2026-04-09 · aws-security
AWS announced general availability for AWS Security Agent on-demand penetration testing. The service is designed to make security testing more frequent and more scalable across AWS, other clouds, and on-prem systems. The key change is that penetration testing moves from a periodic manual bottleneck to an on-demand capability. That is a meaningful shift for teams that need faster validation before shipping changes.
AWS Security Agent now runs autonomous tests 24/7 and validates findings instead of simply flagging potential issues. The post says it can identify vulnerabilities, attempt exploits, and return CVSS scores, severity ratings, and reproduction steps. AWS positions it as a faster alternative to manual pentesting for modern release cycles.
Manual tests are too slow to keep up with constantly changing systems, which leaves long windows where exposed data can be stolen or altered. If an attacker gets in between test cycles, your recovery burden becomes much larger. This is another reason offline backup strategy matters, because incident response cannot be your only line of defense.
Cold storage helps you recover after a confirmed compromise, not just detect one. If a pentest or a real incident reveals destructive access, offline backups let you restore clean state without relying on the live environment. That is especially important for systems handling customer data, credentials, or regulated records.
Read Original Post →