Amazon Web Services Inc. today announced the immediate availability of two potential transformation tools: AWS DevOps Agent and AWS Security Agent.
They are designed to act as “always-on” teammates that can be paired with DevOps and security teams, the company says, allowing humans to focus on proactive optimization rather than reactive problem solving. Both new agents are focused on security.
AWS DevOps Agent is an intelligent operations assistant programmed to investigate, resolve, and potentially prevent incidents that disrupt applications running in cloud and on-premises environments. While traditional application monitoring tools can only alert humans to problems that occur, DevOps agents are designed to act like experienced site reliability engineers, said Madhu Balaji, AWS senior specialist solutions architect.
The DevOp agent’s primary role is to monitor the deployed application 24/7, waiting for signs of discrepancies that might indicate a problem. When an alert is triggered, we automatically begin investigating what happened by correlating telemetry, code, and deployment data to uncover the cause.
The agent also enables “proactive prevention” by analyzing past incident patterns and providing targeted recommendations that can strengthen system resiliency and prevent repeated outages. Previously available in preview for AWS environments, we’ve added support for Microsoft Azure and on-premises systems via the Model Context Protocol, allowing you to provide a unified view of your applications no matter where your team is.
As always, AWS rolled out a number of early adopters to demonstrate the effectiveness of new services. Among them is restaurant technology platform Zenchef SAS, which says it used AWS DevOps Agent during a hackathon to identify identity access management misconfigurations within 30 minutes. Addressing this issue itself allowed Zenchef’s engineers to stay focused on what they were building.
automated penetration testing
AWS Security Agent is more proactive and allows enterprises to deploy continuous penetration testing across their entire application portfolio. Penetration testing, as it is known, involves simulating a cyber-attack on a system to identify where there may be vulnerabilities. Traditionally, this work has always been performed by human experts and is prohibitively expensive. As a result, even large enterprises have traditionally only been able to perform penetration tests on their most critical applications, perhaps once a year, perhaps 10% of the time.
AWS wants businesses to be able to penetration test all of their applications at any time, and AWS Security Agent is designed to do just that. Unlike traditional vulnerability scanners, it doesn’t just look for potential vulnerabilities, it tries to validate those threats by trying multiple complex attacks to see if they can penetrate the system and cause damage.
AWS Product Manager Ayush Singh explained in a blog post that the agent works by indexing each app’s source code and application programming interface specifications to understand flaws in the business logic that other tools might miss. When we find a vulnerability and find a way to exploit it, we automatically create a pull request in your app’s git repository and suggest code fixes to fix the problem. This can reduce vulnerability remediation workflows from weeks to just hours, Singh said.
Balaji said the new agent is not intended to replace DevOps teams or site reliability engineers, but simply to make their jobs easier. He explained that when a security incident occurs, human engineers are under tremendous pressure to figure out what went wrong and fix it as quickly as possible, because every second of downtime means a company loses thousands of dollars in revenue.
For companies that provide critical services to the public, software down is not an option. The agent is intended to reduce the likelihood of such incidents occurring and make it easier for human teams to manage software operations and security at scale, he said.
Both agents are available starting today in AWS US East, US West, Europe (Frankfurt/Ireland), and Asia Pacific (Sydney/Tokyo) Regions. It will initially be free to all customers, but that probably won’t last long. AWS said it will start charging for AWS DevOps Agent on April 10th, but has not said anything about when it plans to start charging for Security Agent.
Image: SiliconANGLE/Gemini
Support our mission of keeping content open and free by joining the theCUBE community. Join theCUBE’s Alumni Trust Networka place where technology leaders connect, share intelligence, and create opportunities.
- over 15 million viewers of theCUBE videospowering conversations across AI, cloud, cybersecurity, and more
- 11.4k+ theCUBE Alumni — Connect with over 11,400 technology and business leaders who are shaping the future through our trusted, unique network.
About SiliconANGLE Media
Founded by technology visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach more than 15 million elite technology professionals. Our new, proprietary theCUBE AI Video Cloud leverages theCUBEai.com neural networks to deliver breakthrough advances in audience interaction, helping technology companies make data-driven decisions and stay at the forefront of industry conversations.
