Backend overview

The cloud backend is centered on AWS:

API Gateway (REST) — Public HTTPS API for agents and the dashboard.
AWS Lambda — Primary handler edr-api-handler (Python) for routing, persistence, and integrations.
Amazon DynamoDB — Event records and metadata (e.g. edr-events).
Amazon S3 — Optional forensic JSON payloads.
Amazon Bedrock — Claude models for AI analysis and chat.
(Optional) Pinecone — Vector search for MITRE RAG and similar events.

Deploy scripts live under backend/ in the repository (e.g. deploy-lambda-with-rag.ps1).