Security overview

Honeycomb offers a secure service. Here’s how we do it:

How we secure your data

We delete data as it exceeds the 60-day retention window.
You can delete datasets at any time. For more fine-grained deletion (a single column, for instance) contact support.
Your API Keys authenticate data ingestion.
- A team owner can create up to 5 API Keys for each team. Enable or disable keys as often as needed. Contact support for additional keys.
- If you send data using a disabled or invalid API Key, our API server will reject your events.

The Honeycomb network is architected using modern best practices for tunneling, separate VPCs, encryption at rest and in transit.
All storage nodes are unreachable from the internet.
Only web services (API, UI) are reachable from the internet at all, and then only through ELB TLS ports.
Nothing is transmitted unencrypted.
Our entire infrastructure is auto-scalable, which lets us roll our entire infrastructure in ~60 minutes (~10 minutes for our forward-facing web nodes) when critical security patches are released.

Our various agents do not run as root and cannot be controlled remotely.
All integrations are 100% open-source so you can examine it to your heart’s content.

For compliance data, we offer our Secure Tenancy service. Secure Tenancy ensures that your plaintext data is never present in Honeycomb’s data files, and keys are never accessible by us.
Fully auditable by your security team.
Vetted by independent security professionals.

For more information about Secure Tenancy, contact your Honeycomb Sales Representative or reach out to us via our Help Page.