Today, we are announcing the support of Bring Your Own Knowledge Graph (BYOKG) for Retrieval-Augmented Generation (RAG) using the open-source GraphRAG Toolkit. This new capability allows customers to connect their existing knowledge graphs to large language models (LLMs), enabling Generative AI applications that deliver more accurate, context-rich, and explainable responses grounded in trusted, structured data.
Previously, customers who wanted to use their own curated graphs for RAG had to build custom pipelines and retrieval logic to integrate graph queries into generative AI workflows. With BYOKG support, developers can now directly leverage their domain-specific graphs, such as those stored in Amazon Neptune Database or Neptune Analytics, through the GraphRAG Toolkit. This makes it easier to operationalize graph-aware RAG, reducing hallucinations and improving reasoning over multi-hop and temporal relationships. For example, a fraud investigation assistant can query a financial services company’s knowledge graph to surface suspicious transaction patterns and provide analysts with contextual explanations. Similarly, a telecom operations chatbot can detect that a series of linked cell towers are consistently failing, trace the dependency paths to affected network switches, and then guide technicians using SOP documents on how to resolve the issue. Developers simply configure the GraphRAG Toolkit with their existing graph data source, and it will orchestrate retrieval strategies that use graph queries alongside vector search to enhance generative AI outputs.
Today, we are announcing the support of Bring Your Own Knowledge Graph (BYOKG) for Retrieval-Augmented Generation (RAG) using the open-source GraphRAG Toolkit. This new capability allows customers to connect their existing knowledge graphs to large language models (LLMs), enabling Generative AI applications that deliver more accurate, context-rich, and explainable responses grounded in trusted, structured data. Previously, customers who wanted to use their own curated graphs for RAG had to build custom pipelines and retrieval logic to integrate graph queries into generative AI workflows. With BYOKG support, developers can now directly leverage their domain-specific graphs, such as those stored in Amazon Neptune Database or Neptune Analytics, through the GraphRAG Toolkit. This makes it easier to operationalize graph-aware RAG, reducing hallucinations and improving reasoning over multi-hop and temporal relationships. For example, a fraud investigation assistant can query a financial services company’s knowledge graph to surface suspicious transaction patterns and provide analysts with contextual explanations. Similarly, a telecom operations chatbot can detect that a series of linked cell towers are consistently failing, trace the dependency paths to affected network switches, and then guide technicians using SOP documents on how to resolve the issue. Developers simply configure the GraphRAG Toolkit with their existing graph data source, and it will orchestrate retrieval strategies that use graph queries alongside vector search to enhance generative AI outputs. To learn more and get started, visit the GraphRAG Toolkit User Guide.
Today, AWS announced the release of a model context protocol (MCP) server for Billing and Cost Management, now available in the AWS Labs GitHub repository. The Billing and Cost Management MCP server allows customers to analyze their historical spending, find cost optimization opportunities, and estimate the costs of new workloads using the AI agent or assistant of their choice.
Artificial intelligence is transforming the way that customers manage FinOps practices. While customers can access AI-powered cost analysis and optimization capabilities in Amazon Q Developer in the console, the Billing and Cost Management MCP server brings these capabilities to any MCP-compatible AI assistant or agent that customers may be using, such as Q Developer CLI tool, the Kiro IDE, Visual Studio Code, or Claude Desktop. This MCP server gives these clients rich capabilities to analyze historical and forecasted cost and usage data, identify cost optimization opportunities, understand AWS service pricing, find cost anomalies, and more. The MCP server not only provides access to AWS service APIs; it also provides a dedicated SQL-based calculation engine allowing AI assistants to perform reliable, reproducible calculations — ranging from period-over-period changes to unit cost metrics — and easily handle large volumes of cost and usage data.
You can download and integrate the open-source server with your preferred MCP-compatible AI assistant. The server connects securely to the AWS Billing and Cost Management services using standard AWS credentials with minimal configuration required. To get started, visit the AWS Labs GitHub repository.
