AWS unveils frontier agents that work for days without human intervention at re:Invent 2025

AWS announces new capabilities for its AI agent builder | TechCrunch

Amazon Web Services (AWS) is bulking up its AI agent platform, Amazon Bedrock AgentCore, to make building and monitoring AI agents easier for enterprises. AWS announced multiple new AgentCore features on Tuesday during the company's annual AWS re:Invent conference. The company announced new tools for managing AI agent boundaries, agent memory capabilities, and agent evaluation features. One upgrade is the introduction of Policy in AgentCore. This feature allows users to set boundaries for agent interactions using natural language. These boundaries integrate with AgentCore Gateway, which connects AI agents with outside tools, to automatically check each agent's action and stop those that violate written controls. Policy allows developers to set access controls to certain internal data or third-party applications like Salesforce or Slack. These boundaries can also include telling an AI agent they can automatically issue refunds up to $100 but must bring a human in the loop for anything larger, David Richardson, vice president of AgentCore, told TechCrunch. The company also announced AgentCore Evaluations, which is a suite of 13 pre-built evaluation systems for AI agents that monitor factors including correctness, safety, and tool selection accuracy, among others. This also allows developers to have a head start in building their own evaluation features as well. "That one is really going to help address the biggest fears that people have [with] deploying agents," Richardson said about the new evaluation capabilities. "[It's] a thing that a lot of people want to have but is tedious to build." AWS also announced that it's building a memory capability into the agent platform, AgentCore Memory. This feature allows agents to develop a log of information on users over time, like their flight time or hotel preferences, and use that information to inform future decisions. "Across these three things, we are continuing to iterate at the different layers at AgentCore," Richardson said. "Talking to existing systems with Policy, [making agents] more powerful with [AgentCore Memory], helping the development team iterate with an agent." While agents are the soup du jour of the AI industry right now, some people believe the technology won't last. But Richardson thinks that the tools AgentCore is developing can withstand the fast-moving market even as trends change -- which he expects they will. "Being able to take advantage of the reasoning capabilities of these models, which is coupled with being able to do real world things through tools, feels like a sustainable pattern," Richardson said. "The way that pattern works will definitely change. I think we feel ready for that." Follow along with all of TechCrunch's coverage of the annual enterprise tech event here.

Amazon says new DevOps agents need no babysitting - you can try them here

Amazon is entering a crowded market of vendors promising DevOps agents. During its re:Invent conference in Las Vegas on Tuesday, Amazon's AWS introduced three agentic AI technologies that the company says will tie together the tasks surrounding mere code writing, including checking code in and out of code libraries and watching for security breaches. The three agent offerings, dubbed frontier agents, are "a new class of AI agents that are autonomous, scalable, and work for hours or days without intervention," stated AWS in a press release. Also: AI agents see explosive growth on AWS Marketplace - over 40x the team's initial targets The offerings automate tasks in the code repository updates, tasks in DevOps, such as monitoring for application failure, and tasks in cybersecurity, such as analyzing code vulnerabilities. By performing ancillary tasks in and around code generation, the frontier agents are meant to relieve the burden placed on programmers when they have to manually monitor the input and output of AI coding tools. With coding tools, "you can find yourself acting as the human 'thread' that holds work together -- rebuilding context when switching tasks, manually coordinating cross-repository changes, and restitching information scattered across tickets, pull requests, and chat threads," stated AWS. In its announcement, Amazon emphasized that the frontier agents will work behind the scenes while a programmer is busy with other things. Learning from its own internal development teams, AWS said, the company realized it was important that "the team could switch from babysitting every small task to directing agents toward broad, goal-driven outcomes." Also: Enterprises are not prepared for a world of malicious AI agents AWS also emphasized the importance of "how many agentic tasks they could run at the same time" and that "the longer the agents could operate on their own, the better." The frontier agents "figure out" how to achieve a goal, "can perform multiple tasks at the same time," and "can operate for hours or days without requiring intervention," stated AWS. By taking on more tasks without direct oversight, AWS stated, the frontier agents will move "from assisting with individual tasks to completing complex projects autonomously like a member of your team." Amazon did not provide technical details on how the agents operate without oversight or explicit goals. The three frontier agents are: Also: AI aims to predict and fix developer coding errors before disaster strikes Developers can access the KIRO agent right now at its dedicated developer site. The Security Agent and DevOps Agent are both accessed through the AWS management console. With a raft of automations across the development life cycle, AWS is wading into a market crowded with companies that are extending agentic capabilities. Some of these companies have been prominent partners to AWS. The DevOps vendors such as Cisco's Splunk, Datadog, and Dynatrace have for years been making the case that their AI-driven automations will speed not only code writing but also testing, debugging, deployment, and monitoring, in an effort to find vulnerabilities before applications go into production. And code management pure-plays such as GitLab, which competes with Microsoft's GitHub, are rolling out agentic technologies to automatically reconcile code changes. AWS, in fact, has a partnership with GitLab, announced last quarter, to integrate GitLab's agent tools, called Duo Agent, into AWS's generative AI code-writing assistant, Q Developer. Also: Lost in translation? Amazon Q Developer now speaks more languages And cybersecurity firms such as Palo Alto Networks have staked out authentication of access to code as one of the responsibilities of a broad enterprise identity and authentication offering, along with automating security alerts for compromised code.

