Skip to main content
Logo
Overview

AWS Frontier Agents GA: What They Actually Do

NomadLab NomadLab
April 17, 2026
11 min read
aws
devops
security
incident-response
penetration-testing
ai-agents
cloud-operations

Two Agents, One Big Bet

On March 31, AWS quietly flipped the switch on something that’s been brewing since re:Invent 2025: Frontier Agents. Two of them went GA — DevOps Agent for autonomous incident resolution, and Security Agent for on-demand penetration testing.

If you’ve been doing this long enough, you’ve seen AWS announce “autonomous” things before that turned out to be glorified runbook executors. So I was skeptical. But after digging into what these agents actually do, talking to folks who used them in preview, and looking at the pricing model — I think this one’s different. Not “replace your SRE team” different, but “change how your on-call rotation works at 3 AM” different.

Here’s what you need to know.

What Are AWS Frontier Agents?

“Frontier Agents” is AWS’s branding for a new category of autonomous AI agents that operate across your cloud infrastructure. They’re not copilots that suggest things and wait for you to click approve. They take action. Investigate problems. Run attack scenarios. Generate findings.

Right now, the family has two members:

  • DevOps Agent — watches your infrastructure, investigates incidents autonomously, and can resolve them without waking anyone up.
  • Security Agent — runs penetration tests against your web applications and APIs on demand, like hiring a pen tester who never sleeps and doesn’t charge $30K per engagement.

Both work across AWS, multi-cloud, and on-prem environments. That last part surprised me — AWS building something that explicitly supports non-AWS infrastructure is a notable shift.

DevOps Agent: Your 3 AM Incident Responder

Here’s the scenario every SRE knows: CloudWatch alarm fires at 3:12 AM. You blearily open your laptop. Spend 20 minutes figuring out which service is actually broken. Another 15 minutes correlating logs, metrics, and recent deployments. Then 10 more minutes figuring out the fix. The actual resolution takes 2 minutes.

DevOps Agent attacks that first 45 minutes.

How It Actually Works

When an incident triggers — via CloudWatch alarm, PagerDuty alert, Dynatrace problem, ServiceNow ticket, or a webhook from basically any monitoring tool — DevOps Agent starts investigating immediately. No human prompt needed.

It does this by building a model of your application architecture and relationships, then:

  1. Correlates telemetry data across your observability stack
  2. Pulls recent deployment history from your CI/CD pipeline
  3. Reads your runbooks and documentation
  4. Generates hypotheses about root cause
  5. Tests those hypotheses against your actual data
  6. Either resolves the issue or presents its findings to your team

The key word there is “hypotheses.” It’s not pattern-matching against a fixed decision tree. It’s reasoning through the problem the way a senior SRE would, except it can query every data source simultaneously.

The Numbers That Matter

Preview customers reported some eye-catching metrics:

  • 75% lower MTTR compared to manual investigation
  • 80% faster investigations from alert to root cause
  • 94% root cause accuracy — meaning it correctly identified the actual problem 94% of the time
  • 3-5x faster resolution end to end

Western Governors University said their resolution time dropped from hours to minutes. United Airlines and T-Mobile also participated in the preview.

I’d take the exact percentages with a grain of salt — preview customers tend to be well-prepared teams with clean observability setups. Your mileage will vary depending on how messy your monitoring is. But even cutting investigation time in half would be transformative for most on-call rotations.

What It Doesn’t Replace

This is important: DevOps Agent doesn’t replace your incident management platform. PagerDuty, Datadog On-Call, Opsgenie — those still handle on-call scheduling, escalation policies, stakeholder communication, and incident lifecycle management.

In fact, the GA release added native PagerDuty integration. DevOps Agent consumes PagerDuty alerts as a data source. Think of it as a specialist investigator that plugs into your existing incident workflow, not a replacement for the workflow itself.

You still need humans for:

  • Architectural decisions during incidents
  • Cross-team coordination
  • Customer communication
  • Deciding whether to roll back vs. roll forward
  • Anything that requires judgment beyond the technical

Security Agent: Pen Testing Without the $30K Invoice

Traditional penetration testing has a timing problem. You hire an external firm, schedule the engagement weeks in advance, wait for the report, then fix vulnerabilities that might have been there for months. By the time you ship the fix, you’ve probably introduced three new ones.