Today, AWS announced the release of a model context protocol (MCP) server for Billing and Cost Management, now available in the AWS Labs GitHub repository. The Billing and Cost Management MCP server allows customers to analyze their historical spending, find cost optimization opportunities, and estimate the costs of new workloads using the AI agent or assistant of their choice. Artificial intelligence is transforming the way that customers manage FinOps practices. While customers can access AI-powered cost analysis and optimization capabilities in Amazon Q Developer in the console, the Billing and Cost Management MCP server brings these capabilities to any MCP-compatible AI assistant or agent that customers may be using, such as Q Developer CLI tool, the Kiro IDE, Visual Studio Code, or Claude Desktop. This MCP server gives these clients rich capabilities to analyze historical and forecasted cost and usage data, identify cost optimization opportunities, understand AWS service pricing, find cost anomalies, and more. The MCP server not only provides access to AWS service APIs; it also provides a dedicated SQL-based calculation engine allowing AI assistants to perform reliable, reproducible calculations — ranging from period-over-period changes to unit cost metrics — and easily handle large volumes of cost and usage data. You can download and integrate the open-source server with your preferred MCP-compatible AI assistant. The server connects securely to the AWS Billing and Cost Management services using standard AWS credentials with minimal configuration required. To get started, visit the AWS Labs GitHub repository.
Amazon Relational Database Service (RDS) for DB2 now supports read replicas. Customers can add up to three read replicas for their database instance, and use the replicas to support read-only applications without overloading the primary database instance.
Customers can setup replicas in the same region or in a different region from the primary database instance. When a read replica is setup, RDS replicates changes asynchronously to the read replicas. Customers can run their read-only queries against the read replica without impacting performance of the primary database instance. Customers can also use read replicas for disaster recovery procedures by promoting a read replica to support both read and write operations.
Read replicas require IBM Db2 licenses for all vCPUs on replica instances. Customers can obtain On-Demand Db2 licenses from the AWS Marketplace, or use Bring Your Own License (BYOL). To learn more, refer to Amazon RDS for Db2 documentation and pricing pages.
Amazon Relational Database Service (RDS) for DB2 now supports read replicas. Customers can add up to three read replicas for their database instance, and use the replicas to support read-only applications without overloading the primary database instance. Customers can setup replicas in the same region or in a different region from the primary database instance. When a read replica is setup, RDS replicates changes asynchronously to the read replicas. Customers can run their read-only queries against the read replica without impacting performance of the primary database instance. Customers can also use read replicas for disaster recovery procedures by promoting a read replica to support both read and write operations. Read replicas require IBM Db2 licenses for all vCPUs on replica instances. Customers can obtain On-Demand Db2 licenses from the AWS Marketplace, or use Bring Your Own License (BYOL). To learn more, refer to Amazon RDS for Db2 documentation and pricing pages.
Starting today, Amazon Elastic Compute Cloud (Amazon EC2) R7g instances are available in the AWS Africa (Cape Town) region. These instances are powered by AWS Graviton3 processors that provide up to 25% better compute performance compared to AWS Graviton2 processors, and built on top of the the AWS Nitro System, a collection of AWS designed innovations that deliver efficient, flexible, and secure cloud services with isolated multi-tenancy, private networking, and fast local storage.
Amazon EC2 Graviton3 instances also use up to 60% less energy to reduce your cloud carbon footprint for the same performance than comparable EC2 instances. For increased scalability, these instances are available in 9 different instance sizes, including bare metal, and offer up to 30 Gbps networking bandwidth and up to 20 Gbps of bandwidth to the Amazon Elastic Block Store (EBS).