AWS joins Microsoft, Google in the security AI agent race

Preview tool promises quicker reviews and faster flaw-finding for cloud apps Re:Invent AI agents are key to launching applications more quickly - and making them more secure from the start, Amazon says. To that end, the cloud giant has rolled out AWS Security Agent in preview today at its annual re:Invent conference. It's free to use - with usage limits - during the public preview period, but there's no word yet from Amazon as to when it will be generally available. But unlike Google and Microsoft, AWS's approach to agentic AI for security-specific use cases seems a little more subdued with one agent - as opposed to tasking agents with all the security things. "AWS Security Agent is a single frontier agent that proactively secures your applications throughout the development lifecycle across all your environments," AWS Director of Applied Science Neha Rungta told The Register. Security teams define corporate requirements and standards, then the agent conducts automated reviews to ensure these are being met. It also does on-demand penetration testing customized to organizations' applications and reports any security risks. "The penetration testing agent creates a customized attack plan informed by the context it has learned from your security requirements, design documents, and source code, and dynamically adapts as it runs based on what it discovers, such as endpoints, status and error codes, and credentials," said Esra Kayabali, AWS senior solutions architect, in a blog shared with The Register ahead of publication. This task alone can shave weeks or even months off applications' security validation processes, according to Rungta. "Customers have told us that AWS Security Agent's on-demand penetration testing allows them to begin receiving results within hours compared to what would have taken weeks of scheduling and back-and-forth communication between teams," Rungta said. "Others have told us that AWS Security Agent's design time findings helped them save significant development time and effort," she added. "Fixing design time issues before any code is written is painless, whereas it would have been extraordinarily painful had it been flagged by the application security team three months later." AWS says that its Security Agent is more effective than static application security testing and dynamic application security testing tools because the agent is context-aware, meaning it understands the application's code and design, where it will run, and any company-specific security requirements. Users can upload artifacts to provide context about their application being tested, Rungta explained. Plus, customers can give the agent access to their GitHub repositories for additional context in penetration testing, "to post comments on pull requests, and to submit pull requests with remediations for penetration test findings," she added. Humans review these penetration test findings, along with all the design and code review, and can configure the security agent to either automatically submit pull requests with remediations based on these findings, or manually trigger pull requests after review. While Amazon already reportedly uses AI agents to proactively find security flaws and suggest fixes internally, it hasn't been as quick to roll out security-focused agents to customers as its cloud competitors. Microsoft is arguably furthest along in this process of task-specific agents and AI-infused security products with Redmond introducing 11 Security Copilot agents at a press event in March. In August, it touted an autonomous AI agent prototype, called Project Ire, that Microsoft claims can detect malware without human assistance. But in a real-world test of 4,000 "hard-target" files (these files weren't classified by automated systems and would otherwise be manually reviewed by human reverse engineers), the agent only detected 26 percent of all the malware. Meanwhile, Google is also developing its own security-minded AI agents including one that can triage security alerts by analyzing the context of each incident and give the humans in charge advice about which ones merit a response. Another one analyzes malware and determines the extent of the threat it poses. Last month, the Chocolate Factory said yet another AI agent-powered security tool called CodeMender, which automates patch creation, can identify the root cause of a vulnerability, then generate and review a working patch - but it still needs a human to sign off on the fix. ®

AWS unveils Frontier AI agents for software development

AWS Frontier agents work independently on specialized tasks, with the first three agents focused on autonomous coding, application security, and devops. Amazon Web Services has unveiled a new class of AI agents, called frontier agents, which the company said can work for hours or days without intervention. The first three agents are focused on software development tasks. The three agents announced December 2 include the Kiro autonomous agent, AWS Security Agent, and AWS Devops Agent, each focused on a different aspect of the software development life cycle. AWS said these agents represent a step-function change in what can be done with agents, moving from assisting with individual tasks to completing complex projects autonomously like a member of the user's team. The Kiro autonomous agent is a virtual developer that maintains context and learns over time while working independently, so users can focus on their biggest priorities. The AWS Security Agent serves as virtual security engineer that helps build secure applications by being a security consultant for app design, code reviews, and penetration testing. And the AWS DevOps Agent is a virtual operations team member that helps resolve and proactively prevent incidents while continuously improving an applications' reliability and performance, AWS said. All three agents are available in preview. The Kiro agent is a shared resource working alongside the entire team, building a collective understanding of the user's codebase, products, and standards. It connects to a team's repos, pipelines, and tools such as Jira and GitHub to maintain context as work progresses. Kiro previously was positioned as an agentic AI-driven IDE. The AWS Security Agent, meanwhile, helps build applications that are secure from the start across AWS, multi-cloud, and hybrid environments. AWS Devops Agent is on call when incidents happen, instantly responding to issues and usings its knowledge of an application and relationship between components to find the root cause of a problem with an application going down, according to AWS.

Amazon unveils 'frontier agents,' new chips and private 'AI factories' in AWS re:Invent rollout

LAS VEGAS -- Amazon is pitching a future where AI works while humans sleep, announcing a collection of what it calls "frontier agents" capable of handling complex, multi-day projects without needing a human to be constantly involved. The announcement Tuesday at the Amazon Web Services re:Invent conference is an attempt by the cloud giant to leapfrog Microsoft, Google, Salesforce, OpenAI, and others as the industry moves beyond interactive AI assistants toward fully autonomous digital workers. The rollout features three specialized agents: A virtual developer for Amazon's Kiro coding platform that navigates multiple code repositories to fix bugs; a security agent that actively tests applications for vulnerabilities; and a DevOps agent that responds to system outages. Unlike standard AI chatbots that reset after each session, Amazon says the frontier agents have long-term memory and can work for hours or days to solve ambiguous problems. "You could go to sleep and wake up in the morning, and it's completed a bunch of tasks," said Deepak Singh, AWS vice president of developer agents and experiences, in an interview. Amazon is starting with the agents focused on software development, but Singh made it clear that it's just the beginning of a larger long-term rollout of similar agents. "The term is broad," he said. "It can be applied in many, many domains." During the opening keynote Tuesday morning, AWS CEO Matt Garman said believes AI agents represent an "inflection point" in AI development, transforming AI from a "technical wonder" into something that delivers real business value. In the future, Garman said, "there's going to be millions of agents inside of every company across every imaginable field." To keep frontier agents from breaking critical systems, Amazon says humans remain the gatekeepers. The DevOps agent stops short of making fixes automatically, instead generating a detailed "mitigation plan" that an engineer approves. The Kiro developer agent submits its work as proposed pull requests, ensuring a human reviews the code before it's merged. Microsoft, Google, OpenAI, Anthropic and others are all moving in a similar direction. Microsoft's GitHub Copilot is becoming a multi-agent system, Google is adding autonomous features to Gemini, and Anthropic's Claude Code is designed to handle extended coding tasks. Amazon is announcing the frontier agents during the opening keynote by AWS CEO Matt Garman at re:Invent, its big annual conference. The DevOps and security agents are available in public preview starting Tuesday; the Kiro developer agent will roll out in the coming months. Some of the other notable announcements at re:Invent today: AI Factories: AWS will ship racks of its servers directly to customer data centers to run as a private "AI Factory," in its words. This matters for governments and banks, for example, that want modern AI tools but are legally restricted from moving sensitive data off-premises. New AI Models: Amazon announced Nova 2, the next generation of the generative AI models it first unveiled here a year ago. They include a "Pro" model for complex reasoning, a "Sonic" model for natural voice conversations, and a new "Omni" model that processes text, audio, and video simultaneously. Custom Models: Amazon introduced Nova Forge, a tool that lets companies build their own high-end AI models from scratch by combining their private data with Amazon's own datasets. It's designed for businesses that find standard models too generic but lack the resources to build one entirely alone. Trainium: Amazon released its newest home-grown AI processor, Trainium 3, which it says is roughly 4x faster and 40% more efficient than the previous version. It's central to Amazon's strategy to lower the cost of training AI and provide a cheaper alternative to Nvidia GPUs. Executives also previewed Trainium 4, promising to double energy efficiency again. Killing "Tech Debt": AWS expanded its Transform service to rewrite and modernize code from basically any source, including proprietary languages. The tool uses AI agents to analyze and convert these custom legacy systems into modern languages, a process Amazon claims is up to five times faster than manual coding. Stay tuned to GeekWire for more coverage from the event this week.

Amazon's new AI can code for days without human help. What does that mean for software engineers?

Amazon Web Services on Tuesday announced a new class of artificial intelligence systems called "frontier agents" that can work autonomously for hours or even days without human intervention, representing one of the most ambitious attempts yet to automate the full software development lifecycle. The announcement, made during AWS CEO Matt Garman's keynote address at the company's annual re:Invent conference, introduces three specialized AI agents designed to act as virtual team members: Kiro autonomous agent for software development, AWS Security Agent for application security, and AWS DevOps Agent for IT operations. The move signals Amazon's intent to leap ahead in the intensifying competition to build AI systems capable of performing complex, multi-step tasks that currently require teams of skilled engineers. "We see frontier agents as a completely new class of agents," said Deepak Singh, vice president of developer agents and experiences at Amazon, in an interview ahead of the announcement. "They're fundamentally designed to work for hours and days. You're not giving them a problem that you want finished in the next five minutes. You're giving them complex challenges that they may have to think about, try different solutions, and get to the right conclusion -- and they should do that without intervention." Why Amazon believes its new agents leave existing AI coding tools behind The frontier agents differ from existing AI coding assistants like GitHub Copilot or Amazon's own CodeWhisperer in several fundamental ways. Current AI coding tools, while powerful, require engineers to drive every interaction. Developers must write prompts, provide context, and manually coordinate work across different code repositories. When switching between tasks, the AI loses context and must start fresh. The new frontier agents, by contrast, maintain persistent memory across sessions and continuously learn from an organization's codebase, documentation, and team communications. They can independently determine which code repositories require changes, work on multiple files simultaneously, and coordinate complex transformations spanning dozens of microservices. "With a current agent, you would go microservice by microservice, making changes one at a time, and each change would be a different session with no shared context," Singh explained. "With a frontier agent, you say, 'I need to solve this broad problem.' You point it to the right application, and it decides which repos need changes." The agents exhibit three defining characteristics that AWS believes set them apart: autonomy in decision-making, the ability to scale by spawning multiple agents to work on different aspects of a problem simultaneously, and the capacity to operate independently for extended periods. "A frontier agent can decide to spin up 10 versions of itself, all working on different parts of the problem at once," Singh said. How each of the three frontier agents tackles a different phase of development Kiro autonomous agent serves as a virtual developer that maintains context across coding sessions and learns from an organization's pull requests, code reviews, and technical discussions. Teams can connect it to GitHub, Jira, Slack, and internal documentation systems. The agent then acts like a teammate, accepting task assignments and working independently until it either completes the work or requires human guidance. AWS Security Agent embeds security expertise throughout the development process, automatically reviewing design documents and scanning pull requests against organizational security requirements. Perhaps most significantly, it transforms penetration testing from a weeks-long manual process into an on-demand capability that completes in hours. SmugMug, a photo hosting platform, has already deployed the security agent. "AWS Security Agent helped catch a business logic bug that no existing tools would have caught, exposing information improperly," said Andres Ruiz, staff software engineer at the company. "To any other tool, this would have been invisible. But the ability for Security Agent to contextualize the information, parse the API response, and find the unexpected information there represents a leap forward in automated security testing." AWS DevOps Agent functions as an always-on operations team member, responding instantly to incidents and using its accumulated knowledge to identify root causes. It connects to observability tools including Amazon CloudWatch, Datadog, Dynatrace, New Relic, and Splunk, along with runbooks and deployment pipelines. Commonwealth Bank of Australia tested the DevOps agent by replicating a complex network and identity management issue that typically requires hours for experienced engineers to diagnose. The agent identified the root cause in under 15 minutes. "AWS DevOps Agent thinks and acts like a seasoned DevOps engineer, helping our engineers build a banking infrastructure that's faster, more resilient, and designed to deliver better experiences for our customers," said Jason Sandry, head of cloud services at Commonwealth Bank. Amazon makes its case against Google and Microsoft in the AI coding wars The announcement arrives amid a fierce battle among technology giants to dominate the emerging market for AI-powered development tools. Google has made significant noise in recent weeks with its own AI coding capabilities, while Microsoft continues to advance GitHub Copilot and its broader AI development toolkit. Singh argued that AWS holds distinct advantages rooted in the company's 20-year history operating cloud infrastructure and Amazon's own massive software engineering organization. "AWS has been the cloud of choice for 20 years, so we have two decades of knowledge building and running it, and working with customers who've been building and running applications on it," Singh said. "The learnings from operating AWS, the knowledge our customers have, the experience we've built using these tools ourselves every day to build real-world applications -- all of that is embodied in these frontier agents." He drew a distinction between tools suitable for prototypes versus production systems. "There's a lot of things out there that you can use to build your prototype or your toy application. But if you want to build production applications, there's a lot of knowledge that we bring in as AWS that apply here." The safeguards Amazon built to keep autonomous agents from going rogue The prospect of AI systems operating autonomously for days raises immediate questions about what happens when they go off track. Singh described multiple safeguards built into the system. All learnings accumulated by the agents are logged and visible, allowing engineers to understand what knowledge influences the agent's decisions. Teams can even remove specific learnings if they discover the agent has absorbed incorrect information from team communications. "You can go in and even redact that from its knowledge like, 'No, we don't want you to ever use this knowledge,'" Singh said. "You can look at the knowledge like it's almost -- it's like looking at your neurons inside your brain. You can disconnect some." Engineers can also monitor agent activity in real-time and intervene when necessary, either redirecting the agent or taking over entirely. Most critically, the agents never commit code directly to production systems. That responsibility remains with human engineers. "These agents are never going to check the code into production. That is still the human's responsibility," Singh emphasized. "You are still, as an engineer, responsible for the code you're checking in, whether it's generated by you or by an agent working autonomously." What frontier agents mean for the future of software engineering jobs The announcement inevitably raises concerns about the impact on software engineering jobs. Singh pushed back against the notion that frontier agents will replace developers, framing them instead as tools that amplify human capabilities. "Software engineering is craft. What's changing is not, 'Hey, agents are doing all the work.' The craft of software engineering is changing -- how you use agents, how do you set up your code base, how do you set up your prompts, how do you set up your rules, how do you set up your knowledge bases so that agents can be effective," he said. Singh noted that senior engineers who had drifted away from hands-on coding are now writing more code than ever. "It's actually easier for them to become software engineers," he said. He pointed to an internal example where a team completed a project in 78 days that would have taken 18 months using traditional practices. "Because they were able to use AI. And the thing that made it work was not just the fact that they were using AI, but how they organized and set up their practices of how they built that software were maximized around that." How Amazon plans to make AI-generated code more trustworthy over time Singh outlined several areas where frontier agents will evolve over the coming years. Multi-agent architectures, where systems of specialized agents coordinate to solve complex problems, represent a major frontier. So does the integration of formal verification techniques to increase confidence in AI-generated code. AWS recently introduced property-based testing in Kiro, which uses automated reasoning to extract testable properties from specifications and generate thousands of test scenarios automatically. "If you have a shopping cart application, every way an order can be canceled, and how it might be canceled, and the way refunds are handled in Germany versus the US -- if you're writing a unit test, maybe two, Germany and US, but now, because you have this property-based testing approach, your agent can create a scenario for every country you operate in and test all of them automatically for you," Singh explained. Building trust in autonomous systems remains the central challenge. "Right now you still require tons of human guardrails at every step to make sure that the right thing happens. And as we get better at these techniques, you will use less and less, and you'll be able to trust the agents a lot more," he said. Amazon's bigger bet on autonomous AI stretches far beyond writing code The frontier agents announcement arrived alongside a cascade of other news at re:Invent 2025. AWS kicked off the conference with major announcements on agentic AI capabilities, customer service innovations, and multicloud networking. Amazon expanded its Nova portfolio with four new models delivering industry-leading price-performance across reasoning, multimodal processing, conversational AI, code generation, and agentic tasks. Nova Forge pioneers "open training," giving organizations access to pre-trained model checkpoints and the ability to blend proprietary data with Amazon Nova-curated datasets. AWS also added 18 new open weight models to Amazon Bedrock, reinforcing its commitment to offering a broad selection of fully managed models from leading AI providers. The launch includes new models from Mistral AI, Google's Gemma 3, MiniMax's M2, NVIDIA's Nemotron, and OpenAI's GPT OSS Safeguard. On the infrastructure side, Amazon EC2 Trn3 UltraServers, powered by AWS's first 3nm AI chip, pack up to 144 Trainium3 chips into a single integrated system, delivering up to 4.4x more compute performance and 4x greater energy efficiency than the previous generation. AWS AI Factories provides enterprises and government organizations with dedicated AWS AI infrastructure deployed in their own data centers, combining NVIDIA GPUs, Trainium chips, AWS networking, and AI services like Amazon Bedrock and SageMaker AI. All three frontier agents launched in preview on Tuesday. Pricing will be announced when the services reach general availability. Singh made clear the company sees applications far beyond coding. "These are the first frontier agents we are releasing, and they're in the software development lifecycle," he said. "The problems and use cases for frontier agents -- these agents that are long running, capable of autonomy, thinking, always learning and improving -- can be applied to many, many domains." Amazon, after all, operates satellite networks, runs robotics warehouses, and manages one of the world's largest e-commerce platforms. If autonomous agents can learn to write code on their own, the company is betting they can eventually learn to do just about anything else.

AWS goes beyond prompt-level safety with automated reasoning in AgentCore

AWS is leveraging automated reasoning, which uses math-based verification, to build out new capabilities in its Amazon Bedrock AgentCore platform as the company digs deeper into the agentic AI ecosystem. Announced during its annual re: Invent conference in Las Vegas, AWS is adding three new capabilities to AgentCore: "policy," "evaluations" and "episodic memory." The new features aim to give enterprises more control over agent behavior and performance. AWS also revealed what it calls "a new class of agents," or "frontier agents," that are autonomous, scalable and independent. Swami Sivasubramanian, AWS VP for Agentic AI, told VentureBeat that many of AWS's new features represent a shift in who becomes a builder. "We are actually on the cusp of a major tectonic transformation with AI, but agentic AI is truly starting to transform what is the art of the possible, and it is going to make this one of the most truly transforming technologies," Sivasubramanian said. Policy agents The new policy capability helps enterprises reinforce guidelines even after the agent has already reasoned its response. AWS VP for AgentCore David Richardson told VentureBeat that the policy tool sits between the agent and the tools it calls, rather than being baked into the agent, as fine-tuning often is. The idea is to prevent an agent from violating enterprise rules and redirect it to re-evaluate its reasoning. Richardson gave the example of a customer service agent: A company would write a policy stating that the agent can grant a refund of up to $100, but for anything higher, the agent would need to bounce the customer to a human. He noted that it remains easy to subvert an agent's reasoning loop through, for instance, prompt injection or poisoned data, leading agents to ignore guardrails. "There are always these prompt injection attacks where people try to subvert the reasoning of the agent to get the agent to do things it shouldn't do," Richardson said. "That's why we implemented the policy outside of the agent, and it works using the automated reasoning capabilities that we've spent years building up to help customer define their capabilities." AWS unveiled Automated Reasoning Checks on Bedrock at last year's re: Invent. These use neurosymbolic AI, or math-based validation, to prove correctness. The tool applies mathematical proofs to models to confirm that it hasn't hallucinated. AWS has been leaning heavily into neurosymbolic AI and automated reasoning, pushing for enterprise-grade security and safety in ways that differ from other AI model providers. Episodic memories and evaluations The two other new updates to AgentCore, "evaluations" and "episodic memory," also give enterprises a better view of agent performance and give agents episodic memory. An enhancement of AgentCore memory, episodic memory refers to knowledge that agents tap into only occasionally, unlike longer-running preferences, which they have to refer back to constantly. Context window limits hamper some agents, so they sometimes forget information or conversations they haven't tapped into for a while. "The idea is to help capture information that a user really would wish the agent remembered when they came back," said Richardson. "For example, 'what is their preferred seat on an airplane for family trips?' Or 'what is the sort of price range they're looking for?'" Episodic memory differs from the previously shipped AgentCore memory because, instead of relying on maintaining short- and long-term memory, agents built on AgentCore can recall certain information based on triggers. This can eliminate the need for custom instructions. With AgentCore evaluations, organizations can use 13 pre-built evaluators or write their own. Developers can set alerts to warn them if agents begin to fail quality monitoring. Frontier agents But perhaps AWS's strongest push into enterprise agentic AI is the release of frontier agents, or fully automated and independent agents that the company says can act as teammates with little direction. The concept is similar, if not identical, to those of more asynchronous agents from competitors like Google and OpenAI. However, AWS seems to be releasing more than just autonomous coding agents. Sivasubramanian called them a "new class" of agents, "not only a step function change in what you can do today; they move from assisting with individual tasks to complex projects." The first is Kiro, an autonomous coding agent that has been in public preview since July. At the time, Kiro was billed as an alternative to vibe coding platforms like OpenAI's Codex or Windsurf. Similar to Codex and Google's myriad asynchronous coding agents, including Jules, Kiro can code, undertake reviews, fix bugs independently and determine the tasks it needs to accomplish. AWS security agent, meanwhile, embeds deep security expertise into applications from the start. The company said in a press release that users "define security standards once and AWS security agent automatically validates them across your applications during its review -- helping teams address the risks that matter to their business, not generic checklists." The AWS DevOps agent will help developers, especially those on call, proactively find system breaks or bugs. It can respond to incidents using its knowledge of the application or service. It also acknowledges the relationships between the application and the tools it taps, such as Amazon CloudWatch, Datadog and Splunk, to trace the root cause of the issue. Enterprises are interested in deploying agents and, eventually, bringing more autonomous agents into their workflows. And, while companies like AWS continue to bolster these agents with security and control, organizations are slowly figuring out how to connect them all.

'Why not?' At re:Invent, AWS answers with big step into frontier AI model reasoning and agentic services - SiliconANGLE

'Why not?' At re:Invent, AWS answers with big step into frontier AI model reasoning and agentic services Amazon Web Services Inc. envisions a world in which billions of AI agents will be working together. That will take a significant advance in frontier model reasoning, and the company made several major announcements today to make this dream a reality. "Why not?" is the cloud giant's central re:Invent conference tagline this week, and AWS built on the theme by announcing a major expansion of its Nova foundation model platform with the launch of Nova Forge, a "first-of-its-kind" service to train and build frontier AI models. Frontier model reasoning involves advanced problem-solving capabilities for cutting edge AI frameworks, moving from basic information retrieval to problem-solving and logical deduction. While models have advanced rapidly, getting them to comprehend and act while using proprietary data has been a challenge. Nova Forge is designed to address one of the biggest complaints among enterprises using AI. "Almost every customer I talk to wishes they could teach a model to understand their data," AWS Chief Executive Matt Garman (pictured) said in his keynote remarks on Tuesday. "Today you just don't have a frontier model that deeply understands your data and your domain." The new service will allow organizations to build optimized variants of Nova by blending proprietary data with Nova's frontier capabilities. The goal is a customized model that combines the knowledge and reasoning power of Nova's engine with a deeper understanding of each organization's specific business. "AI's ability to understand your company data is what delivers huge value," Garman said. "The wizardry comes when you can deeply integrate a model with your intellectual property." Garman noted that AWS already has several notable customers who have implemented Nova Forge. These include the online conversation platform Reddit Inc., which brought its own domain data into Forge's pretraining process. As Garman explained in an exclusive video conversation with SiliconANGLE prior to the conference, Reddit is using Nova to read context, reduce false positives and scale to millions of communities without increasing engineering complexity. In addition to Forge, Amazon's Nova platform is also being expanded with "Lite" and "Pro" reasoning models, along with "Sonic," a speech-to-speech model that can unify text and speech understanding to generate real-time, human-like conversational AI. A significant portion of Amazon's releases this week have involved new capabilities for AI agents. This is understandable, since "the next 80% to 90% of enterprise AI value will come from agents," as Garman told SiliconANGLE. The cloud giant announced Policy in Amazon Bedrock AgentCore, designed to actively block unauthorized actions through real-time, deterministic controls that operate outside of the agent code. By setting clear boundaries, organizations can clamp down on unauthorized data access, inappropriate interactions and system-level mistakes. "This is a little bit like raising a teenager," Garman told the re:Invent gathering. "You really want to be able to control specific actions with those tools." AWS also launched AgentCore Evaluations to gain visibility into agent behavior and results. The offering simplifies the complicated processes and infrastructure previously required to ensure agentic quality. Developers will also have the ability to write custom evaluators using preferred large language models and prompts. AWS is launching a new class of frontier agents, billed as an "extension" of an organization's software development team. The Kiro autonomous agent will maintain persistent context across sessions, learning from a developer's pull requests and feedback. Kiro will also independently figure out the best process for work completion, sharing changes so the user stays in control of what gets incorporated. "It runs alongside your workflow, maintaining context," Garman explained. "It actually learns how you like to work." Frontier agents were also unveiled today to incorporate security expertise throughout the development cycle, and to support DevOps functions such as correlating telemetry, code, and analyzing deployment data to pinpoint root causes of problems and reduce mean time to resolution. The company revealed that its use of DevOps Agent had resulted in an estimated root cause identification rate of over 86%. As is common with the opening keynote at AWS re:Invent, the company packed as many releases as it could into a two-and-a-half-hour window. As he was nearing the end of his remarks, Garman took it upon himself to deliver 25 additional announcements, mostly dealing with new instances and database enhancements, in 10 minutes, which may be something of a tech conference record. "The true value of AI has not yet been unlocked," Garman said. "It's turning from a technical wonder into something that delivers real value. Dive deep into the details and start inventing."

Exclusive: AWS CEO Matt Garman declares a new era: Agents are the new cloud - SiliconANGLE

Exclusive: AWS CEO Matt Garman declares a new era: Agents are the new cloud After 13 years covering Amazon Web Services Inc. up close -- including watching more than a decade of reinvention from the front row -- I've learned to feel when the ground is shifting. And this year, that feeling is unmistakable. AWS re:Invent 2025 opens with a charge in the air as more than 60,000 attendees descend on Las Vegas -- developers, founders, Fortune 100 chief information officers, national security leaders and hyperscale cloud architects. But as the headlines break, most people will still be left wondering what's really moving under the surface. That deeper story came through in my exclusive recent conversations in Seattle with AWS Chief Executive Matt Garman, Chief Marketing Officer Julie White and other senior AWS leaders. Combined with SiliconANGLE and theCUBE reporting and data from our wired community insiders, a clearer picture emerges: AWS is declaring the true arrival of agentic artificial intelligence -- and rebuilding the cloud from the silicon up. While most of the world remains fixated on generative AI, AWS is already moving past it in what it describes as a real, enterprise-oriented way -- not just buzzwords. Garman was blunt: "The next 80% to 90% of enterprise AI value will come from agents," he told me. These aren't chatbots or copilots. They are autonomous, long-running, massively scalable digital workers -- agents that operate for hours or days, learn organizational preferences and collaborate in swarms. This vision is anchored in a full-stack architecture: custom silicon, new model families, sovereign AI factories and an agent runtime built to eliminate the heavy lifting that has slowed enterprise adoption. AWS believes the agent era will be every bit as transformative as the cloud era was in 2006 -- and they're engineering for that scale today. One of the clearest signals of this shift is AWS' formal embrace of AI Factories, its new sovereign-scale infrastructure footprint -- a concept I've been talking about on theCUBE Pod for over a year. In those conversations, I argued that AI would evolve beyond traditional cloud regions and edge stacks into campus-scale, high-density AI systems purpose-built to turn enterprise data estates into continuous intelligence engines. Garman and AWS essentially validated that view, describing AI Factories as "highly opinionated AWS-managed AI systems" deployed directly inside customer data centers. These are not edge appliances or Outposts-style racks. They are full-blown AI campuses -- the same architectural pattern behind Project Rainier, the 500,000-Trainium2 build with Anthropic. As Garman put it: 'The campus is the new computer." For a select group of customers -- sovereign nations, defense agencies and hyperscale enterprises -- AI Factories deliver cloud-consistent services entirely on their own turf. Everyone else consumes the same architecture from AWS regions. It's exactly the industrialization trend I've been forecasting: AI isn't just a service anymore -- it's an infrastructure category, and AWS is now manufacturing it at global scale. Garman is also straight up about the addressable market for these massive builds. As he told me, "99.999% of customers will never purchase an AI factory." In my conversations with Fortune 100 CIOs and chief technology officers over the past year, this has been the recurring theme: Enterprises aren't struggling because they lack giant infrastructure -- they're struggling because they lack practical, production-ready paths to adopt AI at scale. The bottlenecks have been governance, identity, security, data quality, model drift and the sheer operational burden of stitching together immature tools. I've said repeatedly on theCUBE that the enterprise AI stall wasn't about GPU scarcity -- it was about plumbing scarcity. Garman's point reinforces that: The vast majority of enterprises don't need sovereign-scale clusters; what they need is cloud-delivered factory patterns that abstract away complexity and let them plug into hardened infrastructure without reinventing it. Only a very small cohort -- sovereign nations, U.S. government and sensitive agencies, and a handful of the largest global enterprises -- requires fully dedicated on-premises AI Factories. For everyone else, the "factory" shows up through regional AWS services, Trainium-powered clusters, Bedrock, Nova Forge and AgentCore. And that's exactly what enterprises have been asking for: the ability to access industrial-grade AI without industrial-grade buildouts. At the silicon layer, AWS has tightened its vertical integration. Trainium3 is now generally available, packaged as a two-rack "Ultra Server" that Garman called "the most powerful AI system available today." It's optimized for both training and for the increasingly heavy inference loads enterprises are putting into production. Garman was matter-of-fact about the impact: More than 50% of Bedrock tokens already run on Trainium -- a meaningful performance and cost moat for AWS. Then came the next reveal: Trainium4, preannounced with an expected an eightfold compute increase over Trainium3 and significantly higher memory bandwidth. Combining it with 3.8 gigawatts of new data-center power added over the past year, AWS is signaling that it intends to dominate the cost-performance race for frontier inference. On the edge-versus-cloud debate, Garman's view is decisive: Heavy intelligence centralizes to the cloud. The edge is compute- and power-constrained and best suited for lightweight inference (think wake-word detection on Alexa). The data breadth, model variety and power required for real capability live in the cloud. The emerging pattern, he says, looks like an application programming interface call to smarter, larger systems, not full frontier models at the edge. Silicon is only half the story. AWS also unveiled the Nova 2 model family -- Lite, Pro and higher-performing variants -- covering high-volume reasoning, real-time speech-to-speech and other demanding workloads. Early benchmarks, according to Garman, place them head-to-head with Claude 3.5, GPT-4.5 and Gemini Flash. The deeper breakthrough is Nova Forge, a system Garman described as the first true open-training pipeline for enterprise frontier models. Fine-tuning has been the ceiling for most enterprises. Forge blows past that limit by letting companies inject proprietary data early in the training process -- at checkpoints inside Nova -- performing co-training alongside Amazon's curated datasets. Customers insert their proprietary data, train within their own VPC, and can run the resulting model serverlessly on Bedrock -- without the model or customer data flowing back to the Nova team. The output is a private, frontier-grade model that deeply understands the company's data and never leaves their boundary. Garman's blunt view: "Generic tokens are useless unless they know your business." Reddit is already demonstrating the impact. By bringing its own domain data into Nova Forge's pretraining process -- w ithout additional fine-tuning -- Reddit achieved a kind of "social intuition" generic systems miss: It reads context, reduces false positives, flags real threats and scales to millions of communities without scaling engineering complexity. Banks, pharma giants and large manufacturers are lining up for the same capability. The economics are compelling: Instead of spending $50 million to $100 million to train a frontier model from scratch, enterprises can create a domain-specific frontier model for a small fraction of that -- and even distill smaller models from it. In short, Forge delivers frontier capability without frontier cost. If Nova Forge is the new model substrate, AgentCore is the new runtime. White explained that it solves the biggest enterprise blocker of the past year: Teams were spending months reinventing repetitive foundational systems -- identity, policy, security, memory, observability, drift detection -- just to make early agents safe and deployable. AgentCore is composable. Teams can mix and match secure compute, memory and Agent Observability, and pair them with models from Nova, Anthropic, OpenAI, Meta Platforms' Llama, Qwen or Google Gemini -- or open source -- without re-platforming. It's the identity-and-access-management moment for agents, moving from prototypes to production in regulated workflows and mission-critical operations. AWS' Kiro -- the integrated development environment and the command-line interface -- helped pioneer agentic development: not just code completion or "vibe coding," but directing agents to perform long-running tasks and collaborate as a swarm. At re:Invent, AWS introduced the Kiro Frontier Agent -- a long-running agent that works like a team of junior engineers operating overnight, with instructions and autonomy, and the ability to scale out. With substrate and runtime in place, AWS introduced Frontier Agents -- long-running, autonomous agents that can work for hours or weeks, scale both up and out, and learn team preferences over time. Beyond engineering, the first wave includes cloud operations, security and penetration-testing agents -- systems that triage incidents, probe defenses and enforce policy in production. "Three to six months in," Garman told me, "these agents behave like part of your team. They know your naming conventions, your repos, your patterns." The constraint is no longer developer hours -- it's imagination and prioritization. Stepping back, the pieces form AWS' most coherent AI platform strategy yet. The flow works like this: Infrastructure → silicon → models → custom frontier training → agent runtime → frontier agents → enterprise workflows This is not a bundle of features. It is a systematic rearchitecture of the cloud for a world where billions of agents operate across industries. AWS is leaning heavily into capital spending: silicon, power, networking, sovereign footprints and global supply chain scale. This is a multiyear expansion cycle, not a bubble. If you cover this industry long enough, you learn that bubbles form when capital chases stories, not systems. What's happening now is the opposite. The spend is going into power, silicon, networking ,intelligent interconnections, sovereign large scale computing footprints, fast-emerging smart AI edge factories and full-stack platforms that unlock measurable productivity. This massive innovation wave is rooted in infrastructure, not narratives, and the companies leaning in understand that AI is no longer optional -- it's a societal revolution that can yield competitive advantage with compounding returns. On talk of an "AI bubble," Garman shrugs. Customers buy where ROI shows up in the P&L. With 3.8 gigawatts of new data-center power landed in the past year and demand "across the stack," he's betting enterprise value -- not hype -- sustains the buildout. In 2006, AWS changed the world by abstracting servers and letting developers build without friction. Today's shift is analogous -- only larger. With AI Factories, Trainium, Nova Forge, AgentCore, Kiro and Frontier Agents, AWS is rebuilding the cloud around agentic systems that can learn, reason and act. While other outlets will chase this week's headlines, our reporting makes one thing clear: AWS is not chasing the AI trend. It is industrializing it.