AWS Security Agent makes pen testing something you can run on every release. Or every Tuesday. Or continuously.

How Testing Works

You brief Security Agent the same way you’d brief a human pen tester: target URLs, authentication details, threat model, relevant documentation, and source code access. The agent then:

  • Maps your application’s attack surface
  • Tests against the full OWASP Top 10 — SQL injection, XSS, SSRF, the works
  • Goes beyond checklist testing to find business logic flaws, IDOR vulnerabilities, privilege escalation paths, and chained attack sequences
  • Validates every finding by actually exploiting it, so you don’t waste time on false positives

This matters more than you’d think. One of the biggest complaints about automated security scanning (SAST/DAST tools) is the avalanche of false positives. Security Agent claims to verify vulnerabilities through actual exploitation, which should cut the noise significantly. LG CNS reported “significantly fewer false positives” during preview.

What It Covers

The scope is broader than I expected:

  • OWASP Top 10: SQL injection, XSS, broken authentication, security misconfiguration, etc.
  • Business logic flaws: things like price manipulation, workflow bypass, race conditions
  • Chained attacks: multi-step exploitation paths that automated scanners typically miss
  • CVE exploitation: testing for known vulnerabilities in your dependencies
  • IDOR and privilege escalation: the kind of access control bugs that are notoriously hard to catch with static analysis
  • Code review: analyzes pull requests in GitHub for security issues and policy violations

It’s not going to replace a skilled red team doing physical social engineering. But for application-layer security testing, the coverage is substantial.

Real-World Cost Comparison

The pricing comparison is where this gets hard to ignore. Traditional pen testing engagement pricing:

  • Small application: $15,000-$25,000 per engagement
  • Medium complexity: $25,000-$50,000 per engagement
  • Enterprise-scale: $50,000+ per engagement
  • Frequency: once or twice per year, if you’re lucky

AWS Security Agent pricing:

  • $50.00 per task-hour, billed per second
  • A typical comprehensive test runs around 24 task-hours: $1,200
  • A focused test might take 3-4 hours: $150-$200
  • Run it weekly if you want

So you could run a pen test every single week for a year and still spend less than a single traditional engagement. That math is hard to argue with.

LG CNS estimated over 50% faster testing and roughly 30% lower costs compared to their previous approach. Some AWS customers reported saving 70-90% on pen testing costs overall.

New AWS customers get a 2-month free trial with up to 200 task-hours per month. That’s a lot of free pen testing.

Pricing Breakdown

Money talk — because this is where AWS products often trip people up.

DevOps Agent

  • $0.0083 per agent-second — roughly $29.88 per hour
  • Billed per second, no upfront commitment
  • Preview participants get a 2-month free trial after GA
  • Enterprise Support customers get 75% of their support charges back as DevOps Agent credits
  • Unified Operations customers get 100% back as credits

That last bullet is clever. If you’re already paying for Enterprise Support (which starts at $15,000/month), AWS is essentially making DevOps Agent free — or close to it — for your existing support spend. It incentivizes adoption while making the effective cost zero for large enterprises.

For smaller teams, $30/hour sounds reasonable until you think about how it adds up. If DevOps Agent is investigating incidents 4 hours per day on average, that’s about $3,600/month. Compare that to the cost of an on-call engineer’s time, and it’s probably a bargain. But watch your bill — agent-seconds add up the same way Lambda invocations do.

Security Agent

  • $50.00 per task-hour, billed per second
  • Free tier for new AWS customers
  • 2-month trial: up to 200 task-hours/month

$50/hour for pen testing is dirt cheap compared to human pen testers, who typically bill $200-$400/hour. The question is whether the agent’s findings are as thorough as a skilled human. Early reports suggest they’re not quite at expert-human level for exotic attack chains, but they catch the vast majority of common and medium-complexity vulnerabilities consistently.

Available Regions

Both agents launched in six regions:

  • US East (N. Virginia)
  • US West (Oregon)
  • Europe (Frankfurt)
  • Europe (Ireland)
  • Asia Pacific (Sydney)
  • Asia Pacific (Tokyo)

If your infrastructure lives outside these regions, you’ll need to wait. No word yet on expansion timeline, though AWS typically rolls out to additional regions within 3-6 months of GA.

