Explore the security challenges and vulnerabilities associated with migrating applications to Amazon Web Services (AWS) in this conference talk from AppSecUSA 2014. Delve into concrete examples and new techniques that reveal "full stack" vulnerabilities in AWS environments, from simple mistakes like exposing credentials to unexpected issues such as XXE injection and data leakage. Learn about a free assessment tool designed to map interactions between infrastructure and code, helping organizations navigate the complexities of AWS security. Gain insights into AWS as an operating system, its attack surface, and common pitfalls in cloud migration. Discover strategies for controlling API access, managing metadata, and leveraging advanced capabilities to enhance security in AWS deployments.