Amazon launches frontier AI agents that work autonomously like teammates

Key takeaways

Frontier agents represent a new class of AI agents that are autonomous, scalable, and work for hours or days without constant intervention.
Kiro autonomous agent is your virtual developer that maintains context and learns over time while working independently, so you can focus on your biggest priorities.
AWS Security Agent is your virtual security engineer that helps build secure applications by being a security consultant for app design, code reviews, and penetration testing.
AWS DevOps Agent is your virtual operations team member that helps resolve and proactively prevent incidents, while continuously improving your applications’ reliability and performance.

AI agents have transformed how development teams work, and as the technology evolves, teams are learning how to maximize agents’ value. To understand how to push agents further, we looked to our own development teams building services at Amazon scale and uncovered three critical insights to dramatically increase value.

First, by learning what the agents were and weren’t good at, the team could switch from babysitting every small task to directing agents toward broad, goal-driven outcomes. Second, the velocity of our teams was tied to how many agentic tasks they could run simultaneously. Third, the longer the agents could operate on their own, the better. While these insights came from software development, the team quickly realized they needed the same capabilities across every aspect of the software development lifecycle—like security and operations—or risk creating new bottlenecks.

These insights led AWS to frontier agents—a new, more sophisticated class of AI agents with three defining characteristics. First, they're autonomous. Direct them toward a goal, and the agents figure out how to achieve it. Second, they're scalable. They can perform multiple tasks at the same time and distribute work across multiple agents. Third, they work independently. They can operate for hours or days without requiring intervention.

That’s why we are announcing three new frontier agents—Kiro autonomous agent, AWS Security Agent, and AWS DevOps Agent—focused on transforming the software development lifecycle. These agents represent a step-function change in what you can do with agents today, moving from assisting with individual tasks to completing complex projects autonomously like a member of your team.

These agents take advantage of our decades of experience building software, industry-leading security practices, and extensive operational expertise to help you build faster, secure applications from the start, and operate with greater confidence. Clariant, Commonwealth Bank of Australia, SmugMug, Western Governors University, and Presidio are among the customers already using one or more of these new agents to dramatically accelerate the software development lifecycle.

Kiro autonomous agent: The frontier agent for software development

AI coding tools have accelerated individual tasks, but many of them have also introduced new friction. Using these tools, you can find yourself acting as the human "thread" that holds work together—rebuilding context when switching tasks, manually coordinating cross-repository changes, and restitching information scattered across tickets, pull requests, and chat threads. This slows them down and pulls focus away from real priorities. What would it take for a tool to cut this friction, so you can stay focused and ship code faster? The Kiro autonomous agent keeps work moving independently while you focus on priority tasks.

You now get more uninterrupted time for high-priority work instead of juggling background busy work, shortening the path from idea to meaningful contributions. Kiro autonomous agent maintains persistent context across sessions and continuously learns your pull requests and feedback. It can handle a range of tasks—from triaging bugs to improving code coverage—with a single change spanning multiple repositories. You can ask it questions, describe a task, and assign tasks in your backlog directly from GitHub. The agent will then independently figure out how to get the work done, sharing changes as proposed edits and pull requests, so you stay in control of what gets incorporated.

For teams, the Kiro autonomous agent is a shared resource that works alongside the entire team, building a collective understanding of your codebase, products, and standards. It connects to your team’s repos, pipelines, and tools, like Jira, GitHub, and Slack, to maintain context as work progresses, adapting to changes or updates. Every code review, ticket, and architectural decision informs the agent’s understanding, making it even more useful for the team over time.

AWS Security Agent: The frontier agent for more secure apps

Security teams face a dual challenge: they need to proactively identify risks throughout development, while also reacting quickly when issues emerge. Current tools often provide generic recommendations, and penetration testing takes so much time and resources that it can’t keep up with fast-moving development teams. What if security could deliver tailored guidance throughout the lifecycle and make comprehensive testing available on demand? AWS Security Agent helps you build applications that are secure from the start across AWS, multicloud, and hybrid environments.

