AWS Debuts Security Agent for Automated Code-Level Protection

Amazon Web Services introduced several major updates to improve security across the application development lifecycle. The most notable reveal was the preview of the AWS Security Agent, a new tool that automates penetration testing by analyzing application design, code, and context without requiring security teams to manually intervene.

The tool is built to function continuously, helping developers detect vulnerabilities early and remediate them before software reaches production.

AWS also announced the general availability of expanded AWS Security Hub features, adding near-real-time analytics and historical data tracking for security teams. These updates aim to give security professionals a more comprehensive view of their cloud environments using consolidated data from AWS-native services. These new tools aim to make security management more efficient and less reliant on switching between different dashboards or tools.

Why It Matters: Software release cycles are becoming faster and more automated, and traditional security checks are often unable to keep pace. New tools are designed to bring context-aware security into every phase of application development, helping teams identify and resolve threats without delaying deployments or overburdening security staff.

• AWS Security Agent Enables Automated, Contextual Pen Testing: The new AWS Security Agent is designed to understand how applications are built and what security requirements apply at different stages of development. It continuously scans workloads for vulnerabilities and performs penetration testing tailored to the application’s structure and intended behavior. This allows it to identify issues that might not surface with traditional testing methods and eliminates the need to wait for human-led assessments.

• SmugMug Cuts Pen Testing Time from Days to Hours: One of the early adopters of the AWS Security Agent, photography platform SmugMug, reported that the tool significantly reduced the duration and cost of their security testing processes. According to the company’s senior engineering director, using the agent allowed them to complete penetration tests in hours instead of days, enabling more frequent assessments and faster responses to newly discovered vulnerabilities during development.

• Security Hub Adds Historical Insights and Unified View of AWS Tools: The general release of updated AWS Security Hub features includes a new analytics engine that aggregates and organizes findings from various AWS services into a single interface. Security teams can now view trends going back a full year, helping them understand whether their overall security posture is improving or deteriorating. This reduces the need to rely on separate consoles and manual correlation of data between different services.

• GuardDuty Broadens Detection Capabilities to EC2 and ECS: GuardDuty, AWS’s threat detection service, has been updated to analyze activities across EC2 instances and ECS tasks. By connecting behaviors across these environments, it can detect signs of coordinated attack patterns or abuse that might be missed when reviewing alerts one by one.

• Multi-Cloud Environments Still Require Third-Party Integration: Although AWS’s security tools are becoming more powerful and easier to manage for users who rely primarily on AWS infrastructure, most organizations still operate across multiple cloud platforms. Research cited by Omdia shows that only a small fraction of businesses use a single cloud provider. For those working across AWS, Azure, and on-premises environments, AWS recommends using partner solutions that can integrate with its tools to provide a broader view of enterprise security.

Go Deeper -> AWS targets vulnerable code with security agent – ComputerWeekly.com