June 25, 2026. At AWS Summit New York on June 17, Amazon introduced two services that say a lot about where enterprise AI is heading. Instead of a flashier or more autonomous agent, AWS shipped Continuum and Context, two services aimed at the unglamorous problems that decide whether an agent is safe and useful in production: can you trust what it does, and does it actually understand your business.
What AWS shipped
- Continuum is an AI native security agent for code. It continuously finds, prioritizes, and validates security risks, tests whether a vulnerability is actually exploitable, and proposes a fix along with an estimate of what else the change might break.
- Continuum earns its autonomy. It starts in a supervised learn mode and is allowed to act on its own only as you grant it permission, one category at a time, rather than being handed the keys on day one.
- Context builds a knowledge graph from your data automatically. It infers the relationships between your data, business rules, and domain knowledge, then makes that available to every agent so they act on real company information instead of guessing.
- Both are framed as production controls. AWS is positioning them as the layer that has to exist before agents can be trusted to act inside a real business.
What it means for operators
The two reasons AI agent projects stall the most are weak governance and missing context, and AWS just turned both into products. You do not need to run on AWS to copy the pattern, which is the useful part for a smaller business. The earned autonomy model is the right default for any agent: start it supervised, give it permission category by category as it proves itself, and keep a full record of what it did. That is the same least privilege and audit principle behind the identity work we covered in our June 19 analysis. The knowledge graph idea matters just as much. An agent with no structured access to your products, policies, and history will confidently give wrong answers, so feeding it clean, connected context is often the difference between a useful agent and a liability. This is the governance and context discipline we detail in our main analysis today on why so many agent projects get canceled. We build agents that run on your real data with guardrails and an audit trail through our AI automation and AI automation agency services, and you can hire an AI engineer to set the permissions and context up correctly from the start.
Frequently Asked Questions
They are two services Amazon launched at AWS Summit New York on June 17, 2026. Continuum is an AI native security agent that finds, validates, and fixes code vulnerabilities, and Context automatically builds a knowledge graph from your data so agents act on real business information.
Continuum starts in a supervised learn mode and is only allowed to act on its own as you grant it permission, one category at a time. Rather than giving an agent full control on day one, it builds trust gradually while you keep oversight, which is a sensible default for any agent rollout.
An agent without structured access to your products, policies, and history will guess, and guess confidently, which produces wrong answers and erodes trust. Giving an agent clean, connected context, as AWS Context does with a knowledge graph, is often the difference between a useful agent and a liability.
No. The principles travel. Start any agent supervised and expand its permissions category by category, keep an audit log of what it does, and connect it to clean, structured data about your business before you rely on it. Those practices work on any stack, not just AWS.