Dow Jones Hammer
Dow Jones Hammer is a multi-account cloud security tool for AWS that identifies misconfigurations and insecure data exposures within AWS resources, provides near real-time reporting capabilities, and can perform auto-remediation of some misconfigurations to create secure guardrails for products deployed on the cloud. The documentation is available on GitHub Pages at https://dowjones.github.io/hammer/. It covers security features like insecure services, cloud security issues, and technologies used such as Python 3.6, AWS services, Terraform, JIRA, and Slack.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
In-depth analysis and insights on various cloud security topics by Rhino Security Labs team
A collection of security workshops and hands-on content for AWS security services and techniques
Open-source project for detecting security risks in cloud infrastructure accounts with support for AWS, Azure, GCP, OCI, and GitHub.
S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.
Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Discover and understand the Docker Layer 2 ICC Bug and its implications on inter-container communication.
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.