AWS says AI agents lack business context and security, launches two services to patch the gaps

At the AWS Summit in New York, Amazon's cloud division unveiled several services designed to make AI agents production-ready. They include a security service for code vulnerabilities and a knowledge graph that gives agents the business context they need.

The announcements centered on two new services. AWS Continuum tackles security vulnerabilities in code. AWS Context serves as a shared knowledge base for agents.

Both address typical bottlenecks when deploying AI agents in production. Agents lack business context, and security risks can't keep up with the pace of AI-generated code.

With AWS Continuum, AWS is launching a service that covers the full lifecycle of code vulnerabilities, from detection and prioritization to validation and recommended fixes. The service is initially available only to select pilot customers.

AWS points to specialized security models like Anthropic's Claude Mythos as the driving force, writing in its security blog that such models can spot vulnerabilities and map out attack paths faster than defenders can respond. Traditional approaches built around data collection, storage, and dashboards weren't designed for that kind of speed, and the backlog of unresolved issues keeps piling up.

Continuum takes the existing list of open vulnerabilities and also scans for new ones on its own. Then it ranks findings based on business context. Is the affected component even reachable? Is it actively used in production?

During validation, the service tries to replicate a successful attack in an isolated test environment to separate false positives from real risks. Only then does it suggest specific countermeasures like a modified network config, an adjusted permission setting, or a code patch.

Continuum picks different frontier models depending on the task. The service can increasingly automate how code vulnerabilities are handled, but it starts in a learning mode that requires human sign-off. As confidence builds, teams can switch it to an enforcement mode where it applies defined fixes on its own. A companion threat modeling tool automatically generates overviews of possible attack scenarios from design documents or source code.

AWS Context automatically builds a knowledge graph from existing enterprise data and makes it available to every agent across an organization. A knowledge graph links individual data points into a network of relationships.

That lets an agent figure out which table belongs to which customer or which source is authoritative for a specific piece of information. The service derives these relationships from databases, documents, emails, and chat messages, then layers in business rules and domain knowledge. Without this layer, agents would too often give confident but wrong recommendations, AWS argues.

Context is built on the same knowledge graph foundation as Amazon's AI assistant Quick. Metadata from connected sources is stored in AWS storage in an open table format, so customers can keep using their existing tools. There's no need to set up a separate pipeline to pull in data.

Built-in access controls make sure agents can only reach information they've been cleared for. With each query, the service learns which sources deliver reliable results. That means later agents benefit from earlier ones.

During a test phase, the AWS DevOps Agent is gaining two new features aimed at the growing volume of AI-generated code. In a Release Readiness Review, the agent checks every code change against production requirements and looks for dependencies that could cause problems across repository boundaries. Teams can define the underlying standards in plain language.

Findings show up as comments in GitHub or GitLab and can be accessed from the development environment through a plugin for Kiro or Claude Code. A second feature derives a test plan from the specific change and runs it in a production-like environment rather than relying on a static test suite. The preview is initially available for free in the US East region.

The new testing layer comes after a string of incidents where autonomous code changes at AWS itself caused problems. In February, reports emerged that Amazon's AI coding tools were allegedly involved in at least two AWS outages. One was a 13-hour outage after Kiro decided to delete and rebuild an environment. Shortly after, Amazon put an internal policy in place requiring experienced engineers to approve all AI-generated code.

AWS is bringing its coding agent Kiro to smartphones as a native iOS app. Sessions still run in a cloud environment. The phone serves as a control interface to start tasks, review code changes, and approve them. Identity, model settings, and connected repositories sync across the IDE, web, and mobile device. Only paying customers get access.

Bedrock AgentCore, AWS's platform for production-ready agent operations, is getting a managed knowledge base with connectors to S3, SharePoint, Confluence, and Google Drive, plus built-in web search. Through integration with in-house security filters, agent actions can be checked for manipulative prompts, malicious content, and data leaks. Down the line, signals from third-party security providers like Check Point, Zscaler, Rubrik, Netskope, and SentinelOne will be folded in as well.