AWS Ships Autonomous Frontier Agents for Security and SRE

Amazon Web Services has launched the general availability of its Frontier Agents suite, transitioning its AI tooling from basic task assistance to autonomous execution. The release covers the AWS Security Agent and AWS DevOps Agent, both powered by the Amazon Nova 2 model family. These systems utilize the model’s Extended Thinking capabilities to manage complex, multi-step cloud operations independently over hours or days.

Autonomous Security and DevOps Validation

The AWS Security Agent operates as an on-demand penetration tester. AWS reports the agent compresses standard security review timelines from weeks to hours by executing multi-step attack scenarios across AWS, Azure, Google Cloud, and on-premises environments. The GA release introduces automated security reviews for GitHub pull requests and design documents. Early adopter HENNGE reported a 90% reduction in security testing duration using the tool.

The AWS DevOps Agent targets site reliability engineering and incident response. Preview benchmarks indicated a 75% reduction in Mean Time to Resolution (MTTR) alongside 94% root cause accuracy. The agent integrates natively with Amazon CloudWatch and third-party observability stacks, adding new GA support for Azure DevOps, PagerDuty, and Grafana alongside existing connectors for Datadog, Splunk, and ServiceNow. If you manage extensive multi-agent systems, the DevOps agent functions as an independent triage layer before escalating to human engineers.

OpenAI Integration and FinOps Preview

In a parallel infrastructure update, OpenAI’s GPT-5.5 and Codex models are now generally available on Amazon Bedrock. This allows enterprises to deploy OpenAI’s frontier models within AWS’s secure infrastructure, inheriting native networking and auditing controls like IAM, VPC, and CloudTrail to prevent unauthorized access and agent drift.

AWS also moved its FinOps Agent into preview. This system connects directly to the AWS Cost Optimization Hub to automate anomaly investigations and surface infrastructure savings.

Pricing and Availability

The agents are active in six initial AWS Regions, including US East (N. Virginia), US West (Oregon), and Europe (Ireland). AWS is offering a 2-month free trial for new users and a tiered credit-back system to incentivize adoption among existing support customers. Users on Unified Operations support receive a 100% credit, Enterprise Support receives 75%, and Business Support+ receives 30%.

Integrating autonomous agents that execute persistent workflows changes your cloud permissions strategy. You should scope the IAM roles attached to the Security and DevOps agents to strict least-privilege boundaries, ensuring automated remediation actions cannot silently overwrite critical production infrastructure.