At re:Invent 2025, AWS is proposing new security features, including Security Agent, GuardDuty for containers, and a revamped Security Hub.
At re:Invent 2025, Amazon Web Services announced a series of security updates designed to detect threats faster and reduce manual work for development teams. “If you want to do security right, it has to be in everything you build from the ground up,” said CEO Matt Garman during his presentation.
Security Agent
AWS Security Agent is the most striking newcomer. “It is a context-aware security agent that will proactively analyze your security processes and check for vulnerabilities,” said Garman. The agent also performs pentests, something that AWS says was a slow and expensive process, which has now been transformed into a continuous evaluation.
GuardDuty now also for containers
Until now, GuardDuty mainly worked for Kubernetes environments (EKS). Now there is also support for containers via Elastic Container Services (ECS). During the keynote, Garman stated: “Tens of thousands of customers rely on GuardDuty… and today we are adding these capabilities to ECS.” The expansion is automatically enabled and does not involve any extra costs.
Security Hub officially available
Security Hub, the central place where companies can monitor their security status, has also been updated. The service bundles notifications from various AWS services and gives companies an overview of their risks. “Every customer wants to find and resolve security issues quickly and easily. That’s why we have Security Hub,” says Garman. The update includes real-time risk analysis and a dashboard that shows where security issues are increasing or decreasing.