#
The table below provides an overview of all modules in Hydden.
| Modules | Description | Type |
|---|---|---|
| AD Computer Collector | A data center collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Memberships, and Status (enabled/disabled). Has visibility into all computer, user, and service accounts (both human and non-human) with access to the directory. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| Allow On-Prem Collector | The configuration module manages on-prem licensing and tenant configuration options. | Platform |
| AS/400 Collector | A data center collector to discover Users and Status (enabled/disabled). Has visibility into all users that have access to the application. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| AWS Collector | A cloud collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Membership, MFA Configuration, and Status (enabled/disabled). Has visibility into users and service accounts that have access to the SaaS platforms. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| Active Directory Collector | A data center collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Memberships, and Status (enabled/disabled). Has visibility into all computer, user, and service accounts (both human and non-human) with access to the directory. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| Apache(Linux) Collector | A data center collector to discover Users, Groups, and Status (enabled/disabled). Has visibility into all users and groups that have access to the application. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| Azure Collector | A cloud collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Membership, MFA Configuration, and Status (enabled/disabled). Has visibility into users and service accounts that have access to the SaaS platforms. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| BeyondTrust Collector | A collector to discover user accounts and user accounts with API access. It also discovers Groups, Group Membership, MFA Configuration, and Status (enabled/disabled). Has visibility into users and accounts with API access that have access to the platform. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| Classifications | Based on configurable rules assign a classification to a user account, like nationality or object location in an OU in AD. | Platform |
| Communications | The communication module manages interactions and data exchanges between the platform and external systems or users. | Platform |
| Configuration | The Configuration modules manages all configuration settings in Hydden. | Platform |
| CyberArk Collector | A collector to discover internal and external CyberArk User Accounts, Service Accounts, and Vaulted Accounts (CyberArk Privileged Accounts). It also discovers Groups, Group Membership, MFA Configuration, and Status (enabled/disabled). Has visibility into users and service accounts that have access to the platform. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| Dashboard | The Dashboard module offers a visual representation of key performance indicators (KPIs), trends, and anomalies related to user accounts, authentication, authorization, and overall identity posture. | Platform |
| Data Store | The Data Store is Hydden’s distributed identity graph store. It maintains a historical view of identity attributes and relationships for the customer’s enterprise. | Platform |
| Entity Mapper | Provides the backend functionality for the Identity, Threat Rules, and Classification rule matches. | Platform |
| Gateway | The gateway module acts as a central control point for managing and securing access to applications, services, and data. | Platform |
| GitLab Collector | A cloud collector to discover members of an organization and their associated team/groups. | Collector, which leverages cloud and published API endpoints for data collection. |
| GitHub Collector | A cloud collector to discover members of an organization and their associated team/groups. | Collector, which leverages cloud and published API endpoints for data collection. |
| Google Cloud Platform collector | A cloud collector to discover Users, Service Accounts, and Groups. Has visibility into users and service accounts that have access to the SaaS platforms. | Collector, which leverages cloud and published API endpoints for data collection. |
| Google Workspace collector | A cloud collector to discover Users, Roles, and Groups. Has visibility into users, groups, and roles that have access to the SaaS platforms. | Collector, which leverages cloud and published API endpoints for data collection. |
| HIBP Collector | Have I Been Pwned is a cloud collector to discover breach data. Has visibility into which accounts and identities have been victim of publicly disclosed breaches. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| Identity Mapper | The Identity Mapper module analyses accounts and assigns them to identities. | Platform |
| Keeper Collector | Collects all users of the Keeper vault for your organization. | Collector, that collects the user of Keeper, but not the data stored by the users. |
| Kubernetes Collector | An orchestration engine to discover Users, Groups, Group Membership, and Status (enabled/disabled). Has visibility into all users and groups that have access to the containers within a cluster. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| Kubernetes Pod Collector | Has visibility into all users and groups that have access to accounts within the pod. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| LDAP Collector | A data center collector to discover Users, Groups, and Status (enabled/disabled). Has visibility into all users and groups that have access to the application. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| Linux Collector | A data center collector to discover Users, Groups, and Status (enabled/disabled). Has visibility into users and service accounts that have access to workstations and/or servers. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| Notification | The notification module generates, delivers, and manages alerts or messages related to identity and access management (IAM) events. | Platform |
