STIX-shifter currently offers connector support for the following cybersecurity products.
List updated: April 18, 2023
| Connector | Module Name | Data Model | Developer | Translation | Transmission | Availability | |
|---|---|---|---|---|---|---|---|
| 01 | IBM QRadar | qradar | QRadar AQL | IBM Security | Yes | Yes | Released |
| 02 | IBM QRadar on Cloud | qradar | QRadar AQL | IBM Security | Yes | Yes | Released |
| 03 | HCL BigFix | bigfix | Default | IBM Security | Yes | Yes | Released |
| 04 | Carbon Black CB Response | carbonblack | Default | IBM Security | Yes | Yes | Released |
| 05 | Carbon Black Cloud | cbcloud | Default | IBM Security | Yes | Yes | Released |
| 06 | Elasticsearch | elastic | MITRE CAR | MITRE | Yes | No | Released |
| 07 | Elasticsearch (ECS) | elastic_ecs | ECS | IBM Security | Yes | Yes | Released |
| 08 | IBM Cloud Security Advisor | security_advisor | Default | IBM Cloud | Yes | Yes | Released |
| 09 | Splunk Enterprise Security | splunk | Splunk CIM | IBM Security | Yes | Yes | Released |
| 10 | Microsoft Defender for Endpoint | msatp | Default | IBM Security | Yes | Yes | Released |
| 11 | Microsoft Graph Security | azure_sentinel | Default | IBM Security | Yes | Yes | Released |
| 12 | IBM Guardium Data Protection | guardium | Default | IBM Security | Yes | Yes | Released |
| 13 | AWS CloudWatch Logs | aws_cloud_watch_logs | Default | IBM Security | Yes | Yes | Released |
| 14 | Amazon Athena | aws_athena | SQL | IBM Security | Yes | Yes | Released |
| 15 | Alertflex | alertflex | Default | Alertflex | Yes | Yes | Released |
| 16 | Micro Focus ArcSight | arcsight | Default | IBM Security | Yes | Yes | Released |
| 17 | CrowdStrike Falcon | crowdstrike | Default | IBM Security | Yes | Yes | Released |
| 18 | Trend Micro Vision One | trendmicro_vision_one | Default | Trend Micro | Yes | Yes | Released |
| 19 | IBM Security Verify Privilege Vault | secretserver | Default | IBM | Yes | Yes | Released |
| 20 | One Login | onelogin | Default | GS Lab | Yes | Yes | Released |
| 21 | MySQL | mysql | Default | IBM | Yes | Yes | Released |
| 22 | Sumo Logic | sumologic | Default | GS Lab | Yes | Yes | Released |
| 23 | Datadog | datadog | Default | GS Lab | Yes | Yes | Released |
| 24 | Infoblox BloxOne Threat Defense | infoblox | Default | Infoblox | Yes | Yes | Released |
| 25 | Proofpoint (SIEM API) | proofpoint | Default | IBM Security | Yes | Yes | Released |
| 26 | Cybereason | cybereason | Default | IBM Security | Yes | Yes | Released |
| 27 | Palo Alto Cortex XDR | paloalto | Default | IBM Security | Yes | Yes | Released |
| 28 | SentinelOne | sentinelone | Default | IBM Security | Yes | Yes | Released |
| 29 | Darktrace | darktrace | Default | IBM Security | Yes | Yes | Released |
| 30 | IBM Security QRadar EDR | reaqta | Default | IBM Security | Yes | Yes | Released |
| 31 | IBM Security Verify | ibm_security_verify | Default | IBM Security | Yes | Yes | Released |
| 32 | Red Hat Advanced Cluster Security for Kubernetes (StackRox) | rhacs | Default | IBM Security | Yes | Yes | Released |
| 33 | GCP Chronicle | gcp_chronicle | Default | IBM Security | Yes | Yes | Released |
| 34 | Azure Log Analytics | azure_log_analytics | Default | IBM Security | Yes | Yes | Released |
| 35 | Okta | okta | Default | IBM Security | Yes | Yes | Released |