Data and Security
Honeycomb is a power tool for exploring your data. We might create the tool, but it’s your data. You are always the one in control, and can delete your data at any point for any reason.
- We delete data as it exceeds your storage tier.
- You can delete datasets at any time. For more fine-grained deletion (a single column, for instance) contact support.
- Your Write Keys authenticate data ingestion.
- A team owner can create up to 5 Write Keys for each team. Enable or disable keys as often as needed. Contact support for additional keys.
- If you send data using a disabled or invalid Write Key, Data ingestion rejects events.
- The Honeycomb network was architected using modern best practices for tunneling, separate VPCs, encryption at rest and in transit.
- All storage nodes are unreachable from the internet.
- Only web services (API, UI) are reachable from the internet at all, and then only through ELB TLS ports.
- Nothing is transmitted unencrypted.
- Entire infra is autoscalable, which lets us roll our entire infra in ~60 minutes (~10 minutes for our forward-facing web nodes) when critical security patches are released.
- The agent does not run as root and cannot be controlled remotely.
- 100% open-source.
- For compliance data, we have a solution that ensures that your plaintext data is never present in honeycomb’s data files, and keys are never accessible by us.
- Fully auditable by your security team.
- Vetted by independent security professionals.