Who are we?

We're LunaSec, a software startup based in Seattle that's building Open Source Data Security software. Our team is comprised of security experts with experience from companies like Uber, Snapchat, and Capital One.

If you've ever heard of "Log4Shell", then you're familiar with some of our work. We recently made it into the news for our work writing the first technical overview about the exploit.

What are we building?

We're building the future of Open Source Application Security software. We want to put the past version of ourselves out of a job -- we want companies to be able to fire their Security Engineers by giving developers access to "Secure by Default" development frameworks.

Why would we want that? Well, it's because Security is a major pain point for companies that have to deal with sensitive data. Security means managing risk for the business, and that responsibility is often at odds with actually building and growing their business.

It's time consuming, expensive, and error-prone for most companies to keep themselves from getting hacked. Even companies with dedicated Security teams take months to patch critical vulnerabilities like Log4Shell. That's why we're building LunaSec -- we want to make Application Security tools that Developers and Security teams can use to keep their business safe.

What makes LunaSec better?

Simply put, with LunaSec we're embracing the dream of "DevSecOps". We want to empower Developers to easily add security to their apps without requiring the expert assistance of a Security Engineer. And, by virtue of this goal, we're making the jobs of Security Engineers easier so that they can spend their time more efficiently.

With LunaSec, we're making that a reality with better Open Source tools like our log4shell vulnerability patcher and our Application Security Framework.

As a Developer, you're able to drastically increase the security of your application without needing to be an expert in exploitation or otherwise security-specific knowledge. We're able to abstract developers from the difficult reality of security through the powerful tools we provide.

With LunaSec's full stack of Application Security tools in place, a Developer is free to ship any code, import any NPM module, or otherwise go about their day without requiring the assistance of a Security Engineer.

How does your sponsorship help us?

By showing your support to LunaSec, you enable us to continue developing the Open Source platform. We chose Open Source because we were tired of seeing only the richest tech companies be able to have good Application Security tooling. Most companies can't afford to hire dedicated Security Engineers because they're expensive, and even when they can, they can't afford to spend the years of human effort required to build a Secure-by-Default platform like we've build with LunaSec.

We want to make the dream of making Data Leaks and Ransomware hacks a thing of the past by allowing every company on earth to benefit from a hardened security architecture. That's going to take us a few years to get there, but we're steadily making progress and every contribution helps!

Every dollar given to us will go directly towards building LunaSec by allowing us to continue writing code, shipping docs, and working to get LunaSec deployed across the world by letting us pay ourselves enough to stay focused on this full-time.