When Amazon Web Services Inc. held its New York Summit last week, Vice President of Agentic AI Swami Sivasubramanian as usual was the headline act, delivering the opening keynote.
Sivasubramanian made the case to enterprise leaders that the artificial intelligence conversation has moved beyond pilots and productivity hacks into a world where the real advantage lies in compounding momentum across work, security, software delivery and data. For IT pros, that means your architectural decisions over the next 12 to 18 months will determine whether AI agents become a force multiplier or a new source of chaos.
Here are five big ideas from Sivasubramanian’s keynote and what they mean for those responsible for building and operating enterprise technology:
1. From ‘faster search bars’ to compounding agents
Sivasubramanian’s main critique of the first generation of AI assistants is that they never broke out of chat-window gravity. They sit on top of tools, answer a question and then forget. “We gave them chat windows and connected them to our tools,” he said. “They answer one question, and then they forget. The promise was intelligence, but what we got was a slightly faster search bar. Faster search doesn’t compound; it flatlines.”
The alternative he laid out is an agentic model in which every completed task feeds the next. “What you really need is agents that actually change the way you work, not just speed up the steps, but completely eliminate them,” Swami argued. “If humans are still forced to be the orchestration layer, your momentum actually has a ceiling.” In his framing, “every task that their agents complete makes the next one smarter,” creating “compounding momentum” and widening the gap between early adopters and those who wait.
That’s the design center for Amazon Quick, an AI assistant that “states the outcome you want and figures out how to get there across all your systems, all your data and all your context,” powered by a knowledge graph that reasons across people, documents, communications and data lakes. In the live demo, Quick assembled a marketing report by pulling data from Slack, Google Drive and OneDrive in about 20 seconds — work, Sivasubramanian said, “would have taken probably hours of actual research” before.
Implications for IT pros: This model assumes your collaboration and data platforms are open to agent access and governed by strong identity and policy controls. The job shifts from choosing yet another assistant to curating an ecosystem where agents can safely traverse silos. Connectors, metadata and policy enforcement become as important as model choice. This is a vastly different role for IT pros, but one that’s critical for companies that succeed with their agentic initiatives.
2. Security: Ending the ‘walled garden vs. wild garden’ tradeoff
On security, Sivasubramanian highlighted a dilemma many chief information security officers will face. On one side, “agents that work inside their own walled garden only see what’s inside their own productivity suite. The moment you need something outside the wall, you are back to being the orchestrator.” On the other hand, open tools “do not offer the level of security, compliance and governance that enterprises demand. You traded the walled garden for the wild one.”
“This is a false choice,” he said. “Quick doesn’t ask you to choose. No walls, no copy-and-paste bridges, and every action it takes carries its own governance. Who acted on it, what data they touched, where it went, and whether the policy allowed it.” That theme continues with AWS Continuum, a suite of agent-driven security capabilities spanning penetration testing, threat modeling and code vulnerability assessment. Chet Kapoor, who leads security, observability, search and governance products, described the shift from “telemetry, storage, query and dashboards for humans” to “telemetry to context to reasoning to actions for agents.” Telemetry without context is “noise,” he said; with context, it becomes a “signal” agents can act on.
Customer stories were included to make the stakes concrete. Swami cited GoDaddy using Amazon Quick to eliminate “15,000 hours of manual work annually.” He also highlighted the NBA’s use of Quick to structure 25 years of prospect data into interactive leaderboards and comparisons.
Implications for IT pros: Security operations are headed toward agents taking actions under policy, not analysts staring at dashboards. That raises the importance of policy as code, identity boundaries, least-privilege design, and clear “rails” for where agents can operate. The conversation with the CISO is no longer “Should we use AI?” but “What will we allow AI to do, and under what guardrails?”
3. Software delivery as a closed loop
If the first wave of generative AI was about coding copilots, this keynote reframed the narrative around end-to-end software delivery loops. “Write it right, ship it fast, keep it modern – not three tools, one continuous loop, always running, always compounding,” he said. That loop is already in production at Amazon Stores, where teams behind the retail experience saw a “median 4.5x improvement in how fast correct code reaches production, with some teams hitting up to 17x,” and “AI-generated code changes landing with 95% accuracy, higher than the human baseline.”
Kiro is the engineering agent that anchors the “write it right” part of the loop. You give it a prompt, and it generates “clear requirements, structured design docs, implementation tasks, and validated tests before a single line of code is generated.” It then uses agents and property-based testing to implement and verify. Swami pointed to fintech startup Dhan, which needed to support more than 170 complex trading indicators. Without agents, it estimated “over a dozen engineers in a period of 12 to 24 months;” with Kiro, “all this was built by a single engineer in just eight weeks.”
The loop extends into operations. AWS DevOps Agent started as an incident-response companion used by customers like T-Mobile and United Airlines; now AWS is adding release management. It can project production risk from a code change, explore an application such as an end user, score releases, and feed its report “directly to your coding agent to start implementing those fixes automatically.”
