Dow Jones Hammer can identify and report the following issues:
| Name | Description | Default Alert Trigger |
|---|---|---|
| S3 ACL Public Access | Detects publicly accessible by ACL S3 buckets | Any of the S3 buckets is worldwide accessible by ACL |
| Insecure Services | Detects groups with worldwide open ports from the list | Any of security groups allows unrestricted access to the ports defined in the configuration file |
| IAM User Inactive Keys | Detects unused for N days access keys | Any of access keys is not used for the timeframe defined in the configuration file |
| IAM User Keys Rotation | Detects the lack of access keys rotation for N days | Any of access keys was created earlier than the timeframe defined in the configuration file |
| S3 Policy Public Access | Detects publicly accessible by policy S3 buckets | Any of the S3 buckets is worldwide accessible by policy |
| CloudTrail Logging Issues | Detects CloudTrail logging status and permission issues | Any of AWS regions does not have CloudTrail logging enabled or has access issues |
| EBS Unencrypted Volumes | Detects not encrypted at rest EBS volumes | Any of the EBS volumes is not encrypted at rest |
| EBS Public Snapshots | Detects publicly accessible EBS snapshots | Any one of EBS snapshots is worldwide accessible |
| RDS Public Snapshots | Detects publicly accessible RDS snapshots | Any one of RDS snapshots is worldwide accessible |
| SQS Policy Public Access | Detects publicly accessible SQS policy | Any of SQS queues is worldwide accessible by policy |
| S3 Unencrypted Buckets | Detects not encrypted at reset S3 buckets | Any of S3 bucket is not encrypted at rest |
| RDS Unencrypted instances | Detects not encrypted at rest RDS instances | Any one of RDS instances is not encrypted at reset |
| AMIs public access | Detects publicly accessible AMIs | Any one of AMI is worldwide accessible |
Dow Jones Hammer can perform remediation for all issues except EBS Unencrypted volumes, CloudTrail Logging Issues and RDS Unencrypted instances.