Query Security Data Pipelines is a managed data pipeline service that moves security telemetry from various sources to cloud storage destinations in a normalized, query-ready format. The product collects data from endpoint, network, and identity tools, then writes it to cloud storage as ZSTD or Snappy-compressed Parquet files. Data is partitioned using Hive-style folder structures (by source, event type, and time), making it compatible with query engines such as Amazon Athena, Redshift Spectrum, Snowflake, and Azure Data Explorer. Users select a data source, a storage destination, and a delivery schedule. Query handles collection, schema normalization, and delivery using cloud-native orchestration on its own infrastructure — no custom ETL jobs, YAML mappings, or middleware are required. Supported destinations include Amazon S3, Azure Blob Storage (ADLSv2), Google Cloud Storage, and Splunk, with Snowflake, Databricks, and Amazon Security Lake listed as coming soon. The service is designed to reduce SIEM ingestion costs by offloading bulk telemetry to cheaper cloud storage. Historical data backfill (hydration) is listed as a coming-soon feature, allowing users to specify how many days of data to populate when setting up a new pipeline. Data delivered by the service is structured and ready for downstream use cases including search, analytics, AI workloads, and compliance, without requiring further transformation.