On the other side of the loop, AWS Transform moves from one-time modernization projects to “continuous modernization,” performing “continuous state analysis and remediation at machine speed, always watching, always fixing across every code base you own.” AWS says customers have already used Transform to eliminate 1.6 million hours of manual modernization work.
Implications for IT pros: This is an opinionated pipeline: spec, code, test, release, modernize, repeat, with agents in each phase. To benefit, enterprises will need to standardize how they organize their Git repositories, pipelines and quality gates so agents can act safely across services and to make a cultural shift that treats modernization and reliability work as continuous flows, not project-of-the-year initiatives.
4. Southwest Airlines: A playbook for a ‘modern fleet’ of systems
The most compelling customer story came from Lauren Woods, executive vice president and chief information officer at Southwest Airlines. She linked technology choices directly to lessons from Winter Storm Elliott. “It wasn’t our systems that were failing, but they were not designed to keep up with the pace and the level of complexity happening across the operation all at once,” she said. To run like a modern airline, “we need technology that operates like a modern fleet.”
Southwest chose AWS as its preferred cloud partner for a “secure, scalable foundation” and access to innovation. Regarding AI, Woods said she uses Amazon Quick every day, describing a shift from “looking at data after the fact to interacting with it in real time” across fare and revenue analysis and call center behavioral trends. The impact has been faster decisions, closer to the point of action.
For engineering, Southwest scaled Kiro to “more than 2,700 developers, about two-thirds of our engineering organization,” using it for unit test generation, infrastructure as code, and faster onboarding. The Southwest.com platform, which is mission-critical and built on legacy architecture, had a long modernization roadmap. Using Kiro, “our teams have accelerated that modernization significantly, pulling the original timeline in by three years,” Lauren said. “We’re making it easier to build on, evolve and scale as our business changes.”
Implications for IT pros: Southwest is an excellent case study. AI-augmented decision-making across the business, agents embedded in the SDLC at scale, and modernization and transformation running in parallel. It’s also a reminder that the key performance indicator for AI initiatives will increasingly be operational resilience and customer satisfaction, not just developer productivity.
5. Agent platforms: Harness, guardrails and context as first-class primitives
The final act of the keynote shifted from AWS-built agents to the agents that customers will build themselves. Sivasubramanian noted that “the agents that will matter the most are the ones for your business that only you can create,” but many are “stuck between prototype and production” because teams are re-implementing basics: authentication, memory, tool access, security and governance.
Amazon’s answer is AgentCore, which provides “core components to build agents” and includes a managed runtime, built-in identity, session memory, observability, evaluations and access controls. It is designed to work with any agent framework and model. Over the past six months, Swami said, “the number of tasks performed by agents in AgentCore has grown by 15x,” and customers such as PGA TOUR, Nasdaq and Visa are building production agents in weeks instead of months.
Two concepts are important here. First, the harness. Sivasubramanian described the model as the “brain” and the harness as the “body” that provides “state persistence, error recovery, context management, [and] session isolation.” AgentCore Harness can turn a model into an agent in minutes with three application programming interface calls. Second, Agent Core Policies define what agents can and cannot do and are enforced “outside the agent’s code, where the agent can’t bypass it,” including detection of prompt attacks, harmful content, and sensitive data. AWS plans to ingest signals from third-party security providers into that policy layer.
Underpinning this is context. AWS Context automatically builds a knowledge graph across structured and unstructured data and exposes it to agents at runtime. Swami pointed out that within Amazon, the semantic knowledge store behind Q processes “over 1.8 million requests” per day, mapping business semantics (“escalations” vs. “tickets”) and relationships across systems. In the enterprise, that graph spans public web data via managed search tools, organizational content in S3, SharePoint, Confluence, and Google Drive, and structured data in lakes and warehouses.
Implications for IT pros: This is the AI platform north star: an agent runtime/harness, a policy and guardrail layer outside prompts, and a governed context service — often graph-based — that encodes how your business works. Whether you adopt AWS’ stack or assemble your own, success will come down less to prompt engineering and more to how well you design skills, policies and knowledge graphs that reflect your domain.
Final thoughts
Sivasubramanian’s core point is that agents aren’t a feature toggle but an architectural choice. The advantage goes to organizations that design for compounding momentum across work, security, software delivery and data, rather than to those that simply switch on Amazon Quick, Kiro or DevOps Agent.
For information technology leaders, that means treating agent access, guardrails and context as platform services, embedding AI more deeply in delivery and operations, and copying the Southwest playbook: Start with a high-impact domain, align business and engineering on outcomes, and let agents handle the undifferentiated heavy lifting while your teams focus on domain-specific decisions.
Zeus Kerravala is a principal analyst at ZK Research, a division of Kerravala Consulting. He wrote this article for SiliconANGLE.
Photo: Zeus Kerravala
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
