Connector Directory¶
ACES connectors translate vendor security tool APIs into standard ACES metric rows. This directory lists all connectors — both complete specs and community stubs awaiting contribution.
New to writing a connector? Start with the Connector Contribution Guide and use Huntress as the reference example.
Stable Connectors¶
| Slug | Display Name | Category | Auth | Status |
|---|---|---|---|---|
huntress | Huntress | EDR / MDR | API Key + Secret | Stable |
Community Stubs¶
These connectors have been identified from production deployments. Each needs a contributor to write the full spec page. See the Connector Contribution Guide to claim one.
| Slug | Display Name | Category | Notes |
|---|---|---|---|
auvik | Auvik | Asset / Network Monitoring | Network device inventory, asset coverage metrics |
breachsecurenow | Breach Secure Now | Security Awareness Training | SAT completion, phishing simulation via shared trait |
cavelo | Cavelo | PII Discovery | Data discovery and classification |
connectsecure | ConnectSecure | Vulnerability / Asset / Compliance | CVE data, asset scan coverage, compliance checks |
cyberhoot | CyberHoot | Security Awareness Training | SAT completion, phishing simulation via shared trait |
domainscanner | CheckMark Domain Scanner | Domain Security | DNS, SSL, email auth, web security — 10 scan categories, 77 metrics |
hudu | Hudu | Asset / IT Documentation | Asset inventory, documentation metrics |
liongard | Liongard | Asset / Change Detection | Agent health, change detection, asset inventory |
m365 | Microsoft 365 (via Graph) | Identity / Access / Device | MFA, conditional access, audit logs, managed devices — 35+ metrics |
msgraph | Microsoft Graph | Identity / Access / Device | Alias for m365 — 7 categories via MS Graph API |
ncentral | N-able N-central | RMM / Patch Management | Device management, patch compliance |
ninjarmm | NinjaRMM | RMM / Patch Management | Device status, patch compliance, active alerts |
nodeware | Nodeware | Vulnerability Management | CVE data, asset scan coverage, network segments |
phin | Phin Security | Security Awareness Training | SAT completion, phishing simulation via shared trait |
senteon | Senteon | CIS Benchmark / Hardening | CIS hardening compliance per endpoint |
sentinelone | SentinelOne | EDR / Vulnerability / Network | 35 metrics across 6 categories including Ranger network discovery |
symbol | Symbol Security | Security Awareness Training | SAT completion, phishing simulation via shared trait |
threatlocker | ThreatLocker | Application Control | Allow/deny actions, approval queue, ringfenced actions |
Contributing a Connector¶
- Pick a stub from the table above (or propose a new connector via GitHub Issue)
- Read the Connector Contribution Guide
- Study the Huntress reference example
- Submit a PR:
Connector: {Display Name}
All 18 stubs above have been mapped from real production connector implementations. The raw → normalized field mappings are documented in the ACES investigation findings on GitHub.