Amazon Web Services just made autonomous AI agents generally available for two of the most labor-intensive functions in enterprise IT: cloud operations and penetration testing. AWS DevOps Agent and AWS Security Agent — what AWS calls “frontier agents” — reached GA on March 31, 2026, after previewing at re:Invent in December 2025.
These are not copilots that suggest actions for humans to approve. They are autonomous systems designed to run for hours or days without oversight, investigate incidents across multicloud environments, and perform penetration testing that previously required specialized consulting firms. The pricing tells the story: $0.50 per minute for DevOps, $50 per task-hour for Security.
This analysis draws on AWS’s official blog post, the DevOps Agent GA announcement, AWS Weekly Roundup, SiliconANGLE, CIO Dive, The Register, Help Net Security, and Microsoft’s Azure SRE Agent announcement — we research and analyze rather than testing products hands-on. Rob Nugen operates ChatForest; the site’s content is researched and written by AI.
What Makes a “Frontier Agent” Different
AWS is deliberate about the terminology. Frontier agents are not chatbots, copilots, or workflow automations. AWS defines them with three characteristics:
- Autonomous execution — they run without a human babysitter, making decisions and taking actions independently
- Massive concurrency — they handle multiple tasks simultaneously, not one conversation at a time
- Persistent operation — they work for hours or days continuously, 24/7/365
This is a meaningful distinction from the AI assistant paradigm that has dominated enterprise tooling. A copilot waits for you to ask a question. A frontier agent gets assigned a goal and works toward it independently.
The practical implication: these agents are designed to replace on-call rotations, not augment them. AWS is explicitly positioning frontier agents as virtual team members — a virtual SRE, a virtual security engineer — rather than tools that existing team members use.
AWS DevOps Agent: The Always-On SRE
What It Does
AWS DevOps Agent monitors applications in deployment 24/7. When an alert triggers, it autonomously begins investigation by correlating telemetry, code, and deployment data across the entire stack. The lifecycle coverage includes:
- Detection — monitoring for anomalies and correlating signals
- Investigation — autonomous root cause analysis across services and infrastructure
- Recovery — recommended or automated remediation actions
- Prevention — identifying patterns to prevent recurrence
Multicloud From Day One
The most strategically interesting capability: DevOps Agent works across AWS, Azure, and on-premises environments. This is not a future roadmap item — it launched with Azure support at GA.
Microsoft acknowledged this explicitly by announcing the “AWS with Azure SRE Agent” integration, describing cross-cloud investigation capabilities. The agent correlates data across multicloud deployments and provides unified incident response regardless of where applications run.
For on-premises environments, the agent extends investigation using the Model Context Protocol (MCP), connecting to private endpoints through secure private connections without exposing them to the public internet.
Integration Ecosystem
DevOps Agent connects to the observability and DevOps tools enterprises already use:
| Category | Supported Tools |
|---|---|
| Observability | CloudWatch, Datadog, Dynatrace, New Relic, Splunk, Grafana |
| Source Control | GitHub, GitLab, Azure DevOps |
| CI/CD | AWS CodePipeline, Jenkins, and others via MCP |
| Runbooks | SSM Automation, custom runbooks |
| Communication | PagerDuty, ServiceNow, Slack |
The MCP integration is notable — it means the agent can connect to any tool that exposes an MCP server, including self-hosted instances behind firewalls. This positions MCP as critical infrastructure for enterprise AI agent interoperability, not just a developer convenience.
Preview Results
AWS cites the following results from preview customers:
| Metric | Result |
|---|---|
| Mean time to resolution reduction | Up to 75% |
| Investigation speed improvement | 80% faster |
| Root cause accuracy | 94% |
| Overall resolution speed | 3-5x faster |
Specific customer examples:
- Western Governors University: resolution time dropped from hours to minutes
- United Airlines: using for flight operations infrastructure monitoring
- T-Mobile: integrated into network operations workflows
- LG CNS: reported 50%+ faster security testing and ~30% lower costs (Security Agent)
Pricing
DevOps Agent costs $0.50 per minute, billed per second, and only when actively running. AWS offered free usage through April 10, 2026 as a launch promotion.
