Available Connectors

STIX-shifter currently offers connector support for the following cybersecurity products.

List updated: April 18, 2023

Connector

Module Name

Data Model

Developer

Translation

Transmission

Availability

01

IBM QRadar

qradar

QRadar AQL

IBM Security

Yes

Yes

Released

02

IBM QRadar on Cloud

qradar

QRadar AQL

IBM Security

Yes

Yes

Released

03

HCL BigFix

bigfix

Default

IBM Security

Yes

Yes

Released

04

Carbon Black CB Response

carbonblack

Default

IBM Security

Yes

Yes

Released

05

Carbon Black Cloud

cbcloud

Default

IBM Security

Yes

Yes

Released

06

Elasticsearch

elastic

MITRE CAR

MITRE

Yes

No

Released

07

Elasticsearch (ECS)

elastic_ecs

ECS

IBM Security

Yes

Yes

Released

08

IBM Cloud Security Advisor

security_advisor

Default

IBM Cloud

Yes

Yes

Released

09

Splunk Enterprise Security

splunk

Splunk CIM

IBM Security

Yes

Yes

Released

10

Microsoft Defender for Endpoint

msatp

Default

IBM Security

Yes

Yes

Released

11

Microsoft Graph Security

azure_sentinel

Default

IBM Security

Yes

Yes

Released

12

IBM Guardium Data Protection

guardium

Default

IBM Security

Yes

Yes

Released

13

AWS CloudWatch Logs

aws_cloud_watch_logs

Default

IBM Security

Yes

Yes

Released

14

Amazon Athena

aws_athena

SQL

IBM Security

Yes

Yes

Released

15

Alertflex

alertflex

Default

Alertflex

Yes

Yes

Released

16

Micro Focus ArcSight

arcsight

Default

IBM Security

Yes

Yes

Released

17

CrowdStrike Falcon

crowdstrike

Default

IBM Security

Yes

Yes

Released

18

Trend Micro Vision One

trendmicro_vision_one

Default

Trend Micro

Yes

Yes

Released

19

IBM Security Verify Privilege Vault

secretserver

Default

IBM

Yes

Yes

Released

20

One Login

onelogin

Default

GS Lab

Yes

Yes

Released

21

MySQL

mysql

Default

IBM

Yes

Yes

Released

22

Sumo Logic

sumologic

Default

GS Lab

Yes

Yes

Released

23

Datadog

datadog

Default

GS Lab

Yes

Yes

Released

24

Infoblox BloxOne Threat Defense

infoblox

Default

Infoblox

Yes

Yes

Released

25

Proofpoint (SIEM API)

proofpoint

Default

IBM Security

Yes

Yes

Released

26

Cybereason

cybereason

Default

IBM Security

Yes

Yes

Released

27

Palo Alto Cortex XDR

paloalto

Default

IBM Security

Yes

Yes

Released

28

SentinelOne

sentinelone

Default

IBM Security

Yes

Yes

Released

29

Darktrace

darktrace

Default

IBM Security

Yes

Yes

Released

30

IBM Security QRadar EDR

reaqta

Default

IBM Security

Yes

Yes

Released

31

IBM Security Verify

ibm_security_verify

Default

IBM Security

Yes

Yes

Released

32

Red Hat Advanced Cluster Security for Kubernetes (StackRox)

rhacs

Default

IBM Security

Yes

Yes

Released

33

GCP Chronicle

gcp_chronicle

Default

IBM Security

Yes

Yes

Released

34

Azure Log Analytics

azure_log_analytics

Default

IBM Security

Yes

Yes

Released

35

Okta

okta

Default

IBM Security

Yes

Yes

Released