Use Cases
Amygdala XDR® Security Management
Amygdala XDR® is a security management platform that provides endpoint detection and response (EDR), security analytics, and threat detection capabilities. It is designed to help organizations monitor their security posture, identify security threats and respond to them in a timely manner. It consists of a number of different components, including agents, a server, and a web-based management console. The agents are installed on endpoints and collect security-related data, which is then forwarded to the server for analysis. The server processes the data and provides alerts and reports to the management console.
Real-time threat detection
Amygdala XDR uses a variety of techniques to detect threats in real-time, including signature-based detection, behavioral analysis, and anomaly detection.
File integrity monitoring
Amygdala XDR® monitors files and directories for changes, and alerts administrators if any unauthorized modifications are made.
Log management
Amygdala XDR® collects, analyzes, and stores log data from various sources, including operating systems, applications, and network devices.
Compliance management
Amygdala XDR® includes pre-defined policies and rulesets that help organizations meet various compliance requirements, such as PCI DSS, HIPAA, and GDPR.
Incident response
Amygdala XDR® provides workflows that help organizations respond to security incidents in a timely and effective manner.
Multi-tenancy
Amygdala XDR® Multi-tenancy supports multiple independent groups, or tenants, within a single Amygdala XDR® cluster. Each has its own index patterns, mappings, queries, dashboards, and visualizations in Amygdala XDR®. It is useful in scenarios where multiple applications, customers, or teams need to share a common Elasticsearch infrastructure while keeping their data separated and isolated from each other.
Amygdala XDR® provides several options for implementing multi-tenancy, including:
Index-based multi-tenancy
In Amygdala XDR® Index-based multi-tenancy, each tenant is assigned a separate set of indices. The indices are prefixed with a unique identifier for each tenant, such as "tenant1-" or "tenant2-", to keep them separate and Kibana can be configured to show only the indices of a particular tenant to that tenant's users.
Namespace-based multi-tenancy
In Amygdala XDR® Namespace-based multi-tenancy, each tenant is assigned a unique namespace, which is used to isolate their data from other tenants. It is a logical grouping of Elasticsearch resources, including indices, documents, queries, and visualizations. Users of a particular tenant can only see and interact with resources within their own namespace.
Role-based multi-tenancy
In Amygdala XDR® Role-based multi-tenancy, each tenant is assigned a set of roles that determine the level of access and permissions for that tenant's users. For example, a tenant may have a "read-only" role that only allows users to view data, while another tenant may have a "read-write" role that allows users to create and modify data. Overall, multi-tenancy is an important feature in Amygdala XDR® that allows users to share a common Amygdala XDR® infrastructure while keeping their data separate and secure. It provides a flexible and scalable solution for organizations that need to support multiple applications, customers, or teams within a single Amygdala XDR® cluster.
Dev Tools
The Dev Tools is a powerful tool that allows developers to interact with the Amygdala XDR® using a variety of methods. It provides a console interface for developers to send requests directly to Elasticsearch and inspect the results in real-time. The Dev Tools tab can be accessed by clicking on the Dev Tools icon on the left-hand side of the UI.
Some of the modules of the Dev Tools include:
Console
The console interface allows developers to send requests to Amygdala XDR® using a user-friendly interface. Requests can be made using the REST API, and the console supports a wide range of HTTP methods, including GET, POST, PUT, DELETE, and more.
Autocomplete
The console interface provides an autocomplete module that can be used to quickly build complex queries. This module helps developers avoid syntax errors and improve the speed and accuracy of their queries.
Snippets
The Dev Tools provides a wide range of snippets that developers can use to quickly build common queries. These snippets can be customized and saved for later use.
Import/Export
The Dev Tools allows developers to import and export requests as JSON files. This module can be used to share requests between team members or between different instances of UI.
API Documentation
The Dev Tools provide documentation for the Amygdala XDR® REST API. This documentation can be used as a reference when building requests or troubleshooting issues.
Redefining IT Performance and Security Through Intelligent Innovation.