help
Quelle: https://blog.docker.com/feed/
Amazon EC2 Image Builder now supports automatic versioning for recipes and automatic build version incrementing for components, reducing the overhead of managing versions manually. This enables you to increment versions automatically and dynamically reference the latest compatible versions in your pipelines without manual updates. With automatic versioning, you no longer need to manually track and increment version numbers when creating new versions of your recipes. You can simply place a single ‘x’ placeholder in any position of the version number, and Image Builder detects the latest existing version and automatically increments that position. For components, Image Builder automatically increments the build version when you create a component with the same name and semantic version. When referencing resources in your configurations, wildcard patterns automatically resolve to the highest available version matching the specified pattern, ensuring your pipelines always use the latest versions. Auto-versioning is available in all AWS regions including AWS China (Beijing) Region, operated by Sinnet, AWS China (Ningxia) Region, operated by NWCD, and AWS GovCloud (US) Regions. You can get started from the EC2 Image Builder Console, CLI, API, CloudFormation, or CDK. Refer to documentation to learn more about recipes, components and semantic versioning.
Quelle: aws.amazon.com
AWS Device Farm enables mobile and web developers to test their apps using real mobile devices and desktop browsers. Starting today, you can connect to a fully managed Appium endpoint using only a few lines of code and run interactive tests on multiple physical devices directly from your IDE or local machine. This feature also seamlessly works with third-party tools such as Appium Inspector — both hosted and local versions — for all actions including element inspection.
Support for live video and log streaming enables you to get faster test feedback within your local workflow. It complements our existing server-side execution which gives you the scale and control to run secure enterprise-grade workloads. Taken together, Device Farm now offers you the ability to author, inspect, debug, test, and release mobile apps faster, whether from your IDE, AWS Console, or other environments.
To learn more, see Appium Testing in AWS Device Farm Developer Guide.
Quelle: aws.amazon.com
Today, AWS Payments Cryptography announces support for hybrid post-quantum (PQ) TLS to secure API calls. With this launch, customers can future-proof transmissions of sensitive data and commands using ML-KEM post-quantum cryptography. Enterprises operating highly regulated workloads wish to reduce post-quantum risks from “harvest now, decrypt later”. Long-lived data-in-transit can be recorded today, then decrypted in the future when a sufficiently capable quantum computer becomes available. With today’s launch, AWS Payment Cryptography joins data protection services such as AWS Key Management Service (KMS) in addressing this concern by supporting PQ-TLS. To get started, simply ensure that your application depends on a version of AWS SDK or browser that supports PQ-TLS. For detailed guidance by language and platform, visit the PQ-TLS enablement documentation. Customers can also validate that ML-KEM was used to secure the TLS session for an API call by reviewing tlsDetails for the corresponding CloudTrail event in the console or a configured CloudTrail trail. These capabilities are generally available in all AWS Regions at no added cost. To get started with PQ-TLS and Payment Cyptography, see our post-quantum TLS guide. For more information about PQC at AWS, please see PQC shared responsibility.
Quelle: aws.amazon.com
Amazon SageMaker now supports Amazon Athena for Apache Spark, bringing a new notebook experience and fast serverless Spark experience together within a unified workspace. Now, data engineers, analysts, and data scientists can easily query data, run Python code, develop jobs, train models, visualize data, and work with AI from one place, with no infrastructure to manage and second-level billing. Athena for Apache Spark scales in seconds to support any workload, from interactive queries to petabyte-scale jobs. Athena for Apache Spark now runs on Spark 3.5.6, the same high-performance Spark engine available across AWS, optimized for open table formats including Apache Iceberg and Delta Lake. It brings you new debugging features, real-time monitoring in the Spark UI, and secure interactive cluster communication through Spark Connect. As you use these capabilities to work with your data, Athena for Spark now enforces table-level access controls defined in AWS Lake Formation.
Athena for Apache Spark is now available with Amazon SageMaker notebooks in US East (Ohio), US East (N. Virginia), US West (Oregon), Europe (Ireland), Europe (Frankfurt), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), and Asia Pacific (Sydney). To learn more, visit Apache Spark engine version 3.5, read the AWS News Blog or visit Amazon SageMaker documentation. Visit the Getting Started guide to try it from Amazon SageMaker notebooks.
