By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
data security

Data observability that's security-first

Bigeye is built to industry-leading security standards. We follow enterprise-grade practices to deliver data observability while protecting your data and ensuring compliance.

Secure by design

Bigeye provides data protection guarantees for customers in regulated industries like financial services, education, social media, and more.

soc2 compliance

SOC2 Type II

Bigeye is SOC2 Type II compliant.
encryption

Encryption

Your data is encrypted in motion with TLS and at rest with AES-256.
pentests

PenTests

Up to date penetration test reports are available on demand.
anonymization

Anonymization

Bigeye only stores aggregate statistics, never raw data from your data sources.
read only

Read Only

Bigeye uses read-only service accounts and cannot modify your data source.
uptime slas

Uptime SLAs

Strong uptime SLAs and incident response plans. See system status.
Trust resources

Flexible deployment options

Bigeye offers both agentless and agent-based models so you can choose the deployment option that best fits your needs.

Agentless

Agent-less

Agent-based

Support for 20+ data sources
Checkmark icon
Checkmark icon
No raw data collection
Checkmark icon
Checkmark icon
Read-only connection
Checkmark icon
Checkmark icon
Encryption in motion and at rest
Checkmark icon
Checkmark icon
SOC2 Type II report
Checkmark icon
Checkmark icon
On-premises agent
Checkmark icon
No inbound connections to your network
Checkmark icon
Additional asymmetric encryption
Checkmark icon
No raw data exposed to Bigeye
Checkmark icon

Details

Access controls

SSO

Secure Sign In via Okta is available for Bigeye Enterprise customers. Google Workspaces support is coming soon.

Permissions

Bigeye connects to your data with read-only service accounts on your data sources. Bigeye will only see data that the service account has access to, giving you total control over what data can be monitored. Only administrator-level users can add, edit, and delete connections to your data sources.

Role-based access controls

Restrict user access to sensitive datasets and control who can edit and manage Bigeye monitoring on different data sources.

Architecture

Connections

Bigeye connects to data sources using read-only accounts via JDBC. Credentials to your data sources are stored on Bigeye servers hosted in AWS, are encrypted at rest, and cannot be accessed by Bigeye engineers.

Encryption

All data is encrypted with AES-256 at rest, and all network traffic to your team’s browsers goes over HTTPS.

Aggregates

Bigeye collects only aggregated statistics about your data to perform monitoring and anomaly detection. Some features used for root cause analysis will fetch row-level data from your sources which is only held in non-durable memory and never persisted. These features may be disabled entirely, if required.

AWS PrivateLink

Bigeye can peer directly with your AWS Virtual Private Cloud, avoiding traffic out to the internet. PrivateLink for AWS is available as part of Bigeye Enterprise.

Optional agent model

Customers can choose between agent and agentless deployment models. The agent model satisfies additional security requirements including eliminating the need for Bigeye to make inbound connections into your network.

Bigeye policies

Privacy and security training

Bigeye employees engage in privacy and security training during onboarding and periodically thereafter.

Access restrictions

We follow need-to-know principles and limit access to our systems to ensure that only our Site Reliability Engineering Team and Chief Technology Officer can access customer data during incident response processes.

Vulnerability scans

We conduct code review and perform vulnerability scans on all dependencies as part of our software engineering practices.

Data Processing Addendum

Bigeye can provide a DPA on request.

Data Deletion

On closure of your account, our team destroys all data from your workspace, including credentials, user data, and your data observability metric histories.

SLAs

We provide strong SLAs for all Bigeye workspaces, and stricter SLAs are available for enterprise customers. You can view our current system status and uptime here.