Become a sponsor to LunaSec
Who are we?
We're LunaSec, a software startup based in Seattle that's building Open Source Data Security software. Our team is comprised of security experts with experience from companies like Uber, Snapchat, and Capital One.
If you've ever heard of "Log4Shell", then you're familiar with some of our work. We recently made it into the news for our work writing the first technical overview about the exploit.
What are we building?
We're building the future of Open Source Application Security software. We want to put the past version of ourselves out of a job -- we want companies to be able to fire their Security Engineers by giving developers access to "Secure by Default" development frameworks.
Why would we want that? Well, it's because Security is a major pain point for companies that have to deal with sensitive data. Security means managing risk for the business, and that responsibility is often at odds with actually building and growing their business.
It's time consuming, expensive, and error-prone for most companies to keep themselves from getting hacked. Even companies with dedicated Security teams take months to patch critical vulnerabilities like Log4Shell. That's why we're building LunaSec -- we want to make Application Security tools that Developers and Security teams can use to keep their business safe.
What makes LunaSec better?
Simply put, with LunaSec we're embracing the dream of "DevSecOps". We want to empower Developers to easily add security to their apps without requiring the expert assistance of a Security Engineer. And, by virtue of this goal, we're making the jobs of Security Engineers easier so that they can spend their time more efficiently.
With LunaSec, we're making that a reality with better Open Source tools like our log4shell
vulnerability patcher and our Application Security Framework.
As a Developer, you're able to drastically increase the security of your application without needing to be an expert in exploitation or otherwise security-specific knowledge. We're able to abstract developers from the difficult reality of security through the powerful tools we provide.
With LunaSec's full stack of Application Security tools in place, a Developer is free to ship any code, import any NPM module, or otherwise go about their day without requiring the assistance of a Security Engineer.
How does your sponsorship help us?
By showing your support to LunaSec, you enable us to continue developing the Open Source platform. We chose Open Source because we were tired of seeing only the richest tech companies be able to have good Application Security tooling. Most companies can't afford to hire dedicated Security Engineers because they're expensive, and even when they can, they can't afford to spend the years of human effort required to build a Secure-by-Default platform like we've build with LunaSec.
We want to make the dream of making Data Leaks and Ransomware hacks a thing of the past by allowing every company on earth to benefit from a hardened security architecture. That's going to take us a few years to get there, but we're steadily making progress and every contribution helps!
Every dollar given to us will go directly towards building LunaSec by allowing us to continue writing code, shipping docs, and working to get LunaSec deployed across the world by letting us pay ourselves enough to stay focused on this full-time.
Meet the team
-
Forrest factoidforrestSecurity Software Engineer, experience from Capital One
-
Chris breadchrisSecurity Engineer, experience from Uber
-
Free Wortley freeqazCEO and Founder of LunaSec, experience from Uber and Snapchat
Featured work
-
lunasec-io/lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the Luna…
TypeScript 1,439
$75 one time
Select- We'll mail you a T-Shirt with the Log4Shell Logo on it (limited to the first 30 people),
- A "thank you" card signed by the LunaSec team
$125 one time
SelectLimited: 50% off for first 5 requests.
- We'll spend 30 minutes of engineering time to fix a bug, writes docs, or adding a feature to LunaSec of your choosing.
You may buy multiples of this tier. Must be in multiples of $125. No refunds if we can't do what you ask in the time allocated.
$400 one time
SelectAll of the previous tiers plus:
- A consulting session with us via live video call:
- 1 Hour: Pair with a LunaSec Software Engineer to help debug your application or your LunaSec deployment,
- 1 Hour: Pair with a LunaSec Security Engineer to answer questions about LunaSec, perform a security review of your usage of LunaSec, or write a short security statement about how LunaSec protects your app,
- 30 Minutes: Pair with a LunaSec Security Engineer to ask unrestricted, general security questions.
You may purchase sessions in multiples of $400 for more complex needs. Limit of 4 sessions per day. We reserve the right to refuse excessive requests.
$1,500 one time
Select- We'll run a 90 minute Security Workshop for your team, where we'll:
- Present the basics of Data Security (explain OWASP Top 10, Tokenization, etc),
- Present about LunaSec and teach your team how to use it,
- Perform live Security Tests to show how LunaSec protects against the OWASP Top 10 vulnerabilities,
- Tailor all content to your software stack (you tell us your stack, and we'll write the slides).
- We'll ship you 5 T-Shirts for your team.
$2,000 one time
Select- We'll spend a day working on a feature that you pick. (Limited to first 5 requests, on a best effort basis),
- And we'll throw in 5 T-Shirts too
$6,000 one time
Select- We're build a feature that takes us a few days of effort, (Limited to first 3 requests)
- You'll be given priority over other tiers. Use this if you need help urgently,
- If a task is larger than a few days, we'll contact you to negotiate a price that is fair,
Note: We retain the right to request additional funds for any requests to this tier if it's a ton of work to implement. Please email us for anything big: [email protected]