Quelle: aws.amazon.com
Amazon EMR Serverless now supports Apache Spark 4.0.1 (preview). With Spark 4.0.1, you can build and maintain data pipelines more easily with ANSI SQL and VARIANT data types, strengthen compliance and governance frameworks with Apache Iceberg v3 table format, and deploy new real-time applications faster with enhanced streaming capabilities. This enables your teams to reduce technical debt and iterate more quickly, while ensuring data accuracy and consistency. With Spark 4.0.1, you can build data pipelines with standard ANSI SQL, making it accessible to a larger set of users who don’t know programming languages like Python or Scala. Spark 4.0.1 natively supports JSON and semi-structured data through VARIANT data types, providing flexibility for handling diverse data formats. You can strengthen compliance and governance through Apache Iceberg v3 table format, which provides transaction guarantees and tracks how your data changes over time, creating the audit trails you need for regulatory requirements. You can deploy real-time applications faster with improved streaming controls that let you manage complex stateful operations and monitor streaming jobs more easily. With this capability, you can support use cases like fraud detection and real-time personalization. Apache Spark 4.0.1 is available in preview in all regions where EMR Serverless is available, excluding China and AWS GovCloud (US) regions. To learn more about Apache Spark 4.0.1 on Amazon EMR, visit the Amazon EMR Serverless release notes, or get started by creating an EMR application with Spark 4.0.1 from the AWS Management Console.
Quelle: aws.amazon.com
Die Entwicklung von Windows 1.0 wurde von Schreiduellen und Bill Gates’ Ego geplagt. Kein Wunder, dass es um Jahre verschoben wurde. Von Oliver Nickel (Windows, Microsoft)
Quelle: Golem
Innovation in AI is about empowering every developer and organization with the freedom to choose the right intelligence for every challenge. In today’s landscape, where business needs span from real-time chatbots to deep research agents, model choice is an essential engine of progress.
Microsoft Foundry already offers the widest selection of models of any cloud and with today’s partnership announcement with Anthropic, we’re proud that Azure is now the only cloud providing access to both Claude and GPT frontier models to customers on one platform. This milestone expands Foundry further into what it was built to be: a single place to use any model, any framework, and every enterprise control you need to build and run AI apps and agents at scale.
“We’re excited to use Anthropic Claude models from Microsoft Foundry. Having Claude’s advanced reasoning alongside GPT models in one platform gives us flexibility to build scalable, enterprise-grade workflows that move far beyond prototypes.” — Michele Catasta, President, Replit
Start building with Claude in Microsoft Foundry today
Meet the Claude models: AI that delivers real results
According to Anthropic, Claude models are engineered for the realities of enterprise development, from tight integration with productivity tools to deep, multi-document research and agentic software development across large repositories.
Model
Strengths
Ideal use cases
Claude Haiku 4.5
Fastest, most cost-efficient
Powering free tier user experiences, real-time experiences, coding sub-agents, financial sub-agents, research sub-agents, business tasks
Claude Sonnet 4.5
Smartest model for complex agents and coding
Long-running agents, coding, cybersecurity, financial analysis, computer use, research
Claude Opus 4.1
Exceptional model for specialized reasoning tasks
Advanced coding, long-horizon tasks and complex problem solving, AI agents, agentic search and research, content creation
All Claude models are built on Constitutional AI for safety and can now be deployed through Foundry with governance, observability, and rapid integration. This enables secure use cases like customer support agents, coding agents, and research copilots: making Claude an ideal choice for scalable, trustworthy AI.
Evolving from monolithic apps to intelligent agents
Across the tech landscape, organizations are embracing agentic AI systems. Early studies show AI agents can help boost efficiency by up to 30% for teams and stakeholders. But the challenge for most enterprises isn’t building powerful apps; it’s operationalizing them and weaving them into real workflows. Industry surveys point to a clear pattern. 78% percent of executives say the primary barrier to scaling AI impact is integrating it into core business processes.
Microsoft is uniquely positioned to address this integration gap. With Foundry, we’re bringing together leading-edge reasoning models, an open platform for innovation, and Responsible AI all within a unified environment. This empowers organizations to experiment, iterate, deploy, and scale AI with confidence, all backed by robust governance and security. This means building AI solutions that are not only powerful, but practical and ready to deliver impact at scale.
“Manus deeply utilizes Anthropic’s Claude models because of their strong capabilities in coding and long-horizon task planning, together with their prowess to handle agentic tasks. We are very excited to be using them now on Azure AI Foundry!” — Tao Zhang, Co-founder & Chief Product Officer, Manus AI.
Claude in Foundry Agent Service: From reasoning to results
Inside Foundry Agent Service, Claude models serve as the reasoning core behind intelligent, goal-driven agents. Developers can:
Plan multi-step workflows: Leverage Claude in Foundry Agent Service to orchestrate complex, multi-stage tasks with structured reasoning and long-context understanding
Streamline AI integration with your everyday productivity tools: Use the Model Context Protocol (MCP) to seamlessly connect Claude to data fetchers, pipelines, and external APIs, enabling dynamic actions across your stack.
Automate data operations: Upload files for Claude to summarize, classify, or extract insights to accelerate document-driven processes with robust AI.
Real-time model selection: Using the model router, customers can soon automatically route requests to Claude Opus 4.1, Sonnet 4.5, and Haiku 4.5. Lowering latency and delivering cost savings in production.
Govern and operate your fleet: Foundry offers unified controls and oversight, allowing developers to operate their entire agent fleet with clear insight into cost, performance, and behavior in one connected view.
Developers can also use Claude models in Microsoft Foundry with Claude Code, Anthropic’s AI coding agent.
These capabilities create a framework for AI agents to safely execute complex workflows with minimal human involvement. For example, if a deployment fails, Claude can query Azure DevOps logs, diagnose the root cause, recommend a fix, and trigger a patch deployment all automatically, using registered tools and operating within governed Azure workflows.
Claude Skills: Modular intelligence you can compose
With the Claude API, developers can define skills modular building blocks that combine:
Natural-language instructions,
Optional Python or Bash code, and
Linked data files (templates, visual assets, tabular data, etc.), or APIs
Each skill is dynamically discovered, maximizing your agent’s context. Skills automate a workflow like generating reports, cleaning datasets, or assembling PowerPoint summaries and can be reused or chained with others to form larger automations. Within Microsoft Foundry, every Skill is governed, tracible, and version-controlled, ensuring reliability across teams and projects.
These capabilities allow developers to create Skills that become reusable building blocks for intelligent automation. For example, instead of embedding complex logic in prompts, a Skill can teach Claude how to interact with a system, execute code, analyze data, or transform content and through the Model Context Protocol (MCP), those Skills can be invoked by any agent as part of a larger workflow. This makes it easier to standardize expertise, ensure consistency, and scale automation across teams and applications.
Custom Deep Research: Context that connects beyond a single prompt
Claude’s Deep Research capability extends model reasoning beyond static queries. It allows agents to gather information from live sources, compare it with internal enterprise data, and produce well-reasoned, source-grounded insights. This transforms agents from simple responders into analytical systems capable of synthesizing trends, evidence, and context at scale.
Pricing
Marketplace Models
Deployment Type
Azure Resource Endpoints
Input/1M TokensOutput/1M Tokens
Claude Haiku 4.5
Global Standard
East US 2, West US
$1.00
$5.00
Claude Sonnet 4.5
Global Standard
East US 2, West US
$3.00
$15.00
Claude Opus 4.1
Global Standard
East US 2, West US
$15.00
$75.00
Looking ahead
Our partnership with Anthropic is about more than just bringing new models to Foundry. It’s about empowering every person and organization to achieve more with AI. We look forward to seeing how developers and enterprises leverage these new capabilities to build the next generation of intelligent systems.
Ready to explore Claude in Foundry? Start building today and join us in shaping the next generation of intelligent agents. Tune in to Ignite for more exciting Microsoft Foundry announcements: register today.
The post Introducing Anthropic’s Claude models in Microsoft Foundry: Bringing Frontier intelligence to Azure appeared first on Microsoft Azure Blog.
Quelle: Azure