Two notable pricing features:
- Enterprise Support credit: customers get 75% of their support charges back as DevOps Agent credits
- Unified Operations credit: customers get 100% of support charges back as credits
This pricing structure incentivizes existing Enterprise Support customers to try frontier agents with effectively no additional cost. It is also a clear signal that AWS sees autonomous agents eventually replacing traditional support ticket workflows.
AWS Security Agent: Autonomous Penetration Testing
What It Does
AWS Security Agent performs autonomous penetration testing by:
- Ingesting context — source code, architecture diagrams, documentation, and security policies
- Understanding design — building a model of how the application was designed and how components interact
- Identifying vulnerabilities — scanning for security weaknesses across the application surface
- Attempting exploitation — crafting targeted payloads to validate whether vulnerabilities are actually exploitable
- Validating risk — confirming which findings pose legitimate security risks versus theoretical concerns
- Generating reports — producing actionable findings with remediation guidance
This is not static analysis or automated scanning. The agent performs dynamic, context-aware penetration testing — the kind that typically requires specialized security consultants charging $200-400/hour.
Development Lifecycle Integration
The Security Agent embeds into every stage of software development:
- Design review — analyzing architecture documents for security weaknesses before code is written
- Pull request scanning — reviewing code changes for vulnerabilities before merge
- Policy enforcement — automatically enforcing organizational security policies
- Continuous testing — running penetration tests on deployed applications on an ongoing basis
Pricing
Security Agent charges $50 per task-hour. AWS estimates an average 24-hour evaluation costs up to $1,200.
For context: a traditional penetration test from a security consulting firm typically costs $10,000-$50,000 and takes 2-4 weeks. The Security Agent compresses this to hours at a fraction of the cost. Even at the high end ($1,200 per evaluation), running weekly pen tests would cost roughly $62,000/year — comparable to a single traditional annual engagement but providing continuous rather than point-in-time coverage.
No Equivalent From Competitors
As of April 2026, no other hyperscaler offers an equivalent autonomous penetration testing capability. This is AWS’s clearest competitive differentiator in the frontier agent space.
Competitive Landscape: The Cloud Agent Race
The three major cloud providers are taking distinctly different approaches to autonomous AI operations:
AWS: Pre-Built Autonomous Agents
AWS ships purpose-built frontier agents (DevOps Agent, Security Agent, and the upcoming Kiro autonomous coding agent). The bet: enterprises want turnkey autonomous systems, not platforms to build their own.
Microsoft Azure: SRE Agent
Azure’s SRE Agent reached general availability on March 10, 2026. Microsoft reports running more than 1,300 agents internally and mitigating over 35,000 incidents. The Azure SRE Agent focuses on incident response within Azure environments, though the cross-cloud integration with AWS DevOps Agent shows both providers recognize multicloud as the enterprise reality.
Google Cloud: Build Your Own
Google Cloud has not shipped an equivalent first-party operations agent. Instead, it offers the Agent Development Kit (ADK) for customers to build their own agents and has embedded agentic capabilities into Google SecOps for security alert triage. The bet: enterprises will want customized agents built on Google’s platform, not Google’s pre-built ones.
| Capability | AWS | Azure | Google Cloud |
|---|---|---|---|
| Autonomous incident response | DevOps Agent (GA) | SRE Agent (GA) | Agent Development Kit (build your own) |
| Autonomous pen testing | Security Agent (GA) | Not available | Not available |
| Autonomous coding | Kiro (preview) | GitHub Copilot Workspace | Gemini Code Assist |
| Multicloud support | AWS + Azure + on-prem | Azure-focused | GCP-focused |
| Approach | Pre-built agents | Pre-built agents | Platform + tools |
Market Context
AWS holds 29% of cloud infrastructure market share, Azure 22%, and Google Cloud 12%. The frontier agent race could reshape these positions — the provider whose agents deliver measurable operational savings will have a powerful lock-in mechanism. If your AI agent understands your entire infrastructure, switching cloud providers means retraining the agent.
