HN Reader

Show HN: Lumoar – Free SOC 2 tool for SaaS startups (lumoar.com)

35 points by asdxrfx 3h ago 21 comments

Show HN: Airweave – Let agents search any app (github.com)

100 points by lennertjansen 6h ago 24 comments

Show HN: CLI that spots fake GitHub stars, risky dependencies and licence traps (github.com)

86 points by artski 9h ago 51 comments

Show HN: The missing inbox for GitHub pull requests (github.com)

12 points by pvcnt 4h ago 2 comments

Show HN: Jester – An RSS/Atom Reader and Content Management Tool (jesterengine.com)

4 points by dan_h 3h ago 0 comments

Show HN: Codigo – The Programming Language Repository (codigolangs.com)

70 points by adamjhf 2d ago 18 comments

Show HN: Translate between dialects and share SQL queries on the browser (sqlscope.netlify.app)

14 points by WhyIsItAlwaysHN 4d ago 2 comments

Show HN: Blog comments, nice looking, open source – Talkyard (blog-comments.talkyard.io)

16 points by KajMagnus 16h ago 2 comments

Show HN: MMORPG prototype inspired by World of Warcraft (github.com)

18 points by nickyvanurk 13h ago 6 comments

Show HN: GlassFlow – OSS streaming dedup and joins from Kafka to ClickHouse (github.com)

76 points by super_ar 1d ago 31 comments

Show HN: Vom Decision Platform (Cursor for Decision Analyst) (vomdecision.com)

15 points by davidreisbr 3d ago 10 comments

Show HN: Eurker – A Developer-First Uptime Monitoring Platform with JSON Configs (eurker.com)

3 points by ajoshu 7h ago 0 comments

Show HN: Downloads and saves any YouTube videos and playlists (github.com)

3 points by pierres7 8h ago 0 comments

Show HN: LoopMix128 – Fast C PRNG (.46ns), 2^128 Period, BigCrush/PractRand Pass (github.com)

74 points by the_othernet 2d ago 34 comments

Show HN: Pure Go QuickJS JavaScript engine (Golang) (pkg.go.dev)

4 points by 0xjnml 9h ago 1 comments

Show HN: Vibemail – Chrome extension for vibe emailing (chromewebstore.google.com)

7 points by aliyanishfaq 15h ago 6 comments

Show HN: Git-Native Client (free, no login) (voiden.md)

6 points by nikolasdimi 11h ago 0 comments

Show HN: Code Claude Code (github.com)

117 points by sean_ 2d ago 25 comments

Show HN: Swift Script Caching Compiler (swift-scc) (github.com)

3 points by jbverschoor 12h ago 1 comments

Show HN: Xenolab – Rasp Pi monitor for my pet carnivourus plants (github.com)

130 points by malux85 2d ago 53 comments

Show HN: I’m 16 years old and working on my first startup, a study app (notiv.app)

79 points by WilliamCranna 1d ago 122 comments

Show HN: Hydra (YC W22) – Serverless Analytics on Postgres (hydra.so)

57 points by coatue 3d ago 33 comments

Show HN: Oliphaunt – A native Mastodon client for macOS (testflight.apple.com)

103 points by anosidium 3d ago 38 comments

Show HN: I Built Remind Me AI. It's Like Unlimited GPT Tasks. Try the Demo (app.arcade.software)

4 points by ShawnBuilds 20h ago 0 comments

Show HN: Fastlist, an Agentic Craigslist (fastlist.org)

4 points by cyberflux 15h ago 2 comments

Show HN: Hyvector – A fast and modern SVG editor (hyvector.com)

325 points by jansan 3d ago 92 comments

Show HN: A backend agnostic Ruby framework for building reactive desktop apps (codeberg.org)

90 points by zero-st4rs 3d ago 33 comments

Show HN: BlenderQ – A TUI for managing multiple Blender renders (github.com)

