AWS launches Continuum, an AI-native vulnerability management platform

AWS introduced Continuum at Summit New York, an AI-powered vulnerability management platform designed to handle the full lifecycle — discover, prioritize, validate, and remediate code vulnerabilities — at machine speed, per Infosecurity Magazine and AWS's own recap. The pitch is to compress the slow, manual loop of finding and fixing vulnerabilities into an automated, continuous process.

The key differentiator AWS emphasizes is validation: rather than flooding teams with raw findings, Continuum aims to confirm which vulnerabilities are real and exploitable before pushing remediation, addressing the alert-fatigue problem that plagues traditional scanners. It complements the new Kiro CLI, which speeds security investigations by automating CLI work and correlating findings across GuardDuty, CloudTrail, and other tools.

Continuum slots into AWS's larger thesis that AI should 'carry work forward' — security as a continuous, compounding process rather than point-in-time scans. Competitively it pushes AWS deeper into territory held by Snyk, Wiz, and GitHub Advanced Security, and pairs with the DevOps Agent's incident-resolution story to present an end-to-end agentic operations and security stack. The caveat is autonomy and trust: machine-speed remediation of production code is powerful but risky, and enterprises will scrutinize how much Continuum is allowed to change without human sign-off.