frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Show HN: Lumoar – Free SOC 2 tool for SaaS startups

https://www.lumoar.com
69•asdxrfx•10h ago•27 comments

Show HN: Airweave – Let agents search any app

https://github.com/airweave-ai/airweave
135•lennertjansen•13h ago•34 comments

Show HN: Triplex, a visual workspace for React / Three Fiber

https://github.com/trytriplex/triplex
2•madou•1h ago•0 comments

Show HN: CLI that spots fake GitHub stars, risky dependencies and licence traps

https://github.com/m-ahmed-elbeskeri/Starguard
99•artski•16h ago•62 comments

Show HN: Open-source MMORPG prototype inspired by World of Warcraft

http://everwilds.io/
3•nickyvanurk•2h ago•2 comments

Show HN: The missing inbox for GitHub pull requests

https://github.com/pvcnt/mergeable
22•pvcnt•11h ago•2 comments

Show HN: LLM-God – An LLM Multiprompting App

https://github.com/czhou578/llm-god/tree/1.0.3
2•czhou578•4h ago•0 comments

Show HN: Codigo – The Programming Language Repository

https://codigolangs.com
71•adamjhf•2d ago•20 comments

Show HN: AGI Hits a Structural Wall – A Billion-Dollar Problem

5•mmschlereth•5h ago•0 comments

Show HN: Open-source AI code review agent that's aware of your entire codebase

https://docs.sourcebot.dev/docs/agents/review-agent
4•msukkarieh•6h ago•0 comments

Show HN: GlassFlow – OSS streaming dedup and joins from Kafka to ClickHouse

https://github.com/glassflow/clickhouse-etl
76•super_ar•1d ago•31 comments

Show HN: Translate between dialects and share SQL queries on the browser

https://sqlscope.netlify.app
15•WhyIsItAlwaysHN•4d ago•2 comments

Show HN: GS-Base – A multifunctional database tool with Python integration

https://citadel5.com/gs-base.htm
2•jpiech•8h ago•0 comments

Show HN: Blog comments, nice looking, open source – Talkyard

https://blog-comments.talkyard.io/demo/
18•KajMagnus•23h ago•2 comments

Show HN: MMORPG prototype inspired by World of Warcraft

https://github.com/nickyvanurk/everwilds
21•nickyvanurk•20h ago•7 comments

Show HN: Jester – An RSS/Atom Reader and Content Management Tool

https://jesterengine.com/
4•dan_h•10h ago•0 comments

Show HN: LoopMix128 – Fast C PRNG (.46ns), 2^128 Period, BigCrush/PractRand Pass

https://github.com/danielcota/LoopMix128
74•the_othernet•2d ago•34 comments

Show HN: Vom Decision Platform (Cursor for Decision Analyst)

https://www.vomdecision.com
15•davidreisbr•4d ago•10 comments

Show HN: Code Claude Code

https://github.com/RVCA212/codesys
117•sean_•2d ago•25 comments

Show HN: Eurker – A Developer-First Uptime Monitoring Platform with JSON Configs

https://www.eurker.com/
3•ajoshu•14h ago•0 comments

Show HN: Xenolab – Rasp Pi monitor for my pet carnivourus plants

https://github.com/blackrabbit17/xenolab
130•malux85•2d ago•53 comments

Show HN: Hydra (YC W22) – Serverless Analytics on Postgres

https://www.hydra.so/
58•coatue•3d ago•33 comments

Show HN: Downloads and saves any YouTube videos and playlists

https://github.com/pH-7/Download-Simply-Videos-From-YouTube
4•pierres7•15h ago•0 comments

Show HN: Oliphaunt – A native Mastodon client for macOS

https://testflight.apple.com/join/Epq1P3Cw
103•anosidium•3d ago•38 comments

Show HN: Vibemail – Chrome extension for vibe emailing

https://chromewebstore.google.com/detail/vibemail/dijcjhhnpgoenmkmahigmdgpkajhhhbg
9•aliyanishfaq•22h ago•7 comments

Show HN: I’m 16 years old and working on my first startup, a study app

https://www.notiv.app/
80•WilliamCranna•1d ago•123 comments

Show HN: I Built Remind Me AI. It's Like Unlimited GPT Tasks. Try the Demo

https://app.arcade.software/share/PrR3lG51cRjJkk6vEz3R
5•ShawnBuilds•1d ago•0 comments

Show HN: Pure Go QuickJS JavaScript engine (Golang)

https://pkg.go.dev/modernc.org/quickjs
4•0xjnml•16h ago•1 comments

Show HN: Hyvector – A fast and modern SVG editor

https://www.hyvector.com
325•jansan•3d ago•92 comments

Show HN: A backend agnostic Ruby framework for building reactive desktop apps

https://codeberg.org/skinnyjames/hokusai
91•zero-st4rs•3d ago•34 comments
Open in hackernews

Show HN: Lumoar – Free SOC 2 tool for SaaS startups

https://www.lumoar.com
69•asdxrfx•10h ago
We built Lumoar to help small SaaS teams get SOC 2-ready without paying thousands for Big 4 consultants or dealing with bloated compliance platforms.

As a startup ourselves, we faced the usual issues: long security questionnaires, confusing audit requirements, and expensive tools that felt overkill.

