Security Overview | Honeycomb

We use cookies or similar technologies to personalize your online experience & tailor marketing to you. Many of our product features require cookies to function properly.

Read our privacy policy I accept cookies from this site

Security Overview

Honeycomb offers a secure service. Here is how we do it:

How We Secure Your Data 

  • We delete data as it exceeds the 60-day retention window.
  • You can delete datasets at any time. For more fine-grained deletion (a single column, for instance) contact Support via email at support@honeycomb.io.
  • Your API Keys authenticate data ingestion.
    • A team owner can create, enable, and disable API keys for each environment in their team.
    • There is a limit of 100 API keys per team. This can be increased by request through Support at support@honeycomb.io.
    • If you send data using a disabled or invalid API Key, our API server will reject your events.

How We Secure Our Infrastructure 

  • The Honeycomb network is architected using modern best practices for tunneling, separate VPCs, encryption at rest and in transit.
  • All storage nodes are unreachable from the internet.
  • Only web services (API, UI) are reachable from the internet at all, and then only through ELB TLS ports.
  • Nothing is transmitted unencrypted.
  • Our entire infrastructure is auto-scalable, which lets us roll our entire infrastructure in ~60 minutes (~10 minutes for our forward-facing web nodes) when critical security patches are released.

How We Secure Our Agent 

  • Our various agents do not run as root and cannot be controlled remotely.
  • All integrations are 100% open-source so you can examine it to your heart’s content.

Compliance Data 

  • Fully auditable by your security team.
  • Vetted by independent security professionals.

Did you find what you were looking for?