AWS launches AI agents to automate software, security & ops

AWS has introduced a suite of new artificial intelligence agents designed to support enterprise software development, security, and operations teams through increased autonomy and scalability. The three AI agents-Kiro autonomous agent, AWS Security Agent, and AWS DevOps Agent-seek to automate significant portions of the software development lifecycle with less reliance on human intervention.

Agent architecture

Each of the new agents is positioned as a virtual team member. They are described as capable of operating independently for extended periods-ranging from hours to potentially days-while maintaining context and performing complex, goal-driven tasks. The agents are designed to be scalable, with the ability to run concurrent processes and distribute tasks among multiple instances as organisation needs grow.

Software development

The Kiro autonomous agent focuses on streamlining the work of software developers. Instead of just handling isolated coding suggestions, Kiro maintains cross-session context, learns from pull request patterns and team feedback, and executes tasks ranging from bug triage to code coverage improvements. It is designed to coordinate efforts across various repositories and tools such as GitHub, Jira, and Slack.

For development teams, Kiro is described as a shared resource that builds up a collective knowledge base about codebases and workflows. It acts on instructions from team members and proposes edits through pull requests, allowing the team to maintain oversight on code changes while reducing manual overhead.

Security automation

The AWS Security Agent is built to automate software security across cloud, multicloud, and hybrid environments. The agent integrates into the development process to provide ongoing reviews of design documents, analyse pull requests, and perform security scans based on organisational standards.

Penetration testing is offered as an on-demand feature, moving away from slower, manual testing methods. The agent can scale across application portfolios and presents remediation options for any vulnerabilities it detects. Customers are able to define their security policies once, which the agent enforces consistently throughout the software deployment cycle.

SmugMug, a provider of services for photographers, is among the early adopters.

"AWS Security Agent helped catch a business logic bug that no existing tools would have caught, exposing information improperly. To any other tool, this would have been invisible. But the ability for Security Agent to contextualize the information, parse the API response, and find the unexpected information there represents a leap forward in automated security testing. Existing tools today lack this capability, and likely only a human tester would have been able to catch this," said Andres Ruiz, Staff Software Engineer, SmugMug.

Operational reliability

The AWS DevOps Agent is designed to act as a virtual operations team member that automatically triages incidents, investigates infrastructure telemetry, and issues targeted recommendations for continuous improvement. It can integrate with observability tools such as Amazon CloudWatch, Dynatrace, Datadog, New Relic, and Splunk, as well as developers' CI/CD pipelines, to identify the root causes of failures and performance bottlenecks.

Commonwealth Bank of Australia has tested the AWS DevOps Agent in its internal cloud operations.

"AWS DevOps Agent thinks and acts like a seasoned DevOps engineer, helping our engineers build a banking infrastructure that's faster, more resilient, and designed to deliver better experiences for our customers. This isn't just about faster resolution times-it's about maintaining the trust our customers put in us," said Jason Sandery, Head of Cloud Services, Commonwealth Bank of Australia.