惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V
Vulnerabilities – Threatpost
U
Unit 42
F
Fortinet All Blogs
aimingoo的专栏
aimingoo的专栏
P
Proofpoint News Feed
F
Full Disclosure
月光博客
月光博客
Engineering at Meta
Engineering at Meta
博客园_首页
The Register - Security
The Register - Security
G
Google Developers Blog
The Cloudflare Blog
博客园 - Franky
K
Kaspersky official blog
A
Arctic Wolf
Scott Helme
Scott Helme
C
Cisco Blogs
Hugging Face - Blog
Hugging Face - Blog
C
Check Point Blog
NISL@THU
NISL@THU
AI
AI
D
DataBreaches.Net
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Stack Overflow Blog
Stack Overflow Blog
Project Zero
Project Zero
The GitHub Blog
The GitHub Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
量子位
Vercel News
Vercel News
T
Tor Project blog
P
Privacy International News Feed
D
Docker
I
Intezer
L
LangChain Blog
P
Proofpoint News Feed
Security Latest
Security Latest
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Threatpost
博客园 - 聂微东
AWS News Blog
AWS News Blog
Martin Fowler
Martin Fowler
P
Privacy & Cybersecurity Law Blog
V
V2EX
Last Week in AI
Last Week in AI
C
Cybersecurity and Infrastructure Security Agency CISA
The Hacker News
The Hacker News
T
Tenable Blog
Blog — PlanetScale
Blog — PlanetScale
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tailwind CSS Blog

The Register - Special Features: AWS Re:invent

DJ Garman drops the ball instead of the bass in AWS re:Invent keynote Amazon keeps the pressure on Intel, AMD with 192-core Graviton5 CPU Amazon is forging a walled garden for enterprise AI AWS offers AI-in-a-box for enterprise datacenters AWS joins Microsoft, Google in the security AI agent race Amazon primed to fuse Nvidia's NVLink into 4th-gen Trainium accelerators AWS: How do you do, fellow kids? Please watch our keynotes in Fortnite AWS, Google roll out multi-cloud fix they said wasn't needed AWS under pressure as big three battle to eat the cloud market Countries use cyber targeting to plan strikes: Amazon CSO EU eyes AWS, Azure for gatekeeper tag in cloud clampdown Geopolitics push European CIOs to think local on cloud Atlassian moves Jira, Confluence instances to AWS Graviton
AWS admits AI coding tools cause problems, reckons its three new agents fix 'em
2025-12-03 · via The Register - Special Features: AWS Re:invent

Re:Invent Amazon is all-in on agentic AI when it comes to software development, and it sincerely hopes you are too, based on Tuesday's AWS re:Invent keynote. 

AWS chief Matt Garman announced a trio of new "frontier agents" with a software development focus on stage in Las Vegas on Tuesday morning: One that makes its Kiro agentic AI IDE more autonomous, another it says will make DevOps a less daunting process, and a third that focuses on securing code across the development lifecycle. 

AWS claims the vibe coding IDE Kiro is designed to avoid all the pitfalls of letting AI do your development, like surprise drive deletions and database wipeouts. Users will have to put a lot of trust in those claims. 

Aside from those worst-case scenarios, AWS is fully aware that AI coding tools have "introduced new friction" into developers' workloads.

"You can find yourself acting as the human 'thread' that holds work together," AWS said, describing scenarios like contextualizing tasks, manually coordinating cross-repository changes, and collating information across tickets and pull requests. Kiro supposedly eliminates those scenarios. 

AWS described it as maintaining awareness across sessions with the ability to "continuously learn your pull requests and feedback." It can also handle various tasks like bug triage and improving code coverage, with an included ability to make changes "spanning multiple repositories." 

"All of this is in the background while you work on something else," Garman explained on stage. 

Surely nothing bad could come of that.

Amazon is incredibly confident in Kiro's ability to streamline development, confirming today during the keynote an earlier report that it had made Kiro its standard AI development environment across the company.

"I've frankly been amazed at the impact this development velocity has seen inside Amazon," Garman said on stage today.

In one example of an Amazon project, Garman said that the tool trimmed a 30-developer project slated to take 18 months down to a mere 76 days, with only six developers assigned to the project.

"This is not just the 10 to 20 percent efficiency gains that people were seeing with the first generation of AI coding tools," Garman explained. "This is orders of magnitude more efficient."

Garman admitted that it took time for developers using Kiro to adjust, and that efficiency gains were "more incremental than transformative" for the first few weeks. That's where the frontier agents announced today come in, Garman said - those were the final key to unlocking the efficiency puzzle.

When asked what it would do to prevent disasters that have happened with other AI coding tools, an AWS spokesperson told The Register that the Kiro agent pulls requests for users to review and doesn't merge changes without developer oversight. The agent also logs all its work so that humans can review what it has done, though AWS still told us it recommends protecting all code branches and not allowing the Kiro agent to push directly to sensitive branches while it's executing tasks.

AWS also emphasized that each Kiro agent task is going to run in a sandbox with permissions set by the user. Orgs can also choose among three levels of network access: Integration only (GitHub proxy), Common dependencies (common package registries like npm), or Open internet. You can also decide what environment variables and secrets are shared with the agent.

The DevOps agent, likewise, requires a high degree of confidence in an AWS AI agent's capabilities to get things right. 

Designed to provide "always-on incident triage, guided resolution, and recommendations for how to continuously improve the reliability and performance of your applications across AWS, multicloud, and hybrid environments," the DevOps is meant to relieve stress from the lives of on-call software engineers. 

This, of course, requires giving the agent extensive access to one's environment. AWS said that the DevOps agent will have knowledge of applications and the relationships between components by having insight into everything from code bases and observability tools to repositories and CI/CD pipelines. The company claims that its own internal use of the tool has been able to identify root causes in 86 percent of instances - as to what it did in the other 14 percent of scenarios, AWS didn't say. 

Since we first published this article, AWS has been in touch to further explain how users can control the DevOps agent.

According to DevOps agent documentation, the agent can have its access restricted via identity and access management actions, including only giving it read-only permissions and specified access instead of relying on wildcards to let it go broadly into permitted areas.

Additionally, the DevOps agent can be configured to rely on a specific channel in Slack where it will notify on-call engineers and allow them to query it with specific questions to determine what was analyzed and how the agent arrived at its decision before users decide whether to act on its recommendations.

The AWS security agent is also designed to be a largely autonomous process that can be used for things like penetration testing and code validation. (We covered it extensively in a standalone piece published earlier on Tuesday.) 

All of those promises of agentic autonomy and free time for developers suppose AWS's new agents are actually getting things right, and that's far from a sure thing in the world of AI coding. One recent study showed that AI agents fail to complete simple office tasks at least 70% of the time – hardly a ringing endorsement of the idea of letting new agents with even more autonomy loose in one's systems with the ability to push code changes across multiple repositories or manage late-night software failures. 

At the same time, around two-thirds of companies have rolled out AI tools to help their developers, most of whom say they haven't experienced much of a productivity boost from such tools. Instead of spending all that time freed up by AI to develop new and exciting features, developers required to use AI tools sometimes have to spend cycles checking to see what errors their AI coworkers made

AWS would have its customers believe it's solved these issues with its latest round of AI agentry, but there's still a leap of faith required. ®

Updated on Dec 4 at 1535 to include more detail on the DevOps agent.