Page overview
Key takeaways
- AWS Continuum for code vulnerabilities is a new AI-native security service that continuously discovers, prioritizes, validates, and remediates security risks.
- AWS Context provides a comprehensive knowledge graph so customers can build agents that know where to get the information they need, provide the right answer or take the right next step, faster.
- New capabilities across Amazon Quick, Kiro, AWS DevOps Agent, AWS Transform, and Amazon Bedrock AgentCore expand what customers can do with agents.
Today at AWS Summit New York, I shared insights into how agents are being put to work effectively and how they create momentum across global organizations. I also showed the new innovations that are helping you get there, including AWS Continuum, a new AI-native security service, and AWS Context, a knowledge graph that gives agents access to the context they need to do their best work, along with new innovations across Amazon Quick, Kiro, AWS DevOps Agent, AWS Transform, and Amazon Bedrock AgentCore.
Over the last six months, there has been a seismic shift as companies have started to move from talking about agents to putting them to work. Agents are building apps, securing systems, answering complex customer questions, and making decisions autonomously.
One of the remarkable things about agents is the more you use them, the more you get done. More interactions give agents more context. More context leads to better outcomes. Those better outcomes increase how much you trust them. The more trust you have, the more work you hand off to them. That compounding momentum widens the gap between companies that embrace AI and those who do not. While every business has unique challenges and obstacles to overcome, the innovations we launched today are aimed at helping you more effectively put agents to work and accelerate how you solve problems.
We’ve been thinking a lot about where the security world is going and the role that agents play in responding to the threats companies face. In an agentic world, telemetry, context, reasoning, and actions are the new pillars to build around. Over the last few months, we’ve seen specialized security models like Claude Mythos emerge, validating our perspective. The use of these models by attackers and defenders has greatly accelerated the ability to find and exploit vulnerabilities. This new reality means that you must stay ahead of the threats you face at machine speed, using agents to speed up their response by constantly processing information and taking action.
To help you keep pace in this new threat environment, we announced AWS Continuum for code vulnerabilities, which addresses the full lifecycle of managing code vulnerabilities at machine speed. It continuously discovers vulnerabilities, validates which are genuinely exploitable, prioritizes by business context, and helps you remediate them across the full stack within guardrails you define.
It’s designed to be model agnostic, using the advantages of different models where they perform best and will integrate new models as they emerge. At every stage, you have full visibility into what Continuum is doing, why it suggested a specific action, and what would happen if that action was rolled back. Every decision is explainable, every action is auditable, and every outcome feeds back into the system to improve the next cycle. We are also launching Continuum threat modeling, which automatically generates comprehensive threat models from design documents or source code and outputs results in an industry-standard format.
Learn more: Introducing AWS Continuum: security at machine speed.
AWS Context is a new service that automatically builds a knowledge graph from your existing data that can be used by your agents. It infers the relationships between your data assets, business rules, and domain knowledge, and makes all of it available to every agent in your organization to help them get to the right answer.
Context is what makes your agent’s tenth decision better than its first. With the right context, your agent can see the latest interactions you’ve had with a customer in your CRM and recommend the best follow up. Without context, the agent is more likely to confidently give you recommendations that are wrong. Businesses have access to all kinds of data, from information stored in databases to Slack messages, documents, and emails. For an agent to make that information useful, it needs to understand how to navigate the information. This means understanding what tables exist, what’s stored in different columns, which sources are the most authoritative, and how they relate to each other. When agents have unified context across all this customer data, regardless of where it lives or what form it takes, they can be exponentially more effective in how they do their jobs.
Built on the same knowledge graph technology that powers Amazon Quick, AWS Context is an agentic search layer for an organization’s data that you can connect to all your agents. It has built-in governance to ensure agents can only access the information they’re supposed to access. With all the metadata from your data sources stored in Iceberg format in S3 Tables, you can build against AWS Context with the tools you already use. No infrastructure to provision. No retrieval pipeline to build.
As agents interact with AWS Context, it learns which sources produce correct results, which paths get used, and which business rules matter, improving over time. Every agent can then improve based on the findings of a single query. For example, a customer support agent triaging an issue with a customer order may need to pull up a customer’s purchase history, shipping status, and return eligibility across multiple different sources. The next time a customer support agent faces a similar issue, it will know exactly where to go, reducing time spent searching to get to a resolution faster.