Starting today, Amazon Elastic Compute Cloud (Amazon EC2) R7g instances are available in the AWS Africa (Cape Town) region. These instances are powered by AWS Graviton3 processors that provide up to 25% better compute performance compared to AWS Graviton2 processors, and built on top of the the AWS Nitro System, a collection of AWS designed innovations that deliver efficient, flexible, and secure cloud services with isolated multi-tenancy, private networking, and fast local storage. Amazon EC2 Graviton3 instances also use up to 60% less energy to reduce your cloud carbon footprint for the same performance than comparable EC2 instances. For increased scalability, these instances are available in 9 different instance sizes, including bare metal, and offer up to 30 Gbps networking bandwidth and up to 20 Gbps of bandwidth to the Amazon Elastic Block Store (EBS). To learn more, see Amazon EC2 R7g. To explore how to migrate your workloads to Graviton-based instances, see AWS Graviton Fast Start program and Porting Advisor for Graviton. To get started, see the AWS Management Console.
Amazon RDS for PostgreSQL now supports delayed read replicas, allowing you to specify a minimum time period that a replica database lags behind a source database. This feature creates a time buffer that helps protect against data loss from human errors such as accidental table drops or unintended data modifications.
In disaster recovery scenarios, you can pause replication before problematic changes are applied, resume replication up to a specific log position, and promote the replica as your new primary database. This approach enables faster recovery compared to traditional point-in-time restore operations, which can take hours for large databases.
This feature is available in all AWS Regions where RDS for PostgreSQL is offered, including the AWS GovCloud (US) Regions, at no additional cost beyond standard RDS pricing. To learn more, visit the Amazon RDS for PostgreSQL documentation.
Amazon RDS for PostgreSQL now supports delayed read replicas, allowing you to specify a minimum time period that a replica database lags behind a source database. This feature creates a time buffer that helps protect against data loss from human errors such as accidental table drops or unintended data modifications. In disaster recovery scenarios, you can pause replication before problematic changes are applied, resume replication up to a specific log position, and promote the replica as your new primary database. This approach enables faster recovery compared to traditional point-in-time restore operations, which can take hours for large databases. This feature is available in all AWS Regions where RDS for PostgreSQL is offered, including the AWS GovCloud (US) Regions, at no additional cost beyond standard RDS pricing. To learn more, visit the Amazon RDS for PostgreSQL documentation.
The Count Tokens API is now available in Amazon Bedrock, enabling you to determine the token count for a given prompt or input being sent to a specific model ID prior to performing any inference.
By surfacing a prompt’s token count, the Count Tokens API allows you to more accurately project your costs, and provides you with greater transparency and control over your AI model usage. It allows you to proactively manage your token limits on Amazon Bedrock, helping to optimize your usage and avoid unexpected throttling. It also helps ensure your workloads fit within a model’s context length limit, allowing for more efficient prompt optimization.
The Count Tokens API is now available in Amazon Bedrock, enabling you to determine the token count for a given prompt or input being sent to a specific model ID prior to performing any inference.
By surfacing a prompt’s token count, the Count Tokens API allows you to more accurately project your costs, and provides you with greater transparency and control over your AI model usage. It allows you to proactively manage your token limits on Amazon Bedrock, helping to optimize your usage and avoid unexpected throttling. It also helps ensure your workloads fit within a model’s context length limit, allowing for more efficient prompt optimization.
At launch, the Count Tokens API will support Claude models, with the functionality available in all regions where these models are supported. For more information about this new feature, including supported models and use cases, visit the Count Tokens API documentation.
Amazon Elastic Kubernetes Service (Amazon EKS) now supports Kubernetes namespace configuration for AWS and Community add-ons, providing you greater control over how add-ons are organized within your Kubernetes cluster.
With namespace configuration, you can now specify a custom namespace during add-on installation, enabling better organization and isolation of add-on objects within your EKS cluster. This flexibility helps you align add-ons with your operational needs and existing namespace strategy. Once an add-on is installed in a specific namespace, you must remove and recreate the add-on to change its namespace.
This feature is available through the AWS Management Console, Amazon EKS APIs, AWS Command Line Interface (CLI), and infrastructure as code tools like AWS CloudFormation. Namespace configuration for AWS and Community add-ons is now available in all commercial AWS Regions. To learn more, visit the Amazon EKS documentation.
Amazon Elastic Kubernetes Service (Amazon EKS) now supports Kubernetes namespace configuration for AWS and Community add-ons, providing you greater control over how add-ons are organized within your Kubernetes cluster. With namespace configuration, you can now specify a custom namespace during add-on installation, enabling better organization and isolation of add-on objects within your EKS cluster. This flexibility helps you align add-ons with your operational needs and existing namespace strategy. Once an add-on is installed in a specific namespace, you must remove and recreate the add-on to change its namespace. This feature is available through the AWS Management Console, Amazon EKS APIs, AWS Command Line Interface (CLI), and infrastructure as code tools like AWS CloudFormation. Namespace configuration for AWS and Community add-ons is now available in all commercial AWS Regions. To learn more, visit the Amazon EKS documentation.
Amazon SageMaker Unified Studio now offers a simplified file storage option in projects, providing data workers with an easier way to collaborate on their analytics and machine learning workflows without depending on Git. You can now choose between Git repositories (GitHub, GitLab or Bitbucket Cloud) or Amazon Simple Storage (S3) buckets for sharing code files between the various members of a project. While S3 is the default option, customers who want to use Git can still continue to have the same experience as they currently do.
With this launch, customers will see a consistent view of their files irrespective of the tool they are working in across SageMaker Unified Studio (such as JupyterLab, Code Editor or SQL query editor) making it easy to create, edit and share code. The S3 file storage option operates on a «last write wins» principle and supports basic file versioning when enabled by administrators. This option is particularly beneficial for data science teams who want to focus on their analytics and machine learning work without managing Git operations, while still maintaining a collaborative workspace for their project artifacts.
This feature is available in all AWS Regions where Amazon SageMaker Unified Studio is available. To learn more about storage options in SageMaker Unified Studio projects, see Managing Project Files in the Amazon SageMaker Unified Studio User Guide.
Amazon SageMaker Unified Studio now offers a simplified file storage option in projects, providing data workers with an easier way to collaborate on their analytics and machine learning workflows without depending on Git. You can now choose between Git repositories (GitHub, GitLab or Bitbucket Cloud) or Amazon Simple Storage (S3) buckets for sharing code files between the various members of a project. While S3 is the default option, customers who want to use Git can still continue to have the same experience as they currently do. With this launch, customers will see a consistent view of their files irrespective of the tool they are working in across SageMaker Unified Studio (such as JupyterLab, Code Editor or SQL query editor) making it easy to create, edit and share code. The S3 file storage option operates on a «last write wins» principle and supports basic file versioning when enabled by administrators. This option is particularly beneficial for data science teams who want to focus on their analytics and machine learning work without managing Git operations, while still maintaining a collaborative workspace for their project artifacts. This feature is available in all AWS Regions where Amazon SageMaker Unified Studio is available. To learn more about storage options in SageMaker Unified Studio projects, see Managing Project Files in the Amazon SageMaker Unified Studio User Guide.
El legado de 125 años de Dow: innovar con IA para asegurar un futuro largo
Por: Lizzie Heinze, directora sénior de marketing de productos, Microsoft Security Copilot.
Fundada hace más de 125 años, Dow ha demostrado su compromiso de aprovechar la ciencia para hacer del mundo un lugar mejor. Hoy en día, la ambición de Dow de ser la empresa de ciencia de materiales más innovadora, inclusiva y sostenible está respaldada por un equipo de seguridad global dedicado a mantener seguros a los empleados, clientes y grandes volúmenes de datos.
