Inside AWS Security Agent: A multi-agent architecture for automated penetration testing
Security Blog
This article details AWS Security Agent's multi-agent architecture for automated penetration testing using frontier AI agents.
- Frontier agents perform complex reasoning, multi-step planning, and autonomous execution for hours or days
- Multi-agent collaboration tackles complex security workflows requiring diverse expertise and specialized roles
- System includes intelligent authentication, baseline scanning, and multi-phased exploration phases
- Specialized swarm agents execute tasks for specific risk types with comprehensive penetration testing toolkits
- Assertion-based validation techniques rigorously verify findings to prevent false positives
- Achieves 92.5% attack success rate on CVE Bench v2.0 with grader feedback; 80% without
- Hybrid depth-first and breadth-first approach balances vulnerability coverage within compute budgets
- AWS Security Agent now available in public preview
The architecture demonstrates how specialized agents collaborating on vulnerability detection, exploit validation, and CVSS scoring deliver comprehensive, context-aware security testing.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Feb 25
2026
2026
AWS Security Agent adds support for penetration tests on shared VPCs across AWS accounts
Mar 31
2026
2026
AWS Security Agent on-demand penetration testing now generally available
Mar 31
2026
2026
AWS Security Agent on-demand penetration testing is now generally available
Mar 19
2026
2026
AWS Security Agent now supports downloading penetration testing reports
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.