# Configuration and vulnerability analysis in Amazon Identity and Access Management
<a name="configuration-and-vulnerability-analysis"></a>

Amazon handles basic security tasks like guest operating system (OS) and database patching, firewall configuration, and disaster recovery. These procedures have been reviewed and certified by the appropriate third parties. For more details, see the following resources:
+ [Shared Responsibility Model](https://www.amazonaws.cn/compliance/shared-responsibility-model/)
+ [Amazon Web Services: Overview of Security Processes](https://d0.awsstatic.com/whitepapers/Security/AWS_Security_Whitepaper.pdf) (whitepaper)

The following resources also address configuration and vulnerability analysis in Amazon Identity and Access Management (IAM):
+ [Compliance validation for Amazon Identity and Access Management](iam-compliance-validation.md)
+ [Security best practices and use cases in Amazon Identity and Access Management](best-practices-use-cases.md)