The agent embeds deep security expertise throughout the development lifecycle, proactively reviewing design documents and scanning pull requests against organizational security requirements and common vulnerabilities. You define your organization's security standards once, and AWS Security Agent automatically validates them across your applications during its review—helping teams address the risks that matter to their business, not generic checklists.

The agent also transforms penetration testing from a slow, manual process into an on-demand capability, matching your team’s development velocity. Now you can expand penetration testing across your entire application portfolio. The agent returns validated findings with remediation code to fix the issues it finds, saving you invaluable time and resources. If you have multiple apps deploying at once, you can easily scale the number of AWS Security Agents to meet demand, so you never have to compromise between moving fast and maintaining security. By continually validating security from design to deployment, the agent helps prevent vulnerabilities early, so you can focus on what matters most.

SmugMug is a Software-as-a-Service platform for photographers to store, host, and share their images and videos. The company added AWS Security Agent to its automated security portfolio to help transform its security testing approach, enabling penetration test assessments that complete in hours rather than days at a fraction of manual testing costs.

"AWS Security Agent helped catch a business logic bug that no existing tools would have caught, exposing information improperly," said Andres Ruiz, staff software engineer at SmugMug. "To any other tool, this would have been invisible. But the ability for Security Agent to contextualize the information, parse the API response, and find the unexpected information there represents a leap forward in automated security testing. Existing tools today lack this capability, and likely only a human tester would have been able to catch this."

AWS DevOps Agent: The frontier agent for operational excellence

When an application goes down, everything stops. Customers lose access, teams lose time, and trust takes a hit. Modern distributed applications—with microservices, cloud dependencies, and telemetry spread across multiple tools—make it increasingly difficult to isolate issues and understand system behavior. Meanwhile, as services scale, operations can continue to eat up more of your time, reducing your ability to spend innovating and improving your application to provide the best experience for customers. What if operations could break this cycle and move from constant firefighting to continuous improvement? AWS DevOps Agent delivers fewer alerts and more sleep for your team through always-on incident triage, guided resolution, and recommendations for how to continuously improve the reliability and performance of your applications across AWS, multicloud, and hybrid environments.

AWS DevOps Agent is on call when incidents happen, instantly responding to issues and using its knowledge of your application and the relationship between components to find the root cause of the problem. It learns your resources and their relationships spanning everything from observability tools, like Amazon CloudWatch, Dynatrace, Datadog, New Relic, and Splunk, to runbooks, code repositories, and continuous integration and continuous delivery (CI/CD) pipelines. It maps your application resources and correlates telemetry, code, and deployment data to precisely pinpoint root causes and reduce mean time to resolution. Within Amazon, AWS DevOps Agent has handled thousands of escalations, with an estimated root cause identification rate of over 86%.

You can also move from reactive firefighting to proactive operational improvement by analyzing patterns across historical incidents with AWS DevOps Agent. It uses those learnings to provide targeted recommendations that strengthen four key areas: observability, infrastructure optimization, deployment pipeline enhancement, and application resilience. This approach accesses the untapped insights in your operational data and tools, helping teams improve recovery times and drive operational excellence across applications.

Commonwealth Bank of Australia is one of Australia's leading providers of integrated financial services serving over 17 million customers. The bank's Cloud Foundations group manages over 1,700 AWS accounts and provides centralized cloud operation services for thousands of engineers. While prototyping their next-generation internal cloud platform, the team replicated a complex network and identity management issue to test AWS DevOps Agent. These types of issues can take a seasoned DevOps engineer hours to identify, and the agent found the root cause in under 15 minutes.

"AWS DevOps Agent thinks and acts like a seasoned DevOps engineer, helping our engineers build a banking infrastructure that’s faster, more resilient, and designed to deliver better experiences for our customers," said Jason Sandery, head of cloud services at Commonwealth Bank of Australia. "This isn't just about faster resolution times—it's about maintaining the trust our customers put in us.”

Driving toward an agentic future

Together, Kiro autonomous agent, AWS Security Agent, and AWS DevOps Agent mark the beginning of a new era in software development. These frontier agents don't just make teams faster—they fundamentally redefine what's possible when AI works as an extension of your team, delivering outcomes autonomously across the software development lifecycle.

All of these agents are available today in preview. For more details about these agents, visit the following product pages and blogs: