Certifications and Compliance
We’re committed to maintaining best practices for ensuring security, availability, and confidentiality.
SOC 2 Type II
As part of this effort, Honeycomb annually completes an independent audit for our SOC 2 Type II report, which verifies our consistent application of the Trust Services Principles and Criteria over time. By periodically holding ourselves accountable to a third party, we hope to provide transparency to our customers and support our ongoing efforts to provide a secure and reliable environment for customer data.
Penetration Testing
We regularly undergo penetration testing by an independent security firm as part of our SOC 2 process and can furnish findings to customers as required.
GDPR
We are GDPR compliant and you can find our subprocessors here. GDPR rights requests may be sent to privacy@honeycomb.io.
HIPAA
Our security architecture has options specifically designed for customers dealing with sensitive data like PHI. We can sign a Business Associate Agreement (BAA) with customers who have compliance requirements under HIPAA/HITECH.
Special contracts
We will gladly explore custom DPAs with our customers when required.
Whistleblower Hotline
Whistleblower Hotline
Honeycomb uses Safe Hotline, Inc for its ethics and whistleblower hotline.
To raise an issue or concern anonymously, our Company ID number is 8108427380 (required for making reports); the toll-free phone number is 1-855-662-SAFE (1-855-662-7233) or you can submit a report at SAFEHOTLINE.COM.
Bug Bounty Program
Bug Bounty
We encourage responsible disclosure of security vulnerabilities through our bug bounty program. This page attempts to cover the most anticipated basic features of our policy; however the devil is always in the details, and it is not practical to cover every conceivable detail in advance. Whenever there is any room for interpretation or judgment, we will rely on our own discretion, informed by the circumstances and your actions.