CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 17, 2026

AWS Unveils Continuum to Fight Vulnerability Backlog

Data Breach Today Archived Jun 17, 2026 ✓ Full text saved

Autonomous Remediation Tools Advance Cloud computing mainstay Amazon Web Services has taken a look at the vulnerability apocalypse and pronounced it fit for a business opportunity. Today the Seattle company entered a new battleground of platforms with the launch of its new family of security agents that it calls Continuum.

Full text archived locally
✦ AI Summary · Claude Sonnet


    Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development , The Future of AI & Cybersecurity AWS Unveils Continuum to Fight Vulnerability Backlog Autonomous Remediation Tools Advance Emilia David • June 17, 2026     Credit Eligible Get Permission Image: Shutterstock Cloud computing mainstay Amazon Web Services has taken a look at the vulnerability apocalypse and pronounced it fit for a business opportunity. See Also: How AI Increases the Risk of Enterprise Data Exposure An explosion of frontier artificial intelligence models has fueled a wave of vulnerability discoveries that threaten to overwhelm defenders' already strained ability to keep up. It's been dubbed the arrival of the vulnpocalypse. U.S. federal government attempts to contain it almost certainly will fail, if for no other reason than open-source Chinese models growing more proficient every day. Hyperscalers like AWS have long wanted a piece of the vulnerability action and today the Seattle company entered a new battleground of platforms with the launch of its new family of security agents that it calls Continuum. It announced the new offering at a day-long corporate event in New York City. These new agent-led security remediation systems provide an on-ramp to a more hands-off experience for human employees, giving enterprises a choice of how much trust to give the technology. Continuum is a family of security agents for end-to-end continuous security, including penetration testing, code review, threat modeling and the identification of code vulnerabilities. While the platform now offers check pointing, it asks enterprises to trust AWS systems implicitly. Matt Wood, chief AI and technology officer at AWS, told reporters in a Tuesday briefing that the rationale behind Continuum is a push for the longer-term "build-up of value," especially since he believes organizations are moving away from relying heavily on token-heavy frontier workflows to more manageable deployed agents and improving efficiencies. "Those efficiencies are great; they're meaningful, but they usually require a human to catch the output at the other end. And then, if you start the AI system again, it starts from a cold start, and you have to go through the whole process again," Wood said. "There's no long-term build-up of value, and humans have to be involved in the plumbing of keeping all these systems moving, taking the output from one, giving it to another and so on. We are moving to a system where we want to use AI to provide continuity, business continuity, people continuity, but also agentic continuity." Continuum expands on AWS’s existing security agent capabilities such as penetration testing and code review. New capabilities include a threat modeling agent that generates threat models from design documents or source code and can be run continuously in IDEs, and a code vulnerability agent. The code vulnerability agent ingests an enterprise’s backlog of vulnerabilities, performs its own scan and creates a comprehensive view of attack paths. Wood said it verifies and evaluates code as it is being generated and compares it to existing codebases. Code vulnerability is also under preview. Continuum brings AWS into the same field as Google’s CodeMender and Microsoft's MDASH. CodeMender, which was on research preview before Google DeepMind folded it into the Google Enterprise agent platform, only performs vulnerability discovery and patching. Despite announcing that MDASH is integrated into some enterprise AI products, Microsoft has not officially made the security agent generally available (see: Microsoft Debuts Bug Hunting 100-Agent AI System). Many AWS customers already use frontier models to find vulnerabilities, which only increases the backlog of vulnerabilities they have to deal with. Continuum is an agentic platform that learns the more people use it. It graduates organizations from a "learn mode" to an eventual "enforce mode," where, at some point, the human in the loop becomes an obstacle rather than a safeguard," Wood asserted. Platforms like Continuum lean on the idea that enterprises will eventually learn to trust agents implicitly and only have humans stepping in for auditability, something which many providers believe is paramount as vulnerability discovery outpaces human ability to address them. Neha Rungta, director of applied science at AWS, told ISMG in a separate interview that Continuum is the first step into that future. "Planes can land by themselves by now, but imagine a few years before: We never told people about that automation, but we do today," Rungta said. "Trust doesn’t happen on Day Zero, so this autonomous future involves something we call graduated trust. There is a feedback loop that not only teaches the agent but also builds on the trust for people." AWS is working with customers in the financial services, automotive and technology sectors to develop Continuum further. Continuum is not the only security- and risk-focused launch from AWS. Also at the AWS Summit New York City, the company updated AWS Transform, a service for modernizing legacy applications and codebases. First announced for general availability in May, the hope for Transform is to get ahead of potential vulnerabilities in old open-source code.
    💬 Team Notes
    Article Info
    Source
    Data Breach Today
    Category
    ◇ Industry News & Leadership
    Published
    Jun 17, 2026
    Archived
    Jun 17, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