We use WebPageTest Private Instance at our organisation (such a great tool it would be silly not to). We are using the latest version of Private Instance (3.0) which creates test agents on demand and auto updates itself. In light of recent Windows threat are you expecting to upgrade the amis to get them patched up in near or distant future?
I know WebPageTest Agents are isolated and stateless windows machines and so long as we have proper firewall rules in place I can’t think of any scenarios where
a) being locked out from web page test agent or
b) test agent can be used to infect another machine
would not be a concern especially when they get autoscaled (down) eventually. So only reason I ask this is to satisfy our security manager.