AWS Security Agent: 34 Findings in Under 10 Hours. A Real-World Test

Last week, I ran AWS Security Agent against an app I'm building for a client. The app is quite usual: a React front-end, and the backend is powered by a CMS (that's part of my customer's requirements) on top of which I built a custom API. Both run on Lambda, with DSQL as the database layer and quite a lot of AI inside (more on that below). The results were impressive.

Two scans, overnight

I kicked off both scans in the evening:

Code Review completed in 1h26m:

• For this, I had to grant read access to my application Github repository (you can provide write access to get fixes, but that was a step I wasn't ready to take just yet.)
• 18 findings (9 High, 8 Medium, 1 Low) which covered SQL injection, SSRF, XSS, privilege escalation, secret exposure, IAM misconfigurations
• 2h42m of agent task time

Penetration Test completed in 7h56m:

• The pentest was not a full blackbox test. It started with 3 URLs I provided (the app's front-end, the API and the admin app) but I also submitted the repository.
• 16 findings (2 Critical, 2 High, 12 Medium)
• 29.16 hours of agent task time

By the time I woke up, I had a downloadable 60+ page report with reproduction steps, CVSS scores, and suggested fixes. And a pleasant UI to see results summary, but also findings details, test logs, etc.

What impressed me

It thinks like a real Pentester

The agent didn't just scan for known CVEs. It understood my application's architecture and chained vulnerabilities together:

1. It discovered that some API method had no authentication
2. It found that the some Lambda code called by a Step Function this method was triggering constructed a URL with user-supplied (non-protected) lang parameter
3. It crafted a payload using # fragment to redirect requests to an attacker-controlled domain it owned
4. It verified the SSRF by actually receiving DNS callbacks!!

That's a multi-step attack requiring deep understanding of Python's URL parsing, AWS Step Functions workflow, and the application's data flow from API to Lambda to Wikipedia API.
(I provided the repo )

SQL injection: genuinely clever

The code review found a SQL injection vector I would never have caught manually. Our DSQL driver had a shortcut: if a value starts with CAST(, it's passed through unescaped (intended for internal type conversions). The agent traced the full path from user input (POST /api/my-route body) through the CMS' abstraction layer down to the raw pg_query() call, proving the injection was reachable.

A unexpected category.

I was expecting the Agent to report SSRF, path traversal, etc. One category I didn't expect was "Cost Abuse". Since my app runs on serverless, the Agent also provided valuable insights on path were attackers could make my AWS bill fat, especially via the use of Bedrock, Polly and other AI services.

Findings were validated through exploitation

The penetration test didn't just flag theoretical issues. A bug let the CMS "Installation Wizard" accessible even once install once done. AWS Security Agent

• Accessed the install page without auth
• Successfully connected to the production database (DSQL with IAM auth meant empty credentials worked)
• Enumerated installed plugins with exact version numbers
• Documented each step with HTTP requests and responses

Both approaches brought original content

Despite the white box approach, only half of findings were redundant. The code review caught architectural issues (IAM over-privilege due to several Lambdas sharing the same IAM role, hardcoded secrets, missing log retention) while the pentest found runtime exploitables (auth bypass, path traversal, IDOR). Together they covered more ground than either alone.

A word on cost

Warning: AWS Security Agent CAN be expensive (yet cost-effective): at standard pricing of $50/agent-hour, the total would have been:

• Code review: 2.7h × $50 = $135
• Pentest: 29.2h × $50 = $1,460
• Total: ~$1,595

For context, a human pentest engagement of equivalent scope (3 URLs, mixed tech stack, 8 hours of active testing) would probably run $8,000–$20,000 and take 1-2 weeks to deliver results.

But here's the kicker: AWS Security Agent includes a generous free tier. New customers get a 2-month trial with up to 400 pentesting task-hours per month. Both my scans (31.8 task-hours total) fit comfortably within that allowance. So the first real-world security audit of my production application cost me exactly $0.

From Findings to Fixes

The actionable output let me fix all findings within a single day:

• SQL injection → removed CAST bypass, added intval() on inputs
• SSRF → URL scheme allowlist + private IP blocking
• Auth bypass on install page → overlay file blocking access
• Path traversal → regex validation on URL path parameters
• Task token exposure → stripped from API response
• Info disclosure → CloudFront response headers policy removes version headers
• Missing logging → API Gateway access logs + 30-day retention

The suggested fixes in the report were specific enough to implement directly, not generic "validate your inputs" advice, but exact code locations and replacement patterns.

A few more things

To be exhaustive, I must share that

• it didn't find existing application logic bugs (due to the model being instructed to focus solely on security. Attention is all we need, right?)
• due to our white box nature of our pentest, a couple findings, while technically correct, required knowledge of our deployment model to be exploited. If you need to know the value of a secret "consider-i-m-an-admin" header, then maybe the risk is not high.. but again the agent thinks like security folks, and probably considered lateral movement after log access like a possible path.
• Some findings are CMS upstream issues that I can't fix without modifying vendor code. I submitted findings to their security team.

Verdict

AWS Security Agent is not a full replacement for security expertise: you still need to understand your architecture to prioritize and fix findings. But as a first pass that runs overnight and produces a professional-grade report? It's remarkably good; literally 0 findings were non-relevant. The multi-step attack chains, the code-level precision, and the actual exploitation validation put it well above traditional SAST/DAST tools.

For a solo developer or small team shipping on AWS, this is a no-brainer at the free tier. Run it before every major release, fix what it finds, and sleep better.