Tenzir Documentation

Actionable insights at your fingertips


Network Forensics & Telemetry at Scale

VAST is a network telemetry engine purpose-built for ingesting massive amounts of security data. Be it raw packets, NetFlow records, indicators, or structured logs. Pivot between the data with ease and explore the temporal and spatial boundaries of your data at ease. VAST breaks up SIEM data silos by offering a high-bandwidth export path via Apache Arrow to data science land. Welcome to the next generation platform for security analytics.

docs: VAST

Threat Bus

Real-Time Injection of Threat Intelligence into Detection Tools

Threat Bus is a realtime pub-sub broker for threat intelligence. With Threat Bus you turbo-charge detection tools that rely on fresh indicators and report back sightings. The plugin-based architecture makes for flexible integration with key open-source tools, such as MISP, Zeek, VAST, and more soon. Deliver threat ingelligence, subscribe to new IoCs, or report sightings in near real-time. Periodic exports and bulk jobs are a blast from the past, come with us and enjoy gap-free detection.

docs: Threat Bus


What we do

Our mission is to radically simplify the investigation of cyber attacks. In a world of understaffing, talent shortage, and alert fatigue, keeping a large network secure is a daunting challenge. We develop the next-generation platform to equip analysts with effective investigation support and intelligent automation. By leveraging the next generation of data science methods we can cut through the noise to focus on what matters: isolating attackers before they get a deep foothold and cause substantial damage.