Documentation - DWORDZ EDR Solution

Introduction

Welcome to the DWORDZ EDR documentation. This guide will help you get started with deploying, configuring, and managing our endpoint detection and response platform.

📘 What You'll Learn

This documentation covers installation, configuration, API usage, and best practices for securing your endpoints with DWORDZ EDR.

Key Features

Real-time threat detection and automated response
Comprehensive API for programmatic access
Cloud-native architecture with minimal footprint
Advanced behavioral analysis and ML-powered detection
Integration with popular SIEM and ticketing systems

Installation

Deploy the DWORDZ EDR agent across your endpoints using our automated installer or package managers.

Windows Installation

# Download and run the installer
Invoke-WebRequest -Uri https://downloads.dwordz.com/agent/latest/windows/dwordz-agent.msi -OutFile dwordz-agent.msi

# Install with your API key
msiexec /i dwordz-agent.msi API_KEY="your-api-key-here" /quiet
            

Linux Installation

# Using apt (Debian/Ubuntu)
curl -fsSL https://downloads.dwordz.com/keys/gpg | sudo apt-key add -
sudo add-apt-repository "deb https://downloads.dwordz.com/apt stable main"
sudo apt update && sudo apt install dwordz-agent

# Configure with your API key
sudo dwordz-agent configure --api-key "your-api-key-here"
            

macOS Installation

# Using Homebrew
brew tap dwordz/tap
brew install dwordz-agent

# Configure and start
dwordz-agent configure --api-key "your-api-key-here"
sudo dwordz-agent start
            

Authentication

All API requests require authentication using an API key. You can generate API keys from the DWORDZ dashboard.

⚠️ Security Best Practice

Never expose your API keys in client-side code or public repositories. Store them securely in environment variables or a secrets management system.

# Example: Authenticate API request
import requests

headers = {
    "Authorization": "Bearer YOUR_API_KEY",
    "Content-Type": "application/json"
}

response = requests.get(
    "https://api.dwordz.com/v1/endpoints",
    headers=headers
)
            

Alerts API

Retrieve and manage security alerts detected by DWORDZ EDR.

GET /v1/alerts

Retrieve a list of security alerts

Query Parameters

Parameter	Type	Description
`severity`	string	Filter by severity: low, medium, high, critical
`status`	string	Filter by status: open, investigating, resolved
`limit`	integer	Number of results to return (default: 50, max: 1000)
`offset`	integer	Pagination offset

Example Request

import requests

url = "https://api.dwordz.com/v1/alerts"
params = {
    "severity": "high",
    "status": "open",
    "limit": 100
}

response = requests.get(url, headers=headers, params=params)
alerts = response.json()

for alert in alerts['data']:
    print(f"Alert ID: {alert['id']}")
    print(f"Threat Type: {alert['threat_type']}")
    print(f"Endpoint: {alert['endpoint_name']}")
            

Example Response

{
  "data": [
    {
      "id": "alert_123456",
      "threat_type": "Ransomware",
      "severity": "high",
      "status": "open",
      "endpoint_id": "ep_789",
      "endpoint_name": "DESKTOP-ABC123",
      "detected_at": "2026-01-25T10:30:00Z",
      "description": "Ransomware behavior detected"
    }
  ],
  "pagination": {
    "total": 247,
    "limit": 100,
    "offset": 0
  }
}
            

POST /v1/alerts/{alert_id}/respond

Execute a response action on an alert

# Quarantine a file associated with an alert
response = requests.post(
    f"https://api.dwordz.com/v1/alerts/{alert_id}/respond",
    headers=headers,
    json={
        "action": "quarantine",
        "note": "Confirmed malicious file"
    }
)
            

Deployment Guide

Best practices for deploying DWORDZ EDR across your organization.

Planning Your Deployment

Inventory all endpoints that require protection
Determine appropriate policy configurations for different groups
Set up integrations with existing security tools
Plan rollout phases starting with pilot groups
Prepare incident response procedures

Deployment Methods

DWORDZ EDR supports multiple deployment methods to fit your environment:

🚀 Group Policy (Windows)

Use GPO to deploy agents across Active Directory-joined Windows systems. Download our ADM/ADMX templates from the dashboard.

📦 Configuration Management

Deploy using Ansible, Puppet, Chef, or other configuration management tools. See our examples repository on GitHub.

☁️ Cloud Deployment

Use our Terraform modules or CloudFormation templates to deploy agents to cloud instances automatically.

Webhooks

Configure webhooks to receive real-time notifications about security events.

Setting Up Webhooks

POST /v1/webhooks

{
  "url": "https://your-server.com/webhook",
  "events": ["alert.created", "alert.resolved"],
  "secret": "your-webhook-secret"
}
            

Webhook Payload Example

{
  "event": "alert.created",
  "timestamp": "2026-01-25T10:30:00Z",
  "data": {
    "alert_id": "alert_123456",
    "severity": "high",
    "threat_type": "Ransomware",
    "endpoint_name": "DESKTOP-ABC123"
  }
}
            

DWORDZ EDR Documentation