AWS Security ChangesHomeSearch

AWS securityagent documentation change

Service: securityagent · 2026-06-19 · Documentation low

File: securityagent/latest/userguide/provide-testing-credentials.md

Summary

Added 'Login Optimization' section explaining how the agent learns authentication workflows to improve pentest efficiency and consistency.

Security assessment

This documents a performance optimization for authentication workflows during security testing. While related to pentesting (security activity), there's no indication it fixes a vulnerability. It expands security documentation with a new feature description.

Diff

diff --git a/securityagent/latest/userguide/provide-testing-credentials.md b/securityagent/latest/userguide/provide-testing-credentials.md
index feaaf4494..3a686feaf 100644
--- a//securityagent/latest/userguide/provide-testing-credentials.md
+++ b//securityagent/latest/userguide/provide-testing-credentials.md
@@ -7 +7 @@
-Configure authentication credentialsInput credentials directlyUse advanced settingConfigure multiple credentials
+Configure authentication credentialsInput credentials directlyUse advanced settingConfigure multiple credentialsLogin Optimization
@@ -133,0 +134,40 @@ To test different user roles or authentication systems:
+## Login Optimization
+
+Login Optimization allows AWS Security Agent to learn navigation patterns from previous pentest runs and apply them to subsequent runs. These patterns include login flows and multi-step authentication workflows. This reduces the time the agent spends re-discovering how to authenticate, resulting in faster scans and more consistent testing coverage.
+
+### How Login Optimization works
+
+On the first pentest run, the agent discovers how to navigate your application’s login flow using the credentials you provide. It records the successful navigation steps and generates a skill file that captures the learned login workflow.
+
+On subsequent runs, the agent reads the saved skill file and applies the learned navigation pattern directly, skipping the discovery phase. This means:
+
+  * Faster time to authenticated testing — the agent applies proven navigation patterns immediately instead of exploring from scratch
+
+  * More consistent behavior — the agent follows the same proven path rather than exploring alternatives
+
+
+
+
+###### Note
+
+Login Optimization learns during the first login session within a run. Subsequent login sessions in the same run will benefit from what was learned in the first session. On future runs, all login sessions benefit from the saved skill.
+
+### Enable or disable Login Optimization
+
+Login Optimization is enabled by default. To disable or re-enable it:
+
+  1. In the pentest configuration, navigate to the **Authentication credentials - optional** section.
+
+  2. Locate the **Login Optimization** toggle.
+
+  3. To enable Login Optimization, turn on the toggle. To disable, turn it off.
+
+
+
+
+When disabled, the agent re-discovers the login flow from scratch on every run. Previously learned navigation skills are preserved and will be applied again if the feature is re-enabled.
+
+###### Tip
+
+If your application’s login flow changes significantly (for example a redesigned login page or a new authentication step), the agent automatically adapts by updating its learned skill on the next run. You do not need to manually reset the optimization.
+