Amazon Quick is the AI assistant built for the way you actually work, with enterprise security your company will actually approve. Other vendors have AI assistants that are locked into an application and can’t work across all the systems you need; we call these “walled gardens”. Or, they have AI assistants with little concern for security and data sharing, that we call “wild gardens.” With Quick, you don’t have to make these trade-offs.
And, with the launch of Quick’s new autonomous agents, you can create agents that work in the background with specific expertise, tone, and access to tools. You can create a finance agent to process orders as they come in, or a sales agent monitoring interactions across your CRM, emails, and Slacks to proactively draft follow-ups, flag risks, or recommend next steps. And, with no coding required, Quick agents are accessible to anyone.
We are also releasing a new activity feed that is tailored to how you work. It consolidates email, messaging, calendar, and tasks into a single prioritized view, learns which messages you always answer fast, which threads you skip, and what topics drive your week. Additionally, while Quick already connects to your most-used apps, we’re launching 16 new, built-in integrations with companies like Adobe, Moody’s, and Snowflake to help you work more effectively.
The momentum companies are seeing around software development is astounding. Dhan, a unicorn fintech startup from India, was able to use Kiro, our software development agent, to build a new charting platform with a single engineer in only 8 weeks, when they originally estimated it would take a dozen people 12 to 24 months to complete. Having a large team of developers is no longer a bottleneck to your next great idea, but having access to the right tools no matter where you are, can be.
That’s why we announced that Kiro is now available on iOS devices. Now you can kick off a new project, monitor progress, steer an agent, or interact with your Kiro session directly from your phone. With Kiro on mobile, agents don’t just live in your laptop anymore. They can now run in an always-on cloud session that works whether you’re at your desk or not. You can now kick off a new feature development project on the subway, review code between meetings, or approve changes while out at lunch. When you return to their laptop, you’re exactly where the agent left off. It’s the same session with the same context, so you can get right back to work. While you can access Kiro more easily than ever, everything still runs securely in your cloud environment. Full mobility. Zero compromises.
Learn more: Kiro Is Now Available as a Native iOS App.
While you can create code faster than ever now with agents like Kiro, you only start to benefit from that code when you move it to production. Your coding agents may make you ten times more productive only for your pipeline to not have adapted to the new pace you can operate at. Pull requests left waiting. Tests running sequentially. Failures surfacing in production. Fixing this requires moving tasks, tests, and problem-solving earlier in the cycle.
Last year, we launched AWS DevOps Agent, our always-available operations teammate that spans operations. Now we're expanding what it can do to help you with your release management process, so you can ship code faster. AWS DevOps Agent now supports you from release readiness review to testing, ensuring your pipeline can match your development speed.
Now whether you’re building with Kiro or Claude Code, the moment you generate code, you can trigger release readiness reviews directly where you code. For example, a developer working on a project that is part of a larger application changes the name of a parameter to make it clearer. While the update seems small in isolation and local tests show that everything is fine, the update could lead to a breaking change once it interacts with the rest of the application. Because the developer is using DevOps Agent, it discovers the impact of the code before it’s pushed live, sends the developer a summary of the issue, and a recommended fix. Once your code is ready, put in a pull request to enter the pipeline or deploy to a sandbox, then run release testing to fix any bugs. With release testing, AWS DevOps Agent generates and runs change-specific test plans for applications in environments you’ve provisioned, catching regressions, UX issues, and integration failures before they reach production.
Once you start moving code into production faster than ever, a new challenge emerges. How do you keep all this software up to date? The truth is that as soon as you deploy code, it starts to age. Dependencies drift. Frameworks get deprecated. Before you know it, your tech debt has piled up.
AWS Transform is our agentic AI service designed to support large-scale modernizations. It has already eliminated over 1.6 million hours of manual effort for customers like BMW Group, Experian, and more. Up until now, Transform has been something you run. You point it at a problem, it helps you fix it, and you move on. But, with the speed that agents write new code, you need an agent that continuously keeps your code up to date and well-documented.
