AWS Security Agent (Preview): AI agent for proactive app security
Today, AWS announces the preview of AWS Security Agent, an AI-powered agent that proactively secures your applications throughout the development lifecycle. AWS Security Agent conducts automated security reviews tailored to your organizational requirements and delivers context-aware penetration testing. By continuously validating security from design to deployment, it helps prevent vulnerabilities early in development across all your environments.
Security teams define organizational security requirements once in the AWS Security Agent console, such as approved encryption libraries, authentication frameworks, and logging standards. AWS Security Agent then automatically validates these requirements throughout development by evaluating architectural documents and code against your defined standards, providing specific guidance when violations are detected. For deployment validation, security teams define their penetration testing scope and AWS Security Agent develops application context, executes sophisticated attack chains, and discovers and validates vulnerabilities. This delivers consistent security policy enforcement across all teams, scales security reviews to match development velocity, and transforms penetration testing from a periodic bottleneck into an on-demand capability that dramatically reduces risk exposure.
AWS Security Agent (Preview) is currently available in the US East (N. Virginia) Region. All of your data remains safe and private. Your queries and data are never used to train models. AWS Security Agent logs API activity to AWS CloudTrail for auditing and compliance.
To learn more about AWS Security Agent, visit the product page and read the launch announcement. For technical details and to get started, see the AWS Security Agent documentation.