Amazon Web Services launched two autonomous AI agents that can investigate production incidents and run penetration tests without human oversight, pricing them aggressively enough to challenge the economics of traditional DevOps and security staffing.
The AWS DevOps Agent and AWS Security Agent, now generally available after a five-month preview, represent what AWS calls “frontier agents.” Unlike conventional AI assistants that respond to individual prompts, these systems operate independently for hours or days, make decisions across multiple steps and scale to handle concurrent tasks across an organization’s entire application portfolio. AWS is not just selling tools to build agents. It is selling the agents themselves.
How The Agents Work
The DevOps Agent functions as an always-on site reliability engineer. It begins investigating the moment an alert fires, correlating telemetry, code and deployment data across observability tools like CloudWatch, Datadog, Dynatrace, New Relic and Splunk. It maps application resources and their relationships, identifies root causes and generates mitigation plans. In preview, customers reported up to 75% lower mean time to resolution and 94% root cause accuracy. Western Governor’s University, which deployed the agent ahead of its preview launch, reduced one production incident’s resolution time from an estimated two hours to 28 minutes.
The Security Agent tackles a different bottleneck. Most organizations limit manual penetration testing to their most critical applications because of time and cost constraints, leaving the rest of their portfolio exposed between test cycles. The Security Agent performs autonomous pen testing by ingesting source code, architecture diagrams and documentation to understand how an application was designed. It then identifies vulnerabilities, attempts exploitation with targeted payloads and validates whether they pose legitimate security risks. AWS says the agent compresses pen testing timelines from weeks to hours.
Both agents now support multicloud environments. The DevOps Agent works across AWS, Microsoft Azure and on-premises infrastructure through the Model Context Protocol. The Security Agent operates across AWS, Azure, Google Cloud and on-premises systems. This cross-platform reach is a deliberate strategic choice.
The Competitive Landscape
Microsoft Azure has already shipped a direct competitor. Azure SRE Agent reached general availability on March 10, with Microsoft reporting that it runs more than 1,300 agents internally and has mitigated over 35,000 incidents. Google Cloud has not yet shipped an equivalent first-party agent for incident response, though it offers the Agent Development Kit for customers to build their own and has embedded agentic capabilities into Google SecOps for security alert triage. The competitive picture is no longer AWS alone. It is AWS and Azure selling pre-built autonomous operations agents, while Google sells the platform for customers to assemble their own. Google Cloud also offers Gemini Cloud Assist and Gemini Cloud Assist Investigations that are similar to what AWS and Azure agents.
Where AWS distinguishes itself is on the security side. No hyperscaler currently offers an equivalent to the Security Agent’s autonomous penetration testing capability. AWS is also pricing both agents to force an ROI conversation. The DevOps Agent costs roughly 50 cents per minute, billed per second and only when actively running. The Security Agent charges $50 per task-hour, with an average 24-hour evaluation costing up to $1,200. AWS says some customers have reported 70% to 90% savings on pen testing costs compared to manual approaches.
For context, a single manual penetration test from a third-party firm can cost $10,000 to $50,000 and take weeks to complete. An experienced site reliability engineer in the United States commands a salary well above $150,000 annually. AWS is positioning these agents as a fraction of those costs while operating around the clock.
What These Agents Cannot Do
The agents have meaningful constraints that enterprise buyers should weigh carefully. The DevOps Agent investigates and diagnoses incidents but has limited write capabilities. It cannot directly modify infrastructure or deploy fixes. It identifies root causes and recommends actions, but a human engineer still needs to implement the remediation. The agent augments engineering teams rather than replacing them outright.
The Security Agent faces its own boundaries. While it outperforms traditional static and dynamic scanners by understanding application context, autonomous penetration testing is still a nascent category. Organizations with strict compliance requirements may still need manual pen tests conducted by certified professionals to satisfy auditors. AWS itself acknowledges that custom Model Context Protocol server connections can introduce additional prompt injection risks, and that authorized users with access to data sources the agent consumes could embed malicious instructions.
Both agents launched in only six AWS regions. The DevOps Agent processes inference requests across US regions regardless of the customer’s selected region, which could raise data residency concerns for organizations operating under strict regulatory frameworks. The multicloud support, while promising, is new and lacks the years of battle-testing that AWS-native integrations have undergone.
What CXOs Should Watch
The broader significance of this launch extends beyond the two agents themselves. The hyperscalers are converging on a new product category defined by three properties that matter to enterprise buyers – agents that work autonomously, scale across portfolios and persist through complex workflows.
The multicloud dimension deserves particular attention from technology leaders. AWS is offering to serve as the operational intelligence layer even for workloads running on Azure or Google Cloud. That is a land-grab strategy designed to deepen AWS’s role in enterprises that operate across multiple clouds. CIOs evaluating these agents should consider whether centralizing operational intelligence on one cloud provider creates a new form of lock-in even as it promises cross-platform visibility.
Kiro, the agentic IDE that underpins AWS’s coding strategy, reached general availability in November 2025 and has been shipping features on a rapid cadence. But the Kiro autonomous agent, the frontier agent designed to work independently for days across multiple repositories, remains in preview with no announced GA date. When it ships, AWS will have autonomous agents spanning the entire software development lifecycle from coding through security to operations. That trajectory signals where AWS believes the economics of software engineering are heading.
