Data retention and governance

This article explains how Kaseya MDR retain and manage security data from a governance and compliance perspective.

Data retention determines:

How long different types of data are stored
Which data remains searchable in the platform
How historical security activity can be reviewed during investigations, audits, or compliance reviews

Data types and retention model

Kaseya MDR distinguishes between raw data and processed data.

Raw data

Raw data represents the original, unnormalized data as it is ingested into the platform. It is used for initial ingestion and normalization and retained for a short duration.

Retention period: Raw data is retained for 3 days

Raw data is not intended for long‑term investigation or historical review.

Processed data

Processed data represents normalized security data that has been evaluated and structured by the platform.

Processed data includes:

Security events
Alerts
IOC rule results
Respond rule results
Other normalized security records

Retention period: Processed data is retained for 400 days

Searchability and historical access

Processed data is stored for 400 days and is searchable in the user interface for the full 400‑day retention period.

All retained processed data remains searchable for the duration of the retention period. There is no separate investigation experience for older processed data.

Retention behavior does not vary based on whether the data originated from an event, alert, IOC rule, or Respond rule, as long as the data is processed.

Governance considerations

Data retention settings are part of the platform’s governance model and are designed to support:

Security investigations
Operational reviews
Audit preparation
Compliance‑related inquiries

Retention behavior defines how long data is available, not how alerts are generated or how response actions are performed.

Relationship to other administrative settings

Data retention operates independently of:

User roles and permissions
Alert suppression
SOC authorization settings
Application behavior tuning

Those settings affect visibility, access, and behavior, but they do not change retention durations.

	Need help? Submit a Kaseya Helpdesk request.
	Want to talk about it? Head over to Kaseya Community.
	Have a new feature idea? Visit the Kaseya Ideas portal.
	Provide feedback for the Documentation team.