We usually associate serverless with functions, API Gateways, and object storage. Did you know you can leverage serverless capabilities to audit, monitor, and secure your cloud? Serverless capabilities allow us to run functions, store findings, and send alerts which we can use for security. This talk will explore some use cases you can quickly adopt to improve your cloud security posture. The attendees will leave with the following key takeaways: performing auditing against security controls (e.g., CIS benchmarks), monitoring for security misconfigurations (e.g., public S3 buckets), and remediating findings (e.g., reset IAM password policy).