(Presented by Ken Johnson) An increasing number of organizations are using AWS or are migrating to AWS. Developers are often given the power to deploy infrastructure in ways that were previously restricted without the traditional insight and controls security would normally implement. At the same time, AWS customers are being exploited in ways that are easily preventable but highly damaging to the customer’s organization; this fact is well documented. Fortunately, AWS does provide the technology to harden, monitor, and even recover should an incident occur. In this talk, we discuss harnessing existing AWS functionality to strengthen your organization’s AWS infrastructure against practical attacks. Ken will show you what attackers are looking for, how they are finding you, and how to secure your environment. Additionally, attendees will be given code that assists those using AWS in better understanding how their environment’s IAM policies are configured and automate tasks like S3 bucket policy review, volume encryption statuses, and security group configurations. Finally, this talk will delve deep into practical alerting/monitoring and demonstrate implementing notifications that are descriptive and pinpoint active attacks. AWS Technologies discussed: – Config – CloudWatch – CloudTrail – SNS – SQS – IAM – Lambda – *(Other) Security features of other services