Honeycomb is a secure product. You can also learn more about our certifications and compliance on our security webpage.
How We Secure Your Data
All data is encrypted at rest and in transit.
We delete data as it exceeds the 60-day retention window.
You can delete datasets at any time. For more fine-grained deletion (a single column, for instance) contact Support via support.honeycomb.io, or email at support@honeycomb.io.
Your API Keys authenticate data ingestion.
A team owner can create, enable, and disable API keys for each environment in their team.
If you send data using a disabled or invalid API Key, our API server will reject your events.
How We Secure Our Infrastructure
The Honeycomb network is architected using modern best practices for tunneling, separate VPCs, encryption at rest and in transit.
All storage nodes are unreachable from the internet.
Only web services (API, UI) are reachable from the internet at all, and then only through ELB TLS ports.
Nothing is transmitted unencrypted over public networks.
Our entire infrastructure is auto-scalable, which lets us roll our entire infrastructure in ~60 minutes (~10 minutes for our forward-facing web nodes) when critical security patches are released.
How We Secure Our Integrations
Our various integrations (agents and SDKs) do not run as root and cannot be controlled remotely.
For Honeycomb Enterprise users with services hosted on AWS, we provide an AWS PrivateLink connection to the Honeycomb API. This may help limit data egress and make network security configuration more straightforward.