61 points by TechSquidTV 3d ago 4 comments

Show HN: Clean, high-quality AI image generation (shutterly.co)

2 points by avin_regmi 17h ago 0 comments

Show HN: Hyper – Standards-first React alternative (nuejs.org)

70 points by tipiirai 3d ago 84 comments

Show HN: TheorIA – An Open Curated Physics Dataset (Equations,Explanations,JSON) (theoria-dataset.github.io)

9 points by ManuelSH 1d ago 6 comments

Show HN: Schezy – AI-Powered School Management System for Modern Education (schezy.com)

3 points by qareena 17h ago 0 comments

Show HN: Sprigman – Pac-Man Recreated in a Limited Tile Based JavaScript Engine (sprig.hackclub.com)

19 points by kuberwastaken 5d ago 6 comments

Show HN: Aberdeen – An elegant approach to reactive UIs (aberdeenjs.org)

223 points by vanviegen 3d ago 128 comments

Show HN: Using eBPF to see through encryption without a proxy (github.com)

258 points by tylerflint 4d ago 78 comments

Show HN: Reactylon – A new way to build XR with React and Babylon.js (github.com)

6 points by lookingman 1d ago 0 comments

Show HN: Clippy – 90s UI for local LLMs (felixrieseberg.github.io)

1118 points by felixrieseberg 6d ago 272 comments

Show HN: Parsie – A Google Sheets Add-On to Extract Data from Any Documents (workspace.google.com)

3 points by alicele27 20h ago 0 comments

Show HN: US Routing – Python library for fast local routing in the US (github.com)

114 points by ivanbelenky 4d ago 26 comments

Show HN: VectorVFS, your filesystem as a vector database (vectorvfs.readthedocs.io)

276 points by perone 7d ago 138 comments

Show HN: Printstack – I'll print and post your Substacks to you (printstack.net)

12 points by mbanerjeepalmer 1d ago 1 comments

Show HN: MCP CLI Adapter – run scripts as MCP tools (github.com)

3 points by inercia 23h ago 0 comments

Show HN: Plexe – ML Models from a Prompt (github.com)

128 points by vaibhavdubey97 6d ago 49 comments

Show HN: PondPilot – Run SQL on DuckDB/CSV/etc. Locally via WASM (Open-Source) (app.pondpilot.io)

5 points by naivemike 1d ago 0 comments

Show HN: My AI Native Resume (ai.jakegaylor.com)

301 points by jhgaylor 7d ago 194 comments

Show HN: Sqlitemap, a persistent map implementation backed by SQLite for C++ (github.com)

4 points by bw-hro 1d ago 0 comments

Show HN: Sheet Music in Smart Glasses

204 points by kevinlinxc 6d ago 25 comments

Show HN: TextQuery – Query CSV, JSON, XLSX Files with SQL (textquery.app)

163 points by shubhamjain 7d ago 57 comments

Show HN: Agents.erl (AI Agents in Erlang) (github.com)

33 points by arthurcolle 5d ago 26 comments

Show HN: Whippy Term - GUI terminal for embedded development (Linux and Windows) (whippyterm.com)

96 points by SurvivorTed 5d ago 14 comments

Show HN: Lumoar – Free SOC 2 tool for SaaS startups

35 asdxrfx 21 5/12/2025, 7:05:03 PM lumoar.com ↗
We built Lumoar to help small SaaS teams get SOC 2-ready without paying thousands for Big 4 consultants or dealing with bloated compliance platforms.

As a startup ourselves, we faced the usual issues: long security questionnaires, confusing audit requirements, and expensive tools that felt overkill.

Lumoar is a simpler alternative: - Generate compliant SOC 2 policies automatically - Track your controls and progress in a clean dashboard - Upload evidence and get plain-language recommendations - Designed for engineers and founders, not compliance pros

It's free to start — you can generate policies and explore the dashboard without a sales call or demo.

