How would you review and harden AWS environments to comply with internal security standards and industry best practices?