# Incident Response in Amazon Config
<a name="incident-response"></a>

Security is the highest priority at Amazon. As part of the Amazon Cloud [shared responsibility model](https://www.amazonaws.cn/compliance/shared-responsibility-model), Amazon manages a data center, network, and software architecture that meets the requirements of the most security-sensitive organizations. Amazon is responsible for any incident response with respect to the Amazon Config service itself. Also, as an Amazon customer, you share a responsibility for maintaining security in the cloud. This means you control the security you choose to implement from the Amazon tools and features you have access to, and are responsible for incident response on your side of the shared responsibility model.

By establishing a security baseline that meets the objectives for your applications running in the cloud, you're able to detect deviations that you can respond to. Since security incident response can be a complex topic, we encourage you to review the following resources so that you are better able to understand the impact that incident response (IR) and your choices have on your corporate goals: [Amazon Security Incident Response Guide](https://docs.amazonaws.cn/whitepapers/latest/aws-security-incident-response-guide/welcome.html), [Amazon Security Best Practices](https://www.amazonaws.cn/architecture/security-identity-compliance/?cards-all.sort-by=item.additionalFields.sortDate&cards-all.sort-order=desc) whitepaper, and the [Security Perspective of the Amazon Cloud Adoption Framework ](https://d1.awsstatic.com/whitepapers/AWS_CAF_Security_Perspective.pdf)(CAF) white paper.