Security & Compliance SDKs to stop data leaks in your software

For Log4Shell Information, please see our Mitigation Guide

You can get the Log4Shell logo printed on a T-Shirt by showing your support for LunaSec (limit of first 30 people).

LunaSec is a suite of security tools designed to protect sensitive data in web applications by adding just a few lines of code.

  • many security issues like SQL
    Injection, XSS, and even RCE.
  • Best-In-Class Compliance Software: Decrease your compliance overhead by 90%+ with centralized access control
    , audit logs, and automatic compliance validation.
  • Simple Onboarding: Get started in minutes by adding *
    only a few lines of code* anywhere that sensitive data enters or exits your system.
  • Built By Security Experts: Designed to bring leading security practices to your applications without requiring
    advanced security knowledge
  • Self-Hosted And Open: You retain control over your data by hosting LunaSec yourself. It’s open source software
    licensed under a permissive Apache2.0 license.
  • Zero Trust Architecture: All records
    are encrypted with a unique key that even LunaSec
    can’t access. Decryption only happens when you need it to.
  • Scales Automatically: Supports even the largest loads by leveraging cloud-scale database services like AWS S3 and
  • Enterprise Grade: We offer warranties, managed deployments, and custom support via
    our Premium Support packages.

You can read more here about what features LunaSec provides.

Try the live demo. It’s a simple web app that you
can play with in your browser. Sign up for a new account and then submit some fake data in the secure inputs.
Right-click and inspect secure elements on the page and watch network traffic to see LunaSec working behind-the-scenes to protect private data.

Alternatively, you may also launch it locally with one command if you have Node and Docker installed:

npx @lunasec/cli start --env demo

That will pull all the Docker containers and start the LunaSec demo app on your computer. There are a lot of containers
to run, so it may take a few minutes to finish starting up.

For a deeper dive into the Demo App, please see
this page for a walkthrough of everything. All the
source code is available here for you to

If you run into any issues, please open up a GitHub issue or chat with us on
our GitHub Discussions page.

For more information about LunaSec including tutorials, examples, and technical information, please review
our documentation. For technical questions or help, please reach out via
our GitHub Discussions board
or open a new GitHub issue if you have a bug or feature to request.

Please visit our website for marketing or sales information, or
to get in contact.

here and in the diagram below.

LunaSec Architecture Diagram

  • GDPR defines sensitive data include
    Name, Email, Phone Number, IP Address, Credit Cards, and more.
    If you are subject to data privacy regulations and store any of that data, then LunaSec will help you achieve compliance more easily.
  • Data Leak Protection: If you store data that needs to remain securely stored and private, then LunaSec will greatly
    increase your defenses against unauthorized data leaks.
  • Data Inventory: The centralized nature of LunaSec makes it easy to track and monitor what data you’re storing,
    who and when it’s used, and help you enforce access controls around that data.

The LunaSec stack spans from the front-end to the back-end of your application and works alongside your existing code to
keep your data encrypted and secure. To get started, please check out the steps below (“Trying LunaSec in 1 minute”).

safety deposit box that holds your sensitive data.
Each piece of data gets a unique box, a unique key to unlock it, and a unique number to identify each box by. These
boxes are then securely stored inside a bank vault that only a banker with special permissions has access to.
Accessing the box requires proof of ownership and the key to unlock the box.

The boxes that the data is stored in are unable to be opened without the key. That means that even if the bank is evil,
they can’t open the box. Even if the box is stolen by a thief, the thief can’t open the box without the keys. Only you
are able to open the box.

Even if a thief steals the keys, they still have to get access the box either through the banker or by breaking into the
bank. One is useless without the other.

That’s the core value that LunaSec provides for you. LunaSec runs the bank, hires the bankers, and keeps your boxes
secure. You just have to provide the data and keep track of the keys to access it.

We’ve designed LunaSec to mitigate many common security vulnerabilities that developers face. Each component of the
LunaSec stack is designed to provide protection against specific attack scenarios. Please read more about the security
of LunaSec here.

please send us a message.

LunaSec Premium Support Link


GitHub Discussions board to talk with our team.

We’re a small team and our resources are limited for how much assistance we’ve able to provide.
If your needs are urgent, or you would like us to review your code/implementation, then please consider inquiring about our custom support packages.


documentation. For marketing information, sales, or to get in touch, visit our website:

The rest of this ReadMe explains how to work on LunaSec itself. If you simply want to use LunaSec, please see the documentation.

contributor instructions
before forking and submitting a pull request. It’s short and it’s very helpful if you’re going to be working on LunaSec.

How to launch LunaSec for development

To launch and use LunaSec to help you develop your application, see the documentation. To work on LunaSec itself, follow these steps:

Install all dependencies by running lerna bootstrap and be patient.

Configure the LunaSec CLI tool to be used locally by running yarn run lunasec:setup. The lunasec command will not be accessible on your path.

Then, install tmuxp and run tmuxp load ./start-with-tmuxp.yaml in the root directory.
You can inspect that file to see what commands are all being run if you’d like to start the cluster without tmuxp.

Note: You’ll have to provide your password for the ./go/scripts/ command to start.

Open your browser and navigate to http://localhost:3000 to see the demo application.

When you want to shut down the cluster, hit ctrl+b and type :kill-session. (It’s just tmux)

View Github

Parsing JSON is a hassle in golang

Villa boss Gerrard to miss games with Covid-19 thumbnail

Villa boss Gerrard to miss games with Covid-19