Blog
AWS Security Agent Verification — Penetration Testing Detection Capability Against GraphQL APIs
AWS officially states Security Agent can test GraphQL APIs, but how well does it actually work? Testing under 4 conditions revealed that HTML link structure is the critical factor — when present, the agent performs GraphQL-specific tests including Introspection, nested query analysis, and Mutation parameter testing.