What it was hardware, now is software, it is just an API call. We deploy infrastructure the same way we deploy applications. That fact has many implications in security and automation. We can automate recon, attacks and lateral movement but also automate many incident response processes along with hardening. This talk will cover some generic concepts and challenges doing forensics in cloud vendors and it will go deeper to show some attack vectors and hardening for AWS in particular.