That's why we’ve launched AWS Transform—continuous modernization, an autonomous, always-on software portfolio management and modernization capability. While your agents write new code, AWS Transform works behind them, finding the debt, fixing it, validating the fix, and learning from every transformation to make the next one better. It plugs into your existing pipeline tools, like CodePipeline, Jenkins, GitHub Actions, and GitLab, fitting into your workflows seamlessly. With AWS Transform—continuous modernization, every software package remains current in a continuous cycle, so tech debt never gets the chance to become a risk.
AWS is building for a future where there are billions of agents in operation. As customers work toward that future, one thing is clear: building an agent is simple, but getting it to production can be complex. That’s why we built Bedrock AgentCore, our platform for when you want to move agents from proofs of concept to production.
Our approach is clearly resonating with customers. In the past 6 months, the number of tasks performed by agents on AgentCore has grown by 15x. The PGA Tour is writing tournament coverage 10x faster. And Nasdaq, Visa, and Experian are scaling agents throughout their enterprises.
We've made tremendous progress on making AgentCore the best way for you to build production-ready agents, and we announced several improvements to make it even easier to get started faster, connect to the right data, keep them secure, and continuously improve them.
The updates include:
- Amazon Bedrock Managed Knowledge Base: This is a fully managed knowledge base that handles the ingestion, parsing and retrieval for your RAG/knowledge bases. Now you can ground agents in their latest organizational knowledge with just a few clicks. It features built-in tools for data ingestion, native connectors to popular data sources such as S3, Sharepoint, Confluence and Google Drive, and an agentic retriever for complex queries to help your agent deliver the best answer on top of their unstructured data. Managed knowledge base easily plugs into AWS Context as it enables AWS Context to do agentic search across all structured, unstructured and domain data
- Web Search on AgentCore: Ground agents with current, accurate web information using the same battle-tested web search powering Quick, Kiro, and Alexa+. As a fully managed tool for agents, Web Search returns re-ranked, current web results operating natively within your AWS environment, so your data and queries never leave AWS.
- New AgentCore optimization capabilities: Turn production traces into continuous improvements. Now you can see failure, intent, and trajectory insights across hundreds of agent sessions, allowing you to understand what your agents are doing and ways to improve how they operate. We’re also announcing the general availability of recommendations and A/B testing to help you test changes to your agent to improve their performance or fix issues.
- New AgentCore policy integrations: To help you operate agents securely, we’ve now integrated Amazon Bedrock Guardrails into AgentCore, allowing you to evaluate every agent action for prompt injection attempts, harmful content, and sensitive data exposure. Additionally, coming soon, customers will be able to feed detection signals from leading security providers, including Check Point, Zscaler, Rubrik, Netskope, and SentinelOne, to further enhance their security.
- AgentCore harness now generally available: Go from idea to working agent in minutes. With AgentCore harness, you simply declare what your agent does (the model it uses, the tools it calls, and instructions to follow) and AgentCore handles the rest. Under the hood, AgentCore does the hard work for you. It assembles the orchestration loop, tool execution, memory management, context handling, and error recovery.
We also announced that Southwest Airlines is partnering with AWS as its preferred cloud provider to modernize its technology foundation and apply AI to transform how the airline operates and serves customers.
As part of the partnership, Southwest will transition from a largely on-premises environment to a cloud-based, AI- and agent-enabled architecture on AWS by 2028—building a foundation for greater speed, flexibility, and reliability across the business.
More than 2,700 Southwest developers are using Kiro, AWS's agentic coding service, to build features, automate testing, and generate cloud infrastructure to modernize Southwest.com. Southwest is also adopting an AI-Driven Development Lifecycle (AI-DLC) approach, where AI agents help move development forward while engineering teams guide and validate outcomes. As Southwest continues to modernize its footprint on AWS, they are expanding AI-and agent-based capabilities across the business by adopting new tools like Amazon Quick.
Trending news and stories
- 9 awesome original shows to watch on Amazon Kids+, the award-winning subscription service for kids
- 'All or Nothing: Manchester United' documentary coming to Prime Video in 2027
- Prime Day 2026: The biggest deals to add to your wish list
- Amazon strengthens its investment in Missouri to bring new community programs, new jobs, and hundreds of millions in tax revenue