El equipo de seguridad de Dow, dirigido por el director de seguridad de la información Mario Ferket, cubre de manera proactiva todo, desde la gobernanza, el riesgo, el cumplimiento, la gestión de identidades y accesos y la protección de la información hasta la privacidad de los datos, mientras su equipo continúa su maduración y crecimiento. Con esto viene una asociación con Microsoft Security para utilizar herramientas que incluyen Microsoft Security Copilot.
Microsoft habló de manera reciente con Ferket sobre el enfoque de Dow sobre la IA en seguridad, el establecimiento de un equipo de IA responsable y cómo Security Copilot actúa como mentor dentro de su programa de aprendices.
MICROSOFT: ¿Cómo ha evolucionado su equipo de seguridad en los últimos años para incorporar la IA en su negocio?
FERKET: La IA en Dow es vista como un importante facilitador comercial para servir mejor a nuestros clientes con productos innovadores y sostenibles. Para utilizar la IA de manera responsable, nos asociamos con nuestro equipo de análisis y datos empresariales, Legal y otros departamentos para establecer un equipo de IA responsable.
Este equipo se encargó de definir un conjunto de principios, así como de crear una política de uso aceptable para la IA generativa a medida que implementamos Microsoft Copilot en la empresa. Más allá de eso, el nuevo equipo multifuncional ha analizado los nuevos riesgos asociados con el uso de la IA y cómo protegernos a nosotros mismos, a nuestros datos y a nuestros clientes. El equipo también explora cómo se puede aprovechar la IA para mejorar nuestras operaciones de seguridad y usar «IA para combatir la IA» en casos en los que la IA se usa de manera potencial con intenciones maliciosas.
En la foto: Mario Ferket, director de seguridad de la información, Dow
MICROSOFT: ¿Cómo se integra la IA en los esfuerzos de seguridad de Dow y qué capacidades específicas aprovechan?
FERKET: Nuestro equipo aprovecha varias capacidades habilitadas para IA y aprendizaje automático para detectar y eliminar mejor los correos electrónicos de phishing, posibles instancias de compromiso de correo electrónico empresarial (BEC, por sus siglas en inglés) y otro contenido malicioso enviado a Dow por correo electrónico.
Durante más de un año, hemos trabajado con Microsoft en una asociación de diseño para aprovechar Security Copilot como una herramienta clave en el Centro de Operaciones de Seguridad Cibernética (CSOC, por sus siglas en inglés) de Dow. Dada la sofisticación y la velocidad de los ciberataques, nuestra necesidad original era eliminar las tareas manuales repetitivas a través de la automatización y pasar a intervenciones más automatizadas. Esto permite que el equipo dedique más tiempo a actividades proactivas. También utilizamos Security Copilot para el aumento de la búsqueda de amenazas, el resumen automatizado de incidentes y el enriquecimiento de tickets mediante la extracción de indicadores de los servicios de inteligencia para proporcionar contexto a los tickets que se investigan y generar consultas para respaldar las actividades de búsqueda de amenazas. Hemos descubierto que esto ayuda a eliminar las actividades que requieren mucha mano de obra.
MICROSOFT: ¿Qué impacto ha tenido la IA en su equipo y tiene alguna lección aprendida de la integración de la IA en sus operaciones de seguridad?
FERKET: Una vez que se superó la curva de aprendizaje inicial de Security Copilot, el CSOC del Dow identificó con rapidez ganancias rápidas para aprovechar la herramienta. Ahora es común en cualquier investigación escuchar la frase «¿Le has preguntado a Copilot?» para una amplia variedad de situaciones.