How This Compares to What’s Already Out There

DevOps Agent vs. Existing Incident Response Tools

The competitive landscape isn’t as clear-cut as “DevOps Agent vs. PagerDuty” because they serve different layers.

PagerDuty has its own AI capabilities — SRE Agent, Scribe Agent, Insights Agent — but they’re more about reducing toil around investigation context, meeting notes, and stakeholder updates. PagerDuty’s AI enhances the incident management workflow. DevOps Agent handles the deep technical investigation.

Datadog offers AI-assisted incident management within its observability platform. The advantage is tight integration with Datadog’s metrics, logs, and traces. The disadvantage is vendor lock-in within Datadog’s ecosystem.

DevOps Agent’s differentiator is that it works across observability tools. It can pull data from CloudWatch, Datadog, Dynatrace, Prometheus, and others simultaneously. If you’re running a multi-tool observability setup (and who isn’t?), that cross-platform correlation is genuinely useful.

Security Agent vs. Traditional Pen Testing and DAST Tools

Burp Suite / OWASP ZAP: excellent for manual pen testing, but require skilled operators. Security Agent automates the operator.

Snyk / Checkmarx / Veracode: SAST/DAST tools that find code-level vulnerabilities but struggle with business logic flaws and chained exploits. Security Agent goes deeper.

Traditional pen testing firms: more thorough for exotic attack scenarios and social engineering, but 10-50x more expensive and available maybe twice a year.

Security Agent sits in a sweet spot: more thorough than automated scanners, more frequent than manual pen tests, and cheaper than both at scale. It won’t find every vulnerability a top-tier red team would find, but it’ll catch 90% of what matters on every release instead of 99% of what matters once a year.

Should Your Team Adopt This?

Alright, decision time. Here’s my framework for thinking about it.

DevOps Agent Makes Sense If…

  • Your MTTR is measured in hours, not minutes
  • You have decent observability data (CloudWatch, Datadog, Prometheus) but your team spends most incident time correlating across sources
  • Your on-call rotation is burning people out
  • You’re already paying for AWS Enterprise Support (because the credits make it nearly free)
  • You run workloads across multiple clouds or hybrid environments

DevOps Agent Can Wait If…

  • You have a small, well-documented infrastructure where incidents are rare
  • Your observability setup is a mess — garbage in, garbage out applies here
  • You don’t have clear runbooks or documentation for the agent to learn from
  • Your incident process problems are organizational, not technical

Security Agent Makes Sense If…

  • You’re doing pen testing less than quarterly
  • Your current security scanning produces too many false positives to be useful
  • You want security testing integrated into your CI/CD pipeline
  • You’re spending $50K+ annually on external pen testing
  • You have web applications handling sensitive data where OWASP Top 10 coverage matters

Security Agent Can Wait If…

  • You already have a mature AppSec program with regular pen testing
  • Your applications are purely internal with minimal attack surface
  • You need testing for things beyond web apps and APIs (network-level, IoT, etc.)

The Bigger Picture

What’s actually interesting about Frontier Agents isn’t the individual capabilities — it’s the direction. AWS is betting that autonomous agents operating on your infrastructure is the next computing paradigm after serverless. These two agents are the opening move.

The “frontier” branding isn’t accidental either. AWS is positioning these agents at the boundary of what AI can do autonomously in production environments. They’re explicitly designed to take action, not just advise.

I expect we’ll see more Frontier Agents covering other operational domains — cost optimization, compliance auditing, maybe capacity planning. The Kiro autonomous agent (also announced at re:Invent) hasn’t gotten a GA date yet but would extend this into software development itself.

For now, if you’re an AWS shop with a growing infrastructure and a team that’s stretched thin, DevOps Agent is worth a serious look. The free trial and Enterprise Support credits make the risk of trying it basically zero. Security Agent is an even easier call — run a pen test, compare the findings to what your existing tools catch, and decide from there.

One thing to try this week: spin up DevOps Agent in a non-production account, point it at a staging environment, and deliberately break something. Watch how it investigates. That’ll tell you more than any blog post — including this one.