1. Docs
2. Security Overview

Security Overview

Honeycomb offers a secure service. Here is how we do it:

How We Secure Your Data 

• We delete data as it exceeds the 60-day retention window.
• You can delete datasets at any time. For more fine-grained deletion (a single column, for instance) contact Support via email at support@honeycomb.io.
• Your API Keys authenticate data ingestion.
  • A team owner can create, enable, and disable API keys for each environment in their team.
  • There is a limit of 100 API keys per team. This can be increased by request through Support at support@honeycomb.io.
  • If you send data using a disabled or invalid API Key, our API server will reject your events.

How We Secure Our Infrastructure 

• The Honeycomb network is architected using modern best practices for tunneling, separate VPCs, encryption at rest and in transit.
• All storage nodes are unreachable from the internet.
• Only web services (API, UI) are reachable from the internet at all, and then only through ELB TLS ports.
• Nothing is transmitted unencrypted.
• Our entire infrastructure is auto-scalable, which lets us roll our entire infrastructure in ~60 minutes (~10 minutes for our forward-facing web nodes) when critical security patches are released.

How We Secure Our Agent 

• Our various agents do not run as root and cannot be controlled remotely.
• All integrations are 100% open-source so you can examine it to your heart’s content.

Compliance Data 

• Fully auditable by your security team.
• Vetted by independent security professionals.

AWS PrivateLink 

• For Honeycomb Enterprise users with services hosted on AWS, we provide an AWS PrivateLink connection to the Honeycomb API. This may help limit data egress and make network security configuration more straightforward.

Did you find what you were looking for?

Yes No

Additional Feedback (Optional)

---

If you have questions, join our Pollinators Community Slack, or for Pro/Enterprise users, contact Support at support@honeycomb.io.

Submit