Dow Jones Hammer - Protect The Cloud Alongside The Ability Of The Cloud(Aws)

Dow Jones Hammer is a multi-account cloud safety tool for AWS. It identifies misconfigurations as well as insecure information exposures inside nearly pop AWS resources, across all regions as well as accounts. It has close real-time reporting capabilities (e.g. JIRA, Slack) to render quick feedback to engineers as well as tin perform auto-remediation of about misconfigurations. This helps to protect products deployed on cloud past times creating secure guardrails.

Documentation
Dow Jones Hammer documentation is available via GitHub Pages at https://dowjones.github.io/hammer/.

Security features

• Insecure Services
• S3 ACL Public Access
• S3 Policy Public Access
• IAM User Inactive Keys
• IAM User Keys Rotation
• CloudTrail Logging Issues
• EBS Unencrypted Volumes
• EBS Public Snapshots
• RDS Public Snapshots
• SQS Public Policy Access
• S3 Unencrypted Buckets
• RDS Unencrypted Instances
• AMIs Public Access

Technologies

• Python 3.6
• AWS (Lambda, Dynamodb, EC2, SNS, CloudWatch, CloudFormation)
• Terraform
• JIRA
• Slack

Contributing
You are welcome to contribute!

Issues:
You tin purpose GitHub Issues to written report issues. Describe what is going on incorrect as well as what yous human face to live on right behaviour.

Patches:
We currently purpose dev branch for ongoing development. Please opened upward PRs to this branch.

Run tests:
Run tests amongst this command:

tox

Contact Us
Feel gratis to practice issue report, line asking or simply e-mail us at hammer@dowjones.com amongst whatsoever other questions or concerns yous have.

Download Dow Jones Hammer