Would love to hear what blockers you’ve faced with SOC 2 and what other frameworks you’re thinking about (e.g., ISO 27001, GDPR). All feedback is welcome.

Comments (21)

edoceo · 2h ago
Having the policy doesn't preclude the audit or questionnaire requirement does it? This just puts the answers in one place?

The compliance pros still want all their ceremony - it's most of what they sell.

asdxrfx · 2h ago
Exactly, staying organized is half the battle. Our goal with Lumoar is to make that organization effortless from day one. We’re also working on future updates with AI agents and automation to make audits and questionnaires even less painful. More coming soon!
havefunbesafe · 2h ago
True, but having this makes the entire process easier. Organization is key to a speedy and clean audit.
davsti4 · 1h ago
Trying to register and I get this in the browser console:

Access to fetch at 'https://api.lumoar.com/v1/auth/register' from origin 'https://www.lumoar.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

asdxrfx · 51m ago
Hi, thanks for reaching out! The issue you encountered with the CORS policy has been fixed. You should be able to register without encountering the CORS issue anymore. If you run into any other issues, please don't hesitate to let us know!
Oras · 1h ago
> As a startup ourselves, we faced the usual issues: long security questionnaires, confusing audit requirements, and expensive tools that felt overkill.

Is Lumoar SOC2 compliant?

asdxrfx · 59m ago
Thanks for asking! We’re not SOC 2 compliant yet, but we’re actively preparing for it. We recently launched our MVP, and ensuring strong security and compliance has been a key part of our roadmap from day one. We’re happy to share more about how we handle security today if that’s helpful!
Oras · 51m ago
My point was that compliance is about trust. If I want to go the SOC2 or ISO27001 route, I want a company that has done it before.

Free in your case is not free, it's pretty expensive. If I can't comply in time, that might mean losing potential business, being late to the market, etc.

Good luck though, you made the first step.

asdxrfx · 47m ago
We understand your concern, and we will focus more on this step for now. Thanks for the feedback. If you have anything else to say, we are glad to listen.
reconnecting · 2h ago
Before providing any legal-related services, it's better to ensure that your own affairs are in compliance. At least, have a clear terms of service page [1], which is currently not available.

[1] https://www.lumoar.com/terms-of-service.html

asdxrfx · 2h ago
Good day. We apologize for our mistake. We have now fixed the link on the page so it works correctly. Thanks for pointing out
reconnecting · 2h ago
IANAL, but it looks like very poor AI generated T&C.
asdxrfx · 2h ago
Appreciate you flagging this. The current Terms of Use was generated using a standard terms generator we integrated into our site, so it’s not AI-generated, but we agree it still needs improvement. We’re planning to have it reviewed and refined soon to better reflect our product and responsibilities. Thanks again for keeping us sharp.
reconnecting · 1h ago
Perhaps it's an acceptable approach for a very limited type of non-commercial websites, but your organization pretends to provide a platform for compliance management, and from this perspective, you must first clarify your business responsibilities and your terms of service, as this is actually a part of what your company tries to sale at scale.
throw03172019 · 1h ago
Every “free SOC-2” platform I researched and demoed before landing on paid platform always had a catch. What is yours?
asdxrfx · 1h ago
No catch. It's completely free. We plan to offer paid add-ons (like AI automation and integrations) later, but the basics stay free.
aagha · 52m ago
Which paid one did you land on?
GiorgioG · 33m ago
How isn't this just straight up spam? OP has never posted before today.
dangrossman · 16m ago
"Show HN" posts announcing a new tech startup/tool are a core part of this site.

https://news.ycombinator.com/shownew

I see nothing wrong with this post. They're sharing something they've made and getting valuable, constructive feedback. I appreciate HN being one of few places that still happens at.

java-man · 1h ago
Every website that does not explain an abbreviation before the first use is automatically non-compliant.
asdxrfx · 1h ago
Thanks for pointing out. We fixed our mistake.