The data pipeline engine for security teams
Collect, shape, optimize, enrich, store, replay, and route your security data.
The data pipeline engine for security teams
Collect, shape, optimize, enrich, store, replay, and route your security data.
The data pipeline engine for security teams
Collect, shape, optimize, enrich, store, replay, and route your security data.
Security
Map to OCSF, enrich, detect
Data
Connect, transform, reduce, route
Operations
Deploy as code, reduce costs



Security
Data
Ops



Security
Map to OCSF, enrich, detect
Data
Connect, transform, reduce, route
Operations
Deploy as code, reduce costs



Use cases
Unlock the full potential of your data
Tenzir is the security-native data pipeline platform that gives you full control over your security data—from collection to transformation to action. Break free from vendor lock-in, reduce costs, and turn raw data into high-value insights.
Collect
Seamlessly gather data from any source
Collect
Seamlessly gather data from any source
Collect
Seamlessly gather data from any source
Parse
Turn unstructured into structured data
Parse
Turn unstructured into structured data
Parse
Turn unstructured into structured data
Shape
Slice & dice your data to transform it as you need
Shape
Slice & dice your data to transform it as you need
Shape
Slice & dice your data to transform it as you need
Optimize
Reduce data volume and slash costs
Optimize
Reduce data volume and slash costs
Optimize
Reduce data volume and slash costs
Normalize
Map to OCSF, ASIM, ECS, or own schemas
Normalize
Map to OCSF, ASIM, ECS, or own schemas
Normalize
Map to OCSF, ASIM, ECS, or own schemas
Anonymize
Stay compliant with masking & redacting
Anonymize
Stay compliant with masking & redacting
Anonymize
Stay compliant with masking & redacting
Enrich
Add context from threats, assets & vulnerabilities
Enrich
Add context from threats, assets & vulnerabilities
Enrich
Add context from threats, assets & vulnerabilities
Detect
Execute Sigma, YARA, Python in streaming mode
Detect
Execute Sigma, YARA, Python in streaming mode
Detect
Execute Sigma, YARA, Python in streaming mode
Store
Encode in Parquet & save to object storage
Store
Encode in Parquet & save to object storage
Store
Encode in Parquet & save to object storage
Search
Rapidly pinpoint & materialize the data you need
Search
Rapidly pinpoint & materialize the data you need
Search
Rapidly pinpoint & materialize the data you need
Replay
Reactivate at-rest data back in motion
Replay
Reactivate at-rest data back in motion
Replay
Reactivate at-rest data back in motion
Route
Split data flows, send to many destinations
Route
Split data flows, send to many destinations
Route
Split data flows, send to many destinations
Why Tenzir?
Powerful yet easy
Our Tenzir Query Language (TQL) allows anyone to compose powerful pipelines at ease—efficient for interactive data exploration and scalable for as-code deployments.

Open and extensible
Our open source community library offers packages that bundle pipelines and context. Deploy 'em with a single click. Want to h4ck? Tenzir's execution engine is permissively licensed and fully customizable.

Built for SecOps
Perfect for OCSF mappings. Ultra-flexible enrichment for indicator contextualization and passive asset inventorization. Native operators for detection (Sigma & YARA).

Powerful yet easy
Our Tenzir Query Language (TQL) allows anyone to compose powerful pipelines at ease—efficient for interactive data exploration and scalable for as-code deployments.

Open and extensible
Our open source community library offers packages that bundle pipelines and context. Deploy 'em with a single click. Want to h4ck? Tenzir's execution engine is permissively licensed and fully customizable.

Built for SecOps
Perfect for OCSF mappings. Ultra-flexible enrichment for indicator contextualization and passive asset inventorization. Native operators for detection (Sigma & YARA).

Powerful yet easy
Our Tenzir Query Language (TQL) allows anyone to compose powerful pipelines at ease—efficient for interactive data exploration and scalable for as-code deployments.

Open and extensible
Our open source community library offers packages that bundle pipelines and context. Deploy 'em with a single click. Want to h4ck? Tenzir's execution engine is permissively licensed and fully customizable.

Built for SecOps
Perfect for OCSF mappings. Ultra-flexible enrichment for indicator contextualization and passive asset inventorization. Native operators for detection (Sigma & YARA).

Integrations
Connect the world of security and data
Connect the world of security and data
All security data at your fingertips! Unlock its value with our expanding list of integrations.
All security data at your fingertips! Unlock its value with our expanding list of integrations.
Trusted by MDRs
“Tenzir empowered us to create a federated security operations architecture that allows us to focus on content and people instead of technology. This has provided our organization with the necessary capability and flexibility to support new features, growth, and expansion.”
“Tenzir empowered us to create a federated security operations architecture that allows us to focus on content and people instead of technology. This has provided our organization with the necessary capability and flexibility to support new features, growth, and expansion.”

Dr. Andreas Rohr
Managing Director, DCSO
Resources
Dive deeper into Tenzir
Get started today
The Tenzir Community Edition is free for all users and perfect to start out. Log in and unleash your data.
Read tutorial and guides
Our docs come with tutorials, explanations, and a rich reference. Everything you need to become a Tenzir pro!
Join the community
Share your thoughts and questions with our vibrant community of security and data enthusiasts.
© 2025 Tenzir GmbH. All rights reserved.
© 2025 Tenzir GmbH. All rights reserved.
© 2025 Tenzir GmbH. All rights reserved.