| Okta Collector | A cloud collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Membership, MFA Configuration, and Status (enabled/disabled). Has visibility into users and service accounts that have access to the SaaS platforms. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| OpenAI Module | The OpenAI Module provides Slack bot integration query capabilities as well as general chat bot functionality to further analyze all collected data. | Platform |
| Package Repository | The package repository modules manages the client and server client install packages. | Platform |
| PAN-OS | A data center collector to discover accounts (Users, Groups, and Status (enabled/disabled)). Has visibility into users and service accounts that have access to PAN-OS endpoints. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| PostgreSQL Collector | A database collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Memberships, and Status (enabled/disabled). Has visibility into all users and groups that have access to the database. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| Reporting | Hydden reporting engine. | Platform |
| SailPoint IIQ Collector | An on-prem collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Membership, MFA Configuration, and Status (enabled/disabled) from connected applications. Has visibility into users and service accounts that have access to local applications. | Collector, which leverages a local client collector for data collection. |
| SailPoint ISC Collector | A cloud collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Membership, MFA Configuration, and Status (enabled/disabled) from connected applications. Has visibility into users and service accounts that have access to the SaaS platforms. | Collector, which leverages cloud collector and published API endpoints for data collection. |
| Salesforce Collector | A cloud collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Membership, MFA Configuration, and Status (enabled/disabled). Has visibility into users and service accounts that have access to the SaaS platforms. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| SQLServer Collector | A database collector to discover Users, Service Accounts, Computer Accounts, Groups, Group Memberships, Status (enabled/disabled), and Federated Accounts (MSFT SQL only). Has visibility into all users and groups that have access to the database. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| Scheduler | The scheduler module automats tasks and processes related to data collection and other jobs. It enables administrators to schedule recurring or one-time jobs to be executed at specific intervals or based on certain conditions. | Platform |
| ServiceNow Action | The ServiceNow Action Module manages actions and workflows to create tickets in ServiceNow. | Platform |
| Simple KV Store | A key-value store used for projections. Each instance stays up to date by consuming and folding events from the Stream Module, maintaining its own local state for fast key lookups and range queries. | Platform |
| Slack Collector | A cloud collector to discover Users and MFA Configuration. Has visibility into all users that have access to the application. | Collector, which leverages cloud or local client collector and published API endpoints for data collection. |
| Slack Integration | The Slack Integration Module provides the bot functionality used within the OpenAI Module. | Platform |
| SMTP Action | The SMTP Action Module provides the capability to send an email through configured actions and workflows for notification purposes. | Platform |
| Stream | Provides a persistent streaming backend. Multiple instances coordinate to form a quorum, ensuring reliable event persistence and distributed durability. | Platform |
| Time Server | The time server is used to provide a coordinated time for collections. This ensures all platform collections are stored with consistent times across all clients and stores. | Platform |
| Universal Collector | A collector to discover user, service, and resource accounts of cloud and local applications. | Collector, which leverages an organization’s network to collect data from various applications in the app ecosystem. No agent is installed on the server/application. |
| Upgrade | The upgrade module manages the process of improving or enhancing the existing system. | Platform |
| Vault | The Vault module provides Hydden’s abstraction for encryption as a service. Currently it uses platform specific key vault storage for customer keys. In the future Hydden will offer standard external key vault integrations. | Platform |
| vSphere | A data center collector to discover accounts (Users, Groups, and Status (enabled/disabled)). Has visibility into users and service accounts that have access to vSphere endpoints. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| Web Services | The Web Services Modules manages all internet/cloud connected sources and resources. | Platform |
| Windows Collector | A data center collector to discover Users, Groups, and Status (enabled/disabled). Has visibility into users and service accounts that have access to workstations and/or servers. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |
| WindowsRm Collector | A data center collector to discover Users, Groups, and Status (enabled/disabled). Has visibility into users and service accounts that have access to workstations and/or servers. | Collector, which leverages a local client collector (service) on an organization’s network. No agent is installed on the server/application. |