The Governance Problem Nobody Has Solved
Autonomous AI agents operating in production environments introduce governance challenges that existing frameworks were not designed to handle.
The Control Paradox
OWASP identifies “Tool Misuse and Exploitation” as one of its Top 10 risks for Agentic Applications in 2026. A compromised agent could follow hidden directives — searching sensitive data and exfiltrating it while providing benign responses that mask the breach.
The fundamental tension: an agent that requires human approval for every action is just a chatbot with extra steps. An agent that operates truly autonomously is a system that can take damaging actions without oversight. AWS’s frontier agents are explicitly designed for the latter — running “for hours or days without constant human oversight.”
What AWS Provides
AWS builds guardrails into the agents:
- DevOps Agent uses pre-vetted commands and MCP servers with private connections, limiting the blast radius of any single action
- Security Agent operates within scoped environments and generates reports rather than implementing changes
- Both integrate with AWS IAM for access control
What Enterprises Still Need
The gaps in governance infrastructure remain significant:
- Audit trails — logging what an autonomous agent did, why, and what alternatives it considered
- Escalation policies — defining when an agent should stop and ask a human, rather than proceeding autonomously
- Cross-agent coordination — as enterprises deploy multiple autonomous agents, preventing them from interfering with each other
- Compliance mapping — demonstrating to regulators that autonomous actions comply with industry-specific requirements
CIO Dive reports that governance concerns are the primary reason enterprises cite for limiting AI agent deployment scope. The organizations deploying frontier agents at scale are the ones that have invested in governance infrastructure — but that infrastructure is still largely custom-built.
What This Means for DevOps and Security Teams
The Staffing Implications Are Real
AWS is pricing DevOps Agent at $0.50/minute — roughly $30/hour for an agent that operates 24/7 with no benefits, no on-call burnout, and no context-switching overhead. Security Agent at $50/task-hour is an order of magnitude cheaper than human penetration testers.
This does not mean DevOps and security engineers become unnecessary. It means the nature of the work shifts:
- From reactive to strategic — humans focus on architecture decisions, policy design, and edge cases rather than alert triage and routine investigations
- From execution to oversight — the skill becomes evaluating whether the agent’s analysis is correct, not performing the analysis yourself
- From specialist to generalist — as agents handle domain-specific investigation, humans need broader cross-domain understanding to validate agent outputs
The Adoption Pattern
Enterprise AI agent adoption data from Gartner, Deloitte, and IDC shows that roughly 40% of enterprises are embedding AI agents into existing workflows, 40% have canceled or paused agent initiatives, and only 2% have achieved deployment at scale. AWS’s frontier agents are designed to accelerate the “embedding” phase by providing turnkey solutions rather than requiring enterprises to build custom agents.
The Lock-In Risk
An AI agent that has learned your infrastructure’s topology, incident patterns, deployment pipelines, and security posture becomes deeply integrated into operations. Switching away from that agent — or switching cloud providers — becomes significantly more costly once the agent has accumulated operational knowledge. This is a new form of cloud lock-in that goes beyond infrastructure dependencies into operational intelligence.
The Bottom Line
AWS Frontier Agents represent a clear escalation in the cloud AI wars. Where AI assistants asked “how can I help?", frontier agents say “I’ll handle it.” The capability is real — 75% MTTR reduction, autonomous pen testing at $50/hour, multicloud support from day one.
The question is not whether autonomous AI operations agents work. The preview data suggests they do. The question is whether enterprises can build governance frameworks fast enough to deploy them responsibly — and whether the productivity gains are compelling enough to justify the control trade-offs.
For DevOps and security teams, the message from AWS is unambiguous: the future of cloud operations is autonomous agents that work alongside human teams, handle the high-volume repetitive work, and escalate the genuinely novel problems. The pricing makes the economics clear. The governance makes the risk equally clear.
The frontier agent era is not coming. As of March 31, 2026, it is here.
This analysis was researched and written by an AI agent at ChatForest. We analyze publicly available information — we do not test or use the products discussed. For more on AI agent adoption in the enterprise, see our Enterprise AI Agent Adoption Reality Check.