AWS shot an AI salvo across the bows of Microsoft, CrowdStrike and Tanium with an AI multi-agent that it said could one day manage vulnerability detection, compliance checks and phased patch deployment across AWS cloud environments.
During a breakout session earlier this week at re:Invent AWS, Praveen Bhatt, a principal solutions architect at AWS, introduced Patchy. Built on Amazon Bedrock Agent Core and Strands and Strands, an open-source SDK for developing AI agents, Bhatt serves as a glimpse into what becomes possible when large language model (LLM)-driven agents are integrated directly into the company’s operational infrastructure.
To be clear, Bhatt underscored, Patchy is not a commercial project, rather an internal project with no launch date.
However, the move does signals AWS’ ambitions to enter a space it has largely avoided: automated, AI-assisted remediation. It’s a market already dominated by Microsoft’s Intune and Defender ecosystem, CrowdStrike’s Fusion and Charlotte AI, Tanium’s fleet management tools and Ivanti’s Neurons platform.
Together, these four companies account for the majority of the patch-automation market, which is valued around $900 million annually and is expected to more than double by 2033, according to analysts at Market Research Future. The broader exposure management and vulnerability operations market is even larger, ranging from $16 billion to $19 billion depending on the firm, according to Grand View Research.
Clearly, AWS sees an opportunity.
Log4j: the catalyst for automation
“How many of you experienced the Log4j event?” Bhatt asked. “How awesome was that experience?”
Joined by Justin Thomas, a senior cloud support engineer with AWS, they both described Log4j “organized chaos at scale.” During the height of the crisis, Thomas said he found himself juggling calls from multiple customers at once as each scrambled to understand their exposure. He said the response to the cybersecurity event often began with silence because teams lacked the basic information needed to make decisions. CTOs waited “30 minutes to an hour” before they received the initial assessment.
“It looked like a scavenger hunt for the right data,” Thomas said. Teams were stuck gathering lists of vulnerable instances, checking compliance frameworks, debating SLAs, and figuring out which maintenance windows could be overridden.
Eventually, that dysfunction created a market. Analysts say post-Log4j failures accelerated demand for automated remediation tools. Gartner projects worldwide security spending will reach $212 billion in 2025, with growth driven by organizations attempting to compress detection-to-remediation cycles.
AWS says it’s now trying to get ahead of that curve, at the same time has taken care not to overpromise. The company made no announcement about pricing, availability or future roadmap for Patchy.
Inside Patchy: a multi-agent orchestrator for patching
Patchy’s internal experiment, according to AWS, consists of several specialized agents. One is for vulnerability scanning, another for patch strategy, and a third for compliance. On top of that is another AI agent that coordinates, acting as a supervising agent that interprets user intent and assigns tasks accordingly.
These agents interact with existing AWS services. Vulnerability scans are conducted using Amazon Inspector. Patch deployment is handled through AWS Systems Manager Patch Manager. AWS Config monitors compliance and resource configuration. Amazon EC2 provides the compute environment, while Amazon S3 is used to store reports.
In practice, Patchy collects data, identifies what needs to be patched, determines when to patch it, executes the patch, validates the system’s health and records everything for audit purposes.
During the demo, Patchy was tested against a fictional company called “Manual Everything Corporation.” A high-severity vulnerability landed on a Friday. The security director wanted to know: Are we exposed? How widespread is the issue? When will we patch?
Patchy scanned the environment, used tags and compliance data to assess exposure, pulled findings from Inspector and determined which systems were governed by the Payment Card Industry Data Security Standard (PCI DSS), which mandates remediation of critical vulnerabilities within 48 hours.
The next maintenance window, however, was 24 days away. When asked whether to patch now or wait, Patchy responded: “Emergency patching required.”
That moment highlighted Patchy’s intended advantage. Most patching tools can deploy updates. Very few weigh competing priorities, compliance rules and patch windows to make judgment calls. Patchy tries to do both.
Next, the system generated patch commands through AWS Systems Manager, which administers resources without needing SSH or RDP access. It then performed a phased rollout across development, staging and production. After each rollout, Patchy checked system responsiveness via Systems Manager and scanned for anomalies using Amazon CloudWatch.
If something broke, Bhatt said, Patchy could roll back the affected environment—an approach common in advanced DevOps pipelines but still rare in automated patching systems.
Patchy is designed to produce a 30-day compliance history that can reveal SLA breaches. That kind of visibility is increasingly essential. Regulatory frameworks like NIS2 in the European Union and new U.S. Securities and Exchange Commission (SEC) rules require not just documentation but timely remediation.
Entering a crowded field
While Patchy is still a prototype, the market it signals interest in is highly competitive.
Microsoft is the largest player in the space. Intune handles endpoint patching. Azure Update Manager manages virtual machines. Defender XDR and Copilot for Security bring together detection, response and automation. However, Microsoft hasn’t yet demonstrated a multi-agent system that reasons across compliance, SLAs and maintenance windows.
CrowdStrike has taken a different path. Falcon Fusion automates workflows, and Charlotte AI enables natural-language investigation. Analysts say CrowdStrike excels at linking vulnerabilities to recommended actions—but Fusion is still rules-based, not agentic.
Tanium dominates in large enterprises and government agencies. Its platform offers near-instant visibility and can patch hundreds of thousands of endpoints at once (source). But its workflows are administrator-controlled and policy-driven.
Ivanti’s Neurons platform focuses on cross-platform patching. It uses AI to help with prioritization but adheres to fixed processes.
The industry has been moving toward autonomous remediation for years. Most platforms automate tasks. Few can make decisions. Patchy suggests a future where systems resolve conflicts and act independently—at least under supervision.
What AWS could bring—and what rivals want too
If AWS develops a Patchy-like product, it could offer something competitors can’t easily replicate: native access to the cloud infrastructure itself. Unlike third-party vendors, AWS owns the APIs, telemetry, resource tagging, health signals and deployment logic that underpin its cloud services.
This gives AWS the ability to evaluate vulnerabilities based on their cloud dependencies, determine the potential blast radius in real time, and align patching activities with autoscaling and deployment frameworks. It can also validate post-patch system health using its own telemetry and orchestrate patching operations across thousands of AWS accounts without external tools.
Competitors are closing the gap. Microsoft leverages Windows and Azure telemetry. CrowdStrike is expanding into cloud posture management and agentless discovery. Tanium is developing native cloud patching workflows.
Everyone wants to solve the blast-radius problem. AWS may be the only player positioned to solve it from inside the cloud.
Still early
Despite the buzz, Patchy is far from production-ready. AWS has not announced pricing, a release timeline or any kind of support model. It also didn’t explain how Patchy would function in multi-account environments or meet the strict change-control requirements common in enterprise IT.
Integration gaps are another concern. Patchy currently has no built-in ties to ServiceNow, JIRA or other ticketing systems—tools that define governance and approval flows. Without them, Patchy won’t scale across real-world organizations.
Security leaders may also hesitate to allow LLMs to issue production-level patch commands, even with rollback options and health checks in place.
Still, the direction is clear: dashboards and alerts aren’t enough anymore. The next frontier is orchestration.
Bhatt closed the session by acknowledging that AWS is still in learning mode. “We didn’t get there on day one,” he said. Patchy came about through experimentation—not a formal roadmap.
Even so, AWS has planted a flag. The world’s largest cloud provider believes that patching is ready for agentic AI.
And given the scale of today’s threats, customers may soon demand nothing less.
