HackerTrans
TopNewTrendsCommentsPastAskShowJobs

asdxrfx

no profile record

Submissions

[untitled]

1 points·by asdxrfx·3 mesi fa·0 comments

[untitled]

1 points·by asdxrfx·4 mesi fa·0 comments

[untitled]

1 points·by asdxrfx·5 mesi fa·0 comments

[untitled]

1 points·by asdxrfx·5 mesi fa·0 comments

Ask HN: Why does SOC 2 feel so hard for early-stage startups?

12 points·by asdxrfx·6 mesi fa·5 comments

[untitled]

1 points·by asdxrfx·6 mesi fa·0 comments

What's the hardest part of getting SOC 2 done in practice?

1 points·by asdxrfx·6 mesi fa·1 comments

[untitled]

1 points·by asdxrfx·7 mesi fa·0 comments

Ask HN: What's still broken in SoC 2 readiness and audit prep?

1 points·by asdxrfx·7 mesi fa·0 comments

[untitled]

1 points·by asdxrfx·12 mesi fa·0 comments

Show HN: Fertit – Open-Source Newsletter Manager with Optional Hosted Service

fertit.com
2 points·by asdxrfx·anno scorso·0 comments

[untitled]

1 points·by asdxrfx·anno scorso·0 comments

[untitled]

1 points·by asdxrfx·anno scorso·0 comments

[untitled]

1 points·by asdxrfx·anno scorso·0 comments

[untitled]

1 points·by asdxrfx·anno scorso·0 comments

Show HN: Lumoar – Free SOC 2 tool for SaaS startups

lumoar.com
91 points·by asdxrfx·anno scorso·32 comments

comments

asdxrfx
·5 mesi fa·discuss
It's also great to describe the full use case flow in the instructions, so you can clearly understand that LLM won't do some stupid thing on its own
asdxrfx
·5 mesi fa·discuss
Regarding the Cartoons totally, way easier to understand them because they speaking slow. I'm learning German right now the same way
asdxrfx
·5 mesi fa·discuss
I'm building Lumoar, a compliance preparation platform for early-stage startups (SOC 2 + ISO 27001). We handle controls to framework requirements mapping, evidence collection, risk tracking, vendor/asset management, and integrate with AWS and GitHub to pull evidence automatically.

We launched recently and I'm looking for 2–3 startups to be the first to go through the full process on the platform. Meaning: I'm directly involved, not just the tool. You'll have direct access to me throughout the whole preparation and audit process, not a support queue.

A few things worth being upfront about:

- $499/mo, includes hands-on founder support, not just software access

- You'd be one of the first 2–3 teams to run the full process end-to-end. In return: direct founder access (me, not support), influence on features, and pricing that matches the early stage.

- This covers preparation only, not the audit itself. Once you're ready I can refer you to an auditor or you can bring your own.

If you're getting asked about SOC 2 by a prospect or investor and don't know where to start, happy to just talk through it even if Lumoar isn't the right fit.
asdxrfx
·6 mesi fa·discuss
Absolutely agree about the tone. I've seen teams where compliance becomes one person's problem instead of a company priority, and it shows during the audit.

On the knowledge gap: the gap assessment route works, but it's expensive upfront and still leaves you building the foundation afterward.

What I've been exploring is the step before the audit: getting teams organized enough that when they do engage a consultant or tool, they're not starting from zero, which would result in faster compliance.

I'm building a platform (Lumoar) focused exactly on this pre-audit organization phