Skip to main content
HashnodeLeast PrivilegeLeast Privilege

Command Palette

Search for a command to run...

AWS Security Agent: Pentesting and Threat Modeling On Demand

What it actually does, what it costs, and whether it's worth setting up for your repos

Updated
8 min readView as Markdown
M
Mario Gongora
Cloud Security Architect | 12+ yrs in cybersecurity, hands-on with AWS since 2016. IAM · SIEM/SOAR · DevSecOps · Governance. Securing multi-account AWS across Latin America. Sharing real-world patterns with the AWS security community.

Last Saturday I was reading about AWS Security Agent. I'd seen it announced at re:Invent but never touched it. Three hours later I had a threat model running against one of my private repos, watching it analyze components and data flows in real time.

Nine minutes in, still running. That's when I realized this thing actually reads your code.

What AWS Security Agent Is

It's an AI agent that does four things across your development lifecycle:

  1. Design Review: you upload architecture docs, it tells you where your design violates security requirements
  2. Threat Modeling: you point it at code and/or design docs, it builds a full STRIDE threat model
  3. Code Review: scans repos or analyzes PRs automatically, posts findings as comments
  4. Penetration Testing: attacks your running application with multi-step exploit chains

The first three are in preview and free. Pentesting is GA at $50/task-hour.

Setting It Up for GitHub Repos

The setup is straightforward. Private repos work perfectly, and honestly that's the main use case.

  1. Go to the Security Agent console
  2. Create an Agent Space (one per application)
  3. Add integration → GitHub → Install and authorize the GitHub App
  4. Select which repos to give it access to (all or specific ones)
  5. Enable code review for specific repos
  6. Optionally enable automated remediation (PRs with fixes)

One thing: don't close your browser during the OAuth flow. If it interrupts, you have to uninstall the GitHub App and start over. I learned this from the docs, not from experience. Thankfully.

Security Requirements Packs

Before running anything, enable at least one requirements pack. These define what the agent checks against.

Pack What it covers
ASA Base Pack Authentication, authorization, data protection, logging, input validation
AWS Well-Architected Security pillar guidance
NIST CSF Cybersecurity framework controls
PCI DSS Cardholder data standards

The ASA Base Pack is the starting point for most projects. You can also create custom packs with your own rules, or use a managed requirement as a template and edit it.

Threat Modeling

This is the capability I spent the most time on. You give it two types of input:

  • Scope docs: design documents, API specs, architecture docs (PDF, MD, DOCX, images)
  • Sources: your actual code from connected repos

You can use either or both. Scope docs tell it what to focus on. Code gives it implementation reality. Together they produce a more accurate model than either alone.

Here's what I found useful: if you already maintain a CLAUDE.md or any project doc that describes your architecture, components, entry points, and deployment modes, that works perfectly as a scope doc. It has exactly what the agent needs: structure, data flows, service connections.

The output is a system overview (architecture, components, trust boundaries, data flows) plus a list of threats classified by STRIDE, each with severity and recommendations.

My first run took about 12 minutes. That's normal. It's not a surface scan. It's reading code, classifying components, building a mental model of your system, then thinking about how to attack it.

Code Review on PRs

Once enabled, every PR you open gets analyzed automatically. Findings show up as PR comments in the same place you review code.

For full repo scans, you start them from the web app. These take longer depending on repo size, but produce a comprehensive list of vulnerabilities with line-specific fixes. Full repository code scanning is now in preview at no additional charge. Source can be a connected GitHub, GitLab, or Bitbucket repo, or an S3 bucket if your code lives outside a supported Git platform.

The agent can generate PRs with code fixes for what it finds. For private repos this is fully enabled. For public repos, automated remediation is disabled to avoid exposing vulnerabilities publicly.

IDE Integration

AWS Security Agent integrates with Kiro natively, with Claude Code via plugin, and with any AI-powered IDE through an open MCP integration.

That means you can run a threat model or a code review from inside your editor and get results without switching to the web console.

For Kiro, install the AWS Security Agent Power from the Kiro marketplace. It bundles the MCP server, steering instructions, and hooks automatically. For Claude Code, install the plugin and add the MCP server to your .mcp.json.