Lumoar is a simpler alternative: - Generate compliant SOC 2 policies automatically - Track your controls and progress in a clean dashboard - Upload evidence and get plain-language recommendations - Designed for engineers and founders, not compliance pros

It's free to start — you can generate policies and explore the dashboard without a sales call or demo.

Would love to hear what blockers you’ve faced with SOC 2 and what other frameworks you’re thinking about (e.g., ISO 27001, GDPR). All feedback is welcome.

Comments

reconnecting•9h ago
Before providing any legal-related services, it's better to ensure that your own affairs are in compliance. At least, have a clear terms of service page [1], which is currently not available.

[1] https://www.lumoar.com/terms-of-service.html

asdxrfx•9h ago
Good day. We apologize for our mistake. We have now fixed the link on the page so it works correctly. Thanks for pointing out
reconnecting•9h ago
IANAL, but it looks like very poor AI generated T&C.
asdxrfx•9h ago
Appreciate you flagging this. The current Terms of Use was generated using a standard terms generator we integrated into our site, so it’s not AI-generated, but we agree it still needs improvement. We’re planning to have it reviewed and refined soon to better reflect our product and responsibilities. Thanks again for keeping us sharp.
reconnecting•8h ago
Perhaps it's an acceptable approach for a very limited type of non-commercial websites, but your organization pretends to provide a platform for compliance management, and from this perspective, you must first clarify your business responsibilities and your terms of service, as this is actually a part of what your company tries to sale at scale.
edoceo•9h ago
Having the policy doesn't preclude the audit or questionnaire requirement does it? This just puts the answers in one place?

The compliance pros still want all their ceremony - it's most of what they sell.

havefunbesafe•9h ago
True, but having this makes the entire process easier. Organization is key to a speedy and clean audit.
asdxrfx•9h ago
Exactly, staying organized is half the battle. Our goal with Lumoar is to make that organization effortless from day one. We’re also working on future updates with AI agents and automation to make audits and questionnaires even less painful. More coming soon!
abrookewood•4h ago
You can usually get out of questionnaires if you have multiple frameworks/certifications/attestations in place ... but even then some customers will insist on them
throw03172019•9h ago
Every “free SOC-2” platform I researched and demoed before landing on paid platform always had a catch. What is yours?
asdxrfx•8h ago
No catch. It's completely free. We plan to offer paid add-ons (like AI automation and integrations) later, but the basics stay free.
aagha•7h ago
Which paid one did you land on?
throw03172019•25m ago
Vanta
java-man•8h ago
Every website that does not explain an abbreviation before the first use is automatically non-compliant.
asdxrfx•8h ago
Thanks for pointing out. We fixed our mistake.
davsti4•8h ago
Trying to register and I get this in the browser console:

Access to fetch at 'https://api.lumoar.com/v1/auth/register' from origin 'https://www.lumoar.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

asdxrfx•7h ago
Hi, thanks for reaching out! The issue you encountered with the CORS policy has been fixed. You should be able to register without encountering the CORS issue anymore. If you run into any other issues, please don't hesitate to let us know!
Oras•8h ago
> As a startup ourselves, we faced the usual issues: long security questionnaires, confusing audit requirements, and expensive tools that felt overkill.

Is Lumoar SOC2 compliant?

asdxrfx•8h ago
Thanks for asking! We’re not SOC 2 compliant yet, but we’re actively preparing for it. We recently launched our MVP, and ensuring strong security and compliance has been a key part of our roadmap from day one. We’re happy to share more about how we handle security today if that’s helpful!
Oras•7h ago
My point was that compliance is about trust. If I want to go the SOC2 or ISO27001 route, I want a company that has done it before.

Free in your case is not free, it's pretty expensive. If I can't comply in time, that might mean losing potential business, being late to the market, etc.

Good luck though, you made the first step.

asdxrfx•7h ago
We understand your concern, and we will focus more on this step for now. Thanks for the feedback. If you have anything else to say, we are glad to listen.
cadamsdotcom•4h ago
The point about trust is important in another way too - it was a pleasant surprise you led with “we’re not compliant (yet), but..”

Tis a great way to engender trust in the team. Bravo for bravely answering honestly. Wishing you folks best of success.

GiorgioG•7h ago
How isn't this just straight up spam? OP has never posted before today.
dangrossman•7h ago
"Show HN" posts announcing a new tech startup/tool are a core part of this site.

https://news.ycombinator.com/shownew

I see nothing wrong with this post. They're sharing something they've made and getting valuable, constructive feedback. I appreciate HN being one of few places that still happens at.

asdxrfx•7h ago
Fair to be cautious, I get it. We’re a real startup, just launched our MVP recently, and wanted to share what we’re building with the community. It’s our first time posting here, but we’re genuinely looking to get feedback and connect with others. Happy to answer any questions!
wnolens•3h ago
Genuinely curious and debating the costs of other SOC2 platforms. But your tool doesn't load anything when I go to controls.

> Error: Failed to fetch

Not a good way to debut

reynaldi•44m ago
Not sure if my feedback can help.

As someone who don't know anything about SOC2, but still aware that if I want to signal 'data privacy' that I need to get it: I don't know what I'm supposed to do on your site.

Some sort of onboarding can help, like what are my steps from knowing nothing to actually getting the SOC2. Maybe some educational contents or resources can also help.