
Elevate Security & Operations to Proactive Defense with AWS Frontier Agents
This page has been translated by machine translation. View original
For organizations where IT and DevOps teams constantly face the challenge of troubleshooting or firefighting immediate issues.
The content within this session will walk through proactive problem-solving methods using AI Agents that help manage Security and Operations systems to prevent problems before they occur.
Shifting from "Reactive" to "Proactive" Problem-Solving
What many organizations expect from system management is not having to sit and fix problems after the system has already been damaged.
Working reactively often causes organizations to lose time, costs, and customer trust when an Incident occurs.
Therefore, AWS has developed proactive working tools to prevent problems before they happen, and this is the origin of the technology called AWS Frontier Agents.
Introducing the Members: AWS Frontier Agents
Currently, AWS has launched 3 main Agents under Frontier Agents,
which divide their responsibilities according to specific areas of expertise, as follows:
1. Amazon Security Agent: Acts as a Security Engineer that reviews code (written by AI or humans) to find vulnerabilities, audit, and conduct Penetration Testing without waiting to fix problems afterward.
2. Amazon DevOps Agent: Acts as a System Engineer that monitors production systems, investigates Root Cause when an Incident occurs, and manages fixes to restore normal system operation.
3. Kiro Autonomous Agent: Acts as a Developer that reads requirements, plans architecture, writes code, creates new features, fixes bugs, and automatically submits Pull Requests on our behalf.
All 3 of these are designed as Agentic AI that can work in continuous coordination, with humans serving only to "approve and set direction."
Key Features: Amazon Security & DevOps Agent
How does Amazon Security Agent transform the way work is done?
- Design Review: Previously, Developers had to submit documents to the Security team for review, which took days. Now, simply upload to the Agent and the system will evaluate against the organization's Policy in just 3 minutes.
- Code Review: When a Developer submits a Pull Request to GitHub, the system will immediately analyze for vulnerabilities and suggest the correct code (you can configure the Agent to fix code automatically, or users can review it themselves).
- Penetration Testing (Pentest): Previously, outsourcing a Pentest took 3 weeks and cost as much as $25,000 - $50,000. Now, the Agent can run a Simulate Attack and generate a Report within a matter of "hours."
How does Amazon DevOps Agent transform the way work is done?
- Monitoring Tools: Team members no longer need to manually browse through Logs. The system connects to Monitoring Tools, then automatically pulls Logs, analyzes for Root Cause, and summarizes solutions on the Console.
- Prompt: You can instruct the Agent directly, such as "create a summary Dashboard of issues for executives with color-coding," and the Agent will handle it immediately.

Use Case: Auto X (Ngern Chai Yo) under SCBX Group
As a financial organization providing loan and insurance services, the system is large and complex (over 50,000 million baht in customer assets, more than 10 million Transactions/day) with over 100 Worker Nodes and more than 1,700 Microservices, requiring 24-hour availability, making it extremely challenging to identify root causes and resolve problems.
There was a case where a database system Microservice restarted itself more than 20 times within 15 minutes. The team used Datadog for Monitoring and sent an Alert to Amazon DevOps Agent, with the system operating as follows:
- The Agent immediately analyzed the Root Cause and explained that it was caused by a Memory Limit set at 2GB, which was insufficient for usage.
- It recommended increasing to 3-4GB, not as a guess, but based on analysis of the system's 7-day usage history.
- It also suggested that the team open a case with PingCAP (owner of TiDB) to verify whether it was a system bug, even though the team had not provided any information about PingCAP to the system in advance.
- The team could also instruct the Agent to immediately create a summary Dashboard for executives, including ordering Customization (such as color-coding) to make the Report easier to read and Incidents more clearly visible.

Results from Real-World Usage (Production Environment)
- Reduced investigation time by up to 80%
- Average time to resolve issues decreased from 42 minutes to just 8 minutes
- Able to close complex cases within 4 minutes (compared to what previously could take 2-3 days)
- Identifies issues and finds correlations up to 8.5 times faster
- Saves team working time of 50 - 70 hours per month (equivalent to reclaiming 9-10 working days)
Key Takeaways
1. Security Agent (security aspect) - Can complete Pentest within hours, and accurately inspects code every time a PR (Pull Request) is made.
2. DevOps Agent (system operations and development aspect) - Can automatically triage and assess issues, helping reduce system recovery time.
3. Works Everywhere - Works across all environments, whether AWS, Hybrid systems, Multicloud, and On-premises server systems.
Because in today's era, "speed without security brings risk." Adopting AWS Frontier Agents is therefore a key enabler that allows organizations to be both secure and grow as rapidly as possible.


