A large number of organizations are using AWS or are migrating to AWS. Security teams with traditional datacenter security knowledge are trying to catch-up and grasp the new attack surface, security concerns, and develop defensive techniques. At the same time, AWS customers are being exploited in ways that are easily preventable but highly damaging to the customer's organization; this fact is well documented. Fortunately, AWS does provide the technology to harden, monitor, and even recover should an incident occur. Unfortunately, these defensive practices are not widely discussed or well-known amongst both security professionals as well as developers. In this talk, we discuss harnessing existing AWS functionality to strengthen your organization’s AWS infrastructure against practical attacks. Ken will show you what attackers are looking for, how they are finding you, how to secure your environment, and how to answer the question “Our access keys have been stolen, what do we do now?â€. AWS Technologies discussed: - Config - CloudWatch - CloudTrail - SNS - SQS - IAM - *(Other) Security features of other services