Consider a scenario where a company experiences a security incident involving unauthorized access to their AWS RDS database. How would you use AWS CloudTrail and AWS Config to trace the incident and what steps would you take to secure the database post-incident? Describe the process from detection to recovery.