AWS Bedrock Agents Automate Pen-Testing and Incident Triage

AWS has introduced a new class of persistent, goal-driven systems with the general availability of its Frontier Agents. Powered by Amazon Bedrock AgentCore, the AWS Security Agent and AWS DevOps Agent operate autonomously for hours or days to execute complex infrastructure workflows.

Industry data from 2025 indicated that 81% of organizations deployed vulnerable code due to release pressure. AWS positions these autonomous AI agents as a mechanism to close the gap between rapid deployment cycles and necessary operational oversight.

Automated Penetration Testing

The Security Agent functions as a virtual security engineer capable of continuous reconnaissance, vulnerability discovery, and active exploitation. It demonstrates real-world impact by chaining vulnerabilities. For example, it can use a stored XSS vulnerability to capture administrative session cookies without human intervention.

In testing against the 40-vulnerability CVE Bench, the agent recorded an 80% success rate without hints and a 92.5% success rate when provided hints. It integrates directly into development workflows via the AWS Security Agent GitHub App to conduct pull request reviews and autonomously open remediation PRs.

Autonomous SRE and Incident Management

The DevOps Agent serves as an automated Site Reliability Engineer designed to manage the full incident lifecycle. It triages alerts and correlates telemetry across CloudWatch, Datadog, Splunk, and Dynatrace to map application resource topologies. The agent generates an immutable audit journal detailing the exact steps of its investigation.

AWS reports the agent accelerates investigations by 80% and reduces Mean Time to Resolution by up to 75% with 94% root cause accuracy. Early adopters reported shrinking production investigation times from two hours down to 28 minutes.

Pricing is usage-based at $0.498 per agent-minute, which equates to $0.0083 per second. Customers on Business Support+, Enterprise Support, and AWS Unified Operations plans receive the agent as an included feature with allocated usage credits.

Technical Architecture and Integration

AWS defines Frontier Agents as autonomous, scalable, and persistent systems. Both agents rely heavily on the Model Context Protocol to interact safely with on-premises systems and third-party observability tools. This architecture demonstrates how MCP standardizes context access for multi-cloud telemetry environments.

Agent	Primary Function	Key Benchmarks / Metrics	Core Integrations
Security Agent	Pen-testing and PR review	80% CVE Bench success (no hints)	GitHub App
DevOps Agent	SRE and incident triage	75% MTTR reduction, 94% accuracy	CloudWatch, Datadog, Splunk

The agents are currently available in six AWS regions, including US East (N. Virginia). A third system targeting autonomous coding tasks, named Kiro, remains in public preview.

If your organization relies on manual log correlation during critical incidents, configuring the DevOps Agent with your specific observability stack provides an immediate baseline for automated triage. Establish strict boundaries using IAM roles to ensure the agent has read access to telemetry without possessing unintended modification privileges.