This document discusses using AWS Lambda for security operations like auditing, monitoring, and remediation. It provides examples of how AWS Lambda functions can be triggered by events from services like AWS CloudTrail, CloudWatch Logs, and VPC Flow Logs to filter logs and alerts. Lambda functions can also use AWS APIs to perform automated remediation steps. The document includes demos of architectures that apply these patterns.