AWS unleashes AI agents on DevOps pipelines with release management, security, and tech debt tools

AWS has released a wave of AI agent updates targeting the software delivery pipeline, adding release management to its DevOps Agent, threat modeling to its Security Agent, and autonomous technical debt remediation through a new service called Transform. The preview features, announced in June 2026, aim to automate the stages between code commit and production deployment.

The bottleneck in software development has shifted from writing code to getting it safely to production, according to industry observers. AWS is betting that AI agents can close that gap. The company now offers three distinct agents: DevOps Agent, Security Agent, and Transform, each covering a different phase of the delivery lifecycle.

DevOps Agent gains release management

The AWS DevOps Agent now includes a release management capability in preview. It reviews code changes for release readiness and runs autonomous release testing before code reaches production. The agent assesses pull requests against quality gates and can block or approve merges based on policy. AWS says the feature helps teams ship code with confidence by catching issues early.

Key capabilities of the DevOps Agent release management preview:

• Automated assessment of code changes against release readiness criteria.
• Autonomous execution of release tests without human intervention.
• Integration with existing CI/CD pipelines and merge queues.
• Policy-based gating to prevent risky deployments.

Security Agent adds STRIDE threat modeling

The AWS Security Agent now supports STRIDE based threat modeling, a structured approach to identifying security threats across six categories: spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege. The agent can scan full repositories and pull requests for vulnerabilities and suggest remediations. It also integrates with IDEs via a plugin called Kiro power, a Claude Code plugin, and the Model Context Protocol (MCP). These integrations let developers run security reviews without leaving their coding environment.

The Security Agent can scan across major Git platforms including GitHub, GitLab, and Bitbucket. AWS says the agent reduces context switching by bringing security analysis directly into the developer workflow.

Transform tackles technical debt autonomously

AWS Transform, now in preview, automatically scans code repositories to detect, prioritize, and remediate technical debt at scale. The agent identifies outdated dependencies, deprecated APIs, and code patterns that increase maintenance cost. It then generates pull requests with fixes, which developers can review and merge. AWS positions Transform as a tool for continuous modernization, allowing teams to reduce tech debt incrementally rather than in large, disruptive migrations.

The broader message from AWS is that AI agents are moving from isolated code generation to full lifecycle management. The company has been hyping what it calls continuous agentic DevOps, where agents monitor, test, secure, and modernize code around the clock. Trust remains the biggest barrier to AI adoption, according to AWS AI chief, but the company argues that features like policy gating and STRIDE modeling will prevent bad outcomes.

All three features are available in preview today. AWS has not announced general availability dates. Developers can enable the agents through the AWS Management Console and integrate them with existing repositories and pipelines.