En el pasado, nuestro Dow CSOC se basaba en un amplio conocimiento institucional dentro del equipo para saber cómo se veía lo que era «bueno» y «malo». Poder consultar Security Copilot en lenguaje natural ayuda al equipo a identificar con rapidez la información relevante y actuar en consecuencia. La capacidad de aprovechar Security Copilot ayuda a los analistas a centrarse más en las investigaciones y menos en examinar los datos. Antes de este nivel de automatización, un miembro de mi equipo de seguridad tenía que obtener de manera manual datos de varias fuentes para sacar correlaciones y conclusiones durante una investigación. Ahora, cuando se dispara una alerta, Security Copilot enriquece las alertas con datos contextualizados para respaldar las investigaciones. Al usar Security Copilot para el resumen y enriquecimiento de incidentes, la búsqueda en lenguaje natural y la automatización, el CSOC puede reducir el tiempo entre el momento en que se activa una alerta y el momento en que se toma una acción.
Tanto Microsoft 365 Copilot como Security Copilot se han convertido en parte integral de las operaciones diarias del CSOC, con analistas que consultan la herramienta varias veces al día por muchas razones, que van desde la interpretación de datos hasta el enriquecimiento de tickets. Security Copilot enriquece los tickets con datos relevantes, lo que reduce la cantidad de tiempo dedicado a recopilar datos. Ha ayudado al Dow CSOC a automatizar las tareas menores de las investigaciones de seguridad, lo que permite a nuestros analistas más experimentados centrarse en medidas defensivas proactivas. Nuestro equipo se ha sorprendido de la rapidez con la que adoptamos las nuevas capacidades y las integramos en nuestros procesos estándar.
Dentro de Dow, también tenemos un programa de aprendices con personas de diversos orígenes que muy a menudo no están capacitadas en TI. De manera tradicional, se necesitaría más de un año de capacitación en el trabajo y observación del trabajo de los analistas senior para que uno de estos aprendices se convierta en miembros «completos» del equipo. Ahora, estos aprendices pueden usar Security Copilot como un «mentor virtual» para temas como la creación de consultas o el aprendizaje del panorama de amenazas cibernéticas, lo que reduce de manera importante el tiempo de rampa requerido para que el aprendiz sea productivo y garantiza que los analistas senior puedan concentrarse en la defensa proactiva.
MICROSOFT: ¿Cuáles son las direcciones e innovaciones futuras que consideran en el campo de la IA y la seguridad, y cómo planean implementarlas?
FERKET: De cara al futuro, hemos comenzado a explorar el uso de capacidades avanzadas impulsadas por IA para mejorar la detección de anomalías y patrones en la telemetría a gran escala. También evaluamos formas de optimizar la gestión de reglas a través de la automatización inteligente, con el objetivo de reducir la sobrecarga manual para nuestros analistas. Otra área de interés es la priorización dinámica de alertas, donde las señales contextuales y la inteligencia de amenazas pueden ayudar a refinar la urgencia de la respuesta. Como siempre, permanecemos atentos al uso evolutivo de la IA por parte de actores maliciosos y continuamos con la evaluación de sus implicaciones más amplias en el panorama de amenazas.
MICROSOFT: ¿Qué consejo le daría a otros equipos de seguridad que comienzan su recorrido de IA?
FERKET: Sé ágil, pero enfocado. Sin duda, la IA cambia el panorama de la ciberdefensa, con muchas herramientas emergentes que se lanzan de manera regular. Es fácil perderse en el «arte de lo posible» cuando se trata de herramientas de IA. Las organizaciones que comienzan su viaje de IA deben tener en cuenta sus objetivos comerciales principales, las limitaciones de las capacidades actuales de IA y estar listas para pivotar a medida que las cosas cambian de manera rápida. Para el Dow CSOC, la IA se considera un gran aumento para ayudar a los analistas a ser más efectivos y dedicar tiempo a lo que en verdad importa.
Para obtener más información sobre las soluciones de seguridad de Microsoft, visiten nuestro sitio web. Agreguen a Favoritos el blog de Seguridad para mantenerse al día con nuestra cobertura experta en asuntos de seguridad. Además, síganos en LinkedIn (Microsoft Security) y X (@MSFTSecurity) para conocer las últimas noticias y actualizaciones sobre ciberseguridad.
