I’m excited to announce that AWS Safety Agent on-demand penetration testing and AWS DevOps Agent are actually typically obtainable, representing a brand new class of AI capabilities we introduced at re:Invent referred to as frontier brokers. These autonomous programs work independently to realize targets, scale massively to sort out concurrent duties, and run persistently for hours or days with out fixed human oversight. Collectively, these brokers are altering the way in which we safe and function software program. In preview, clients and companions report that AWS Safety Agent compresses penetration testing timelines from weeks to hours and the AWS DevOps Agent helps 3–5x quicker incident decision.
What makes frontier brokers completely different?
Not like conventional AI assistants that assist with particular person duties, frontier brokers act as extensions of your group, delivering full outcomes. They don’t simply reply to prompts—they work autonomously to resolve complicated issues, make choices throughout a number of steps, and function constantly till they obtain their goals. These aren’t instruments that require fixed path. They’re clever programs that perceive context, motive by means of issues, and take motion—reworking how organizations strategy software safety and operational excellence.
AWS Safety Agent: Cut back penetration testing from weeks to hours
AWS Safety Agent transforms penetration testing from a periodic bottleneck into an on-demand functionality. Most organizations restrict handbook penetration testing to their most important purposes as a consequence of time and value constraints, which may go away the vast majority of their portfolio uncovered between exams. AWS Safety Agent adjustments this by delivering autonomous penetration testing that operates 24/7 at a fraction of the associated fee, enabling you to check all of your purposes every time it’s worthwhile to.
AWS Safety Agent operates like a human penetration tester—it identifies potential vulnerabilities, makes an attempt to use them with focused payloads and assault chains, and validates they’re authentic safety dangers. By ingesting your supply code, structure diagrams, and documentation, it understands how your software was designed and constructed to determine how particular person vulnerabilities join into higher-severity assault chains that conventional scanners miss. Bamboo Well being mentioned, “AWS Safety Agent surfaced findings that no different device has uncovered.” HENNGE Okay.Okay. shared that “this permits us to quickly speed up our safety lifecycle, decreasing the standard testing length by greater than 90%.“ Clients are uncovering safety dangers whereas dramatically decreasing testing timelines.
“I’m excited by how a frontier agent like AWS Safety Agent is reworking important workflows for our clients. They’re capable of minimize penetration testing time from weeks to hours, whereas uncovering important vulnerabilities that conventional scanners miss” mentioned Amy Herzog, Vice President and CISO, AWS. “We’re utilizing Safety Agent ourselves at AWS. This can be a nice instance of AI turning into an autonomous companion to ship complete, steady safety.”
Be taught extra in our announcement right this moment.
AWS DevOps Agent: Autonomous operational excellence throughout multicloud environments
AWS DevOps Agent is your always-available operations teammate that resolves and proactively prevents incidents, optimizes software reliability and efficiency, and handles on-demand SRE duties throughout AWS, multicloud, and on-premises environments. When incidents happen, it autonomously investigates root causes by correlating telemetry, code, and deployment knowledge throughout your total stack—whether or not your purposes are on AWS, Azure, hybrid, or on-prem. It really works together with your observability instruments (together with CloudWatch, Datadog, Dynatrace, New Relic, Splunk, Grafana), runbooks, code repositories (GitHub, GitLab, Azure DevOps), and CI/CD pipelines simply as an skilled DevOps engineer would.
For operations groups, this implies quicker incident decision and improved productiveness. Clients and companions utilizing AWS DevOps Agent in preview report as much as 75% decrease MTTR, 80% quicker investigations, and 94% root trigger accuracy, supporting 3–5x quicker incident decision. The agent offers detailed mitigation plans with agent-ready specs, learns from historic patterns to ship focused suggestions that strengthen observability and system resilience, and builds complete understanding by means of automated software discovery and dynamic topology mapping throughout various operational environments. DevOps agent independently takes a reside incident and traces it again to the precise code or deployment change. Working collectively, with instruments resembling Kiro and Claude Code, DevOps Agent can generate validated fixes that may be utilized again into the system.
Western Governor’s College (WGU), a number one on-line college serving over 191,000 college students, was among the many first organizations to deploy Amazon DevOps Agent into manufacturing, doing so even forward of the preview launch at re:Invent. Throughout a latest manufacturing investigation, WGU’s SRE group used the DevOps Agent to investigate a service disruption situation, decreasing complete decision time from an estimated two hours to simply 28 minutes—a 77% enchancment in MTTR. The Agent shortly pinpointed the foundation trigger inside an AWS Lambda operate configuration, surfacing important operational information that had beforehand existed solely in undiscovered inner documentation.
Be taught extra in our announcement right this moment.
Why frontier brokers matter
These brokers exhibit the three traits that outline frontier brokers: they work independently to realize targets throughout a number of steps, they scale massively to deal with concurrent duties throughout your total portfolio, they usually run persistently for hours or days to finish complicated workflows from begin to end.
This implies serving to safety groups transfer from periodic testing of important purposes to steady, complete testing throughout the whole lot. This implies serving to operations groups shift from reactive firefighting to proactive system enchancment. Each brokers prolong what your group can accomplish, dealing with complicated work that beforehand required vital human time and experience.
AWS Safety Agent and AWS DevOps Agent are just the start. As we proceed growing frontier brokers and the instruments to construct your individual frontier brokers, we’re centered on making these programs highly effective, environment friendly, and reliable. These frontier brokers signify a brand new method of working—one the place AI programs act as true extensions of your group, absolutely proudly owning sure duties when you give attention to what issues most strategically.
To get began, go to AWS Safety Agent and AWS DevOps Agent to study extra.
The frontier of AI brokers is right here. Let’s construct the longer term collectively.
Concerning the writer
Swami Sivasubramanian is Vice President for Agentic AI at Amazon Internet Providers (AWS). At AWS, Swami has led the event and progress of main AI providers like Amazon DynamoDB, Amazon SageMaker, Amazon Bedrock, and Amazon Q. His group’s mission is to offer the dimensions, flexibility, and worth that clients and companions require to innovate utilizing agentic AI with confidence and construct brokers that aren’t solely highly effective and environment friendly, but additionally reliable and accountable. Swami additionally served from Might 2022 by means of Might 2025 as a member of the Nationwide Synthetic Intelligence Advisory Committee, which was tasked with advising the President of the USA and the Nationwide AI Initiative Workplace on subjects associated to the Nationwide AI Initiative.
