aws AWS What's New ·

AWS Security Agent expands to new regions with threat modeling and code review

securityawspreviewengineer
feature announcement

AWS Security Agent, now part of AWS Continuum, is now available in three new AWS regions: Asia Pacific (Mumbai), Asia Pacific (Singapore), and South America (São Paulo). This expansion offers customers enhanced security capabilities, including preview features for STRIDE-based threat modeling and full-repo/PR-level code reviews across popular platforms. On-demand penetration testing and simulated validation (US East only) are also available, aiming to scale security expertise alongside development velocity.

  • STRIDE-based threat modeling and code review features available
  • IDE plugins and MCP integration for security workflows
  • On-demand penetration testing and validation
  • AWS Security Agent now available in three new AWS Regions
  • Simulated validation limited to US East (N. Virginia)
Features (3)
  • STRIDE-based threat modeling and code review features available

    Customers can now utilize STRIDE-based threat modeling, which analyzes design documents and source code to identify risks early in development, and perform full-repo and PR-level code reviews. These features are available in preview across GitHub, GitLab, GitHub Enterprise Server, Bitbucket, and Confluence, supporting managed compliance packs and custom security requirements.

  • IDE plugins and MCP integration for security workflows

    New IDE plugins and integration with MCP enable users to trigger threat modeling, code reviews, and remediation directly from Kiro or Claude Code. This integration streamlines the security workflow by connecting these actions to developer tools.

  • On-demand penetration testing and validation

    The service provides on-demand penetration testing that delivers validated findings with reproducible attack paths and ready-to-implement fixes. Retesting capabilities are also available to confirm the effectiveness of applied remediations.

Enhancements (1)
  • AWS Security Agent now available in three new AWS Regions

    AWS Security Agent, integrated into AWS Continuum, is now accessible in Asia Pacific (Mumbai), Asia Pacific (Singapore), and South America (São Paulo) regions. This geographical expansion allows customers in these areas to leverage core capabilities for application security throughout the development lifecycle.

Notes (1)
  • Simulated validation limited to US East (N. Virginia)

    The simulated validation feature, which confirms remediations, is exclusively available in the US East (N. Virginia) region. Customers in other regions will not have access to this specific capability.

Read the original announcement →

https://aws.amazon.com/about-aws/whats-new/2026/07/aws-security-agent-asia-pacific/