What happened
Announced June 17, 2026 alongside Continuum: AWS Security Agent (now a Continuum component) gained threat modeling from design docs/source code (preview), Kiro IDE integration for per-PR vulnerability scanning, and a Claude Code plugin — enabling developers to trigger full-repo security scans and STRIDE threat models from within their coding workflow.
Why it matters
Shifting security scanning left into the IDE and coding-agent loop at AWS scale closes the gap between code commit and security verdict. Kiro integration means developers get security feedback without leaving their AI coding environment.
Applicability
AWS developers using Kiro or Claude Code should enable the Security Agent plugin immediately; AppSec teams should evaluate the threat-modeling preview as a complement to manual reviews.