AWS puts AI agents to work on truly autonomous software development - SiliconANGLE

AWS puts AI agents to work on truly autonomous software development Amazon Web Services Inc. is using its annual AWS re:Invent 2025 extravaganza this week in Las Vegas to show how it's putting artificial intelligence agents to work in enterprise environments. The cloud giant is moving on from the days of passive generative AI chatbots, building highly autonomous and massively scalable digital workers that can collaborate with humans and each other, and work under their own steam, potentially for days on end, with only minimal supervision. At the core of this vision is Amazon's full-stack architecture, including its powerful new Nova large language models, its custom Trainium3 AI processors and an agentic runtime that eliminates all of the hassles of getting agents up and running and ensuring they're secure. In an exclusive interview with SiliconANGLE, AWS Chief Executive Matt Garman said autonomous agents are the company's top priority in terms of AI development. "The next 80% to 90% of enterprise AI value will come from agents," he said. Amazon's agentic push will be led by a newer, more sophisticated class of AI agents that it calls "frontier agents," which promise to deliver a "step-function change" in what digital workers can achieve. Rather than just assisting human workers like today's AI coding assistants, for example, they can undertake complex projects independently, in the same way as people do. The company is kicking things off with three new frontier agents - Kiro, AWS Security Agent and AWS DevOps Agent, each one focused on a different aspect of the software development lifecycle. While AI coding tools have already performed miracles in terms of accelerating productivity, they have also created a lot of friction for human developers. These days, many coders find themselves having to act as the thread that holds multiple AI agents together, constantly rebuilding context when switching tasks, manually coordinating cross-repository changes and stitching together information from different tickets, pull requests and chats so they can properly guide them. In effect, it means developers have become coding agent overseers, but that prevents them from focusing on more creative priorities, which was the whole point of AI automation in the first place. With Kiro, AWS is helping developers eliminate this fraction and ensure that agentic processes keep moving along nicely without constant human oversight. As a truly autonomous agent, Kiro is uniquely able to maintain persistent context across sessions and will continuously learn from, and remember, pull requests and human feedback, so it gets better over time. It's able to handle multiple tasks at once, ranging from triaging bugs to improving code coverage, across multiple code repositories. Users can ask it questions, describe the task they want it to do in natural language, or just tell it to work through the tasks in their GitHub backlog, and it will do so all by itself, figuring out what it needs to do without any human input, Amazon said. Changes will be shared as proposed edits and pull requests, ensuring the developer maintains overall control. While Kiro handles the grunt work, the AWS Security Agent is all about oversight, proactively identifying risks and taking steps to mitigate them once an issue has been identified. Whereas existing security agents only provide generic recommendations, AWS Security Agent offers tailored guidance throughout the software development lifecycle and can perform comprehensive testing at any stage. The agent works by proactively reviewing design documents, scanning pull requests and comparing these with organizational security rules and its list of common vulnerabilities. All the user has to do is define their security standards once, and the agent will automatically validate them across every application that's hosted on AWS. In addition, it can also perform penetration testing on demand so security issues don't hold back development velocity, Amazon said. It validates any problems it finds and then generates remediations to fix those issues, before applying them once developers give it the go ahead to do so. The final piece of the puzzle, AWS DevOps Agent works to maintain the underlying infrastructure that distributed applications depend on - monitoring microservices, cloud dependencies and telemetry to gain a comprehensive understanding of its behavior. The company said AWS DevOps Agent will be on call 24/7, ensuring it's ready to respond instantly the moment any incidents occur. It draws on its knowledge of the customer's applications and its relationship with the various infrastructure components to identify the root cause of any system failure or performance issues quickly, employing observability tools such as Amazon CloudWatch, Dynatrace, Datadog, New Relic and Splunk. By mapping each application's resources with its telemetry, code, and deployment data, it can rapidly pinpoint root causes and accelerate resolution times, while delivering fewer false alerts, Amazon said. With AWS DevOps Agent, teams can also move away from reactive firefighting and became much more proactive, using it to analyze the cause of historical incidents and prevent them from recurring. By learning from these experiences, it can offer targeted recommendations to enhance observability, infrastructure optimization, deployment pipeline enhancement and application resilience, the company promised. Garman said all three frontier agents can be set up once and then be left to work for weeks on end, scaling up or out as required. As they do this, they will learn each customer's preferences over time, improving their performance the more they're used. "Three to six months in," Garman said, "these agents behave like part of your team. They know your naming conventions, your repos, your patterns." Over time, Amazon expects these frontier agents to help organizations shift to an "agentic culture" where AI is no longer just an assistant, but an extension of their human teams. Ultimately, it sees its frontier agents delivering outcomes autonomously throughout every step of the development lifecycle, transforming how software is built, secured and operated.