AWS Security Agent for On-Demand Penetration Testing Now Generally Available Across Six Regions
Key Takeaways
- ▸AWS Security Agent delivers autonomous penetration testing 24/7 at lower cost than manual testing, now generally available in six regions globally
- ▸The service supports multicloud testing across AWS, Azure, GCP, and on-premises environments, consolidating security assessments across infrastructure
- ▸AI agents provide detailed vulnerability reports with CVSS scores, severity ratings, reproduction steps, and remediation guidance through sophisticated multi-step attack scenarios
Summary
AWS has announced the general availability of AWS Security Agent, an autonomous penetration testing solution that operates 24/7 at a fraction of the cost of manual testing. The service is now available in six AWS regions: US East (N. Virginia), US West (Oregon), Europe (Ireland), Europe (Frankfurt), Asia Pacific (Sydney), and Asia Pacific (Tokyo). AWS Security Agent represents a new class of frontier AI agents that work independently to discover, validate, and report security vulnerabilities through sophisticated multi-step attack scenarios.
The solution supports multicloud environments, enabling customers to consolidate penetration testing across AWS, Azure, GCP, and on-premises infrastructure. AWS Security Agent deploys specialized AI agents that provide detailed findings with CVSS risk scores, application-specific severity ratings, reproduction steps, and remediation suggestions. This transforms penetration testing from a periodic manual process into a continuous, on-demand capability that scales with development velocity.
New customers can explore the service with a 2-month free trial. The product was previewed at re:Invent 2025 and represents AWS's expansion into autonomous security testing powered by frontier AI agents capable of running persistently without constant human oversight.
- New customers can test the service risk-free with a 2-month trial period
Editorial Opinion
AWS Security Agent marks a significant shift in how enterprises approach vulnerability management, moving from reactive, periodic penetration testing to continuous autonomous scanning. By leveraging frontier AI agents that operate without constant human oversight, AWS is addressing a critical bottleneck in the security testing process—one that has traditionally required expensive consultants and lengthy engagement cycles. This democratization of advanced security testing could meaningfully improve the security posture of organizations that previously lacked resources for frequent penetration testing, though the accuracy and comprehensiveness of AI-driven testing compared to human experts will be crucial factors in long-term adoption.
