AWS Security ChangesHomeSearch

AWS securityagent documentation change

Service: securityagent · 2026-06-19 · Documentation medium

File: securityagent/latest/userguide/agent-capabilities.md

Summary

Added 'Threat modeling' capability and updated quickstart reference

Security assessment

Introduces proactive security feature (STRIDE-based threat modeling) but doesn't address a specific vulnerability. Documents new security analysis capability for architectural risk identification.

Diff

diff --git a/securityagent/latest/userguide/agent-capabilities.md b/securityagent/latest/userguide/agent-capabilities.md
index d1c2b8dee..b08d25b44 100644
--- a//securityagent/latest/userguide/agent-capabilities.md
+++ b//securityagent/latest/userguide/agent-capabilities.md
@@ -9 +9 @@
-AWS Security Agent provides three core security capabilities throughout your development lifecycle:
+AWS Security Agent provides four core security capabilities throughout your development lifecycle:
@@ -12,0 +13,2 @@ AWS Security Agent provides three core security capabilities throughout your dev
+  * **Threat modeling** — Builds a threat model of your application to identify how it could be attacked. Provide design documents as scope docs to define the focus of the analysis, source code as context for the agent to understand your existing system, or both. AWS Security Agent generates a system overview that describes your application’s architecture, components, trust boundaries, data flows, and security posture, along with a set of threats classified by STRIDE category (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege) with severity levels and actionable recommendations. Each threat links back to evidence in your source code.
+
@@ -26 +28 @@ To use the Amazon Web Services Documentation, Javascript must be enabled. Please
-Quickstart: Run a code review
+Quickstart: Run a threat model