This document provides an overview of how to improve AWS security. It discusses common AWS security problems like publicly accessible buckets and stolen credentials. It recommends starting with a consulting company or security tools to audit compliance. The document then reviews the CIS AWS Benchmark for best practices and configurations. It explains how to implement continuous security monitoring versus periodic auditing. AWS security services like CloudTrail, GuardDuty, and SecurityHub are outlined. Best practices architecture and common lessons learned are also recapped. Estimated costs for implementing these security measures on an AWS account are provided.