Either way, the MCP server runs via uvx, so you need Python and uv installed locally. If you prefer not to install them, the MCP server also has a Docker option.

Pentesting

This is not a DAST scanner throwing payloads at URLs. You give it context:

  • Target URLs (public or private via VPC)
  • Authentication credentials (via Secrets Manager or Lambda)
  • Source code for context
  • Documentation about your app

With that context, it builds custom attack plans. It validates each finding with a real exploit, so fewer false positives. It documents reproduction steps and can generate fix PRs.

The pricing model: $50/task-hour, billed per second. But task-hours are cumulative across parallel agents. A test that takes you a few hours to wait through bills more because multiple agents work simultaneously.

AWS publishes three reference examples:

App complexity You wait Task-hours billed You pay
Simple API ~1 hour 3.46 ~$173
E-commerce app ~4 hours 24 ~$1,200
Enterprise SaaS ~9.5 hours 31.26 ~$1,563

There is no flat fee per test. Actual cost depends on complexity, endpoints, authentication mechanisms, and depth of testing.

The 2-month free trial gives you 400 task-hours/month. That is enough to run several real tests and understand what this costs before committing.

What's Free, What's Not

Capability Cost
Design Review Free (preview), 200/month
Code Review Free (preview), 1,000/month
Threat Modeling Free (preview)
Pentesting $50/task-hour (GA)

Post-preview pricing for the first three isn't published yet. Use them now while they're free.

Platform Support and Workarounds

Native integrations cover GitHub (including GitHub Enterprise), GitLab (SaaS and self-managed), Bitbucket, and Confluence. Full repo scans also accept S3 as a source. If your code lives in any of those, the full feature set works out of the box.

Azure DevOps is the gap. There is no native integration. But you are not completely blocked.

If your team uses Azure DevOps, you have two paths:

Through the IDE. The open MCP integration lets you trigger threat models and code reviews from Kiro, Claude Code, or any AI-powered IDE that supports MCP, without a repo connection. You point it at your local code and run the analysis from there.

Through document upload. Design review and threat modeling do not require a connected repo. You can upload architecture docs, API specs, or any markdown or PDF that describes your system. For teams that maintain architecture documentation, this is often enough to get a useful threat model.

The PR-level code review and automated remediation require a native integration. For Azure DevOps, those are not available yet.

CLI and Automation

AWS Security Agent has a full CLI under aws securityagent. You can trigger code reviews, start pentest jobs, list findings, and manage agent spaces without touching the console.

# Start a code review job
aws securityagent start-code-review-job --code-review-id <id>

# Start a pentest
aws securityagent start-pentest-job --pentest-id <id>

# List findings
aws securityagent list-findings --agent-space-id <id>

AWS does not offer a native CI/CD integration, but the CLI is the building block for it. You can script a pentest trigger at the end of a deploy pipeline, pull findings via list-findings, and fail the build on critical results. It is not a one-click setup, but it is possible with standard shell scripting.

My Take

Most teams do not have a dedicated AppSec function. Security is one person wearing several hats, or a cloud architect trying to hold the line while developers keep shipping.

For those teams, this changes something concrete. You do not need to build a threat modeling practice from scratch. You do not need to train developers on secure code before they can get useful feedback. You connect a repo and it starts contributing to your security posture the same day.

For teams that already have AppSec capacity, it is not a replacement. It is an amplifier. Your security engineers stop spending time on the repetitive findings and start spending time on what the agent cannot do: context, judgment, and the hard conversations.

Enable code review on your repos while it is free. Run one threat model on the application you are most concerned about. The free trial is long enough to find out where it fits.

Most teams do not lack the intention to build security into development. They lack the time and the knowledge to start. This removes both.

AWS Security Agent is part of AWS Continuum, a broader platform for prioritizing and remediating vulnerabilities at scale. Available in us-east-1, us-west-2, eu-west-1, eu-central-1, ap-southeast-2, and ap-northeast-1.

#aws#cloud-security#security-agent#pentesting#threat-modeling
13 views

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

L

Least Privilege

6 posts

Real-world AWS security patterns from the field. Written by a Cloud Security Architect working with organizations across Latin America. Topics: IAM, SIEM/SOAR, incident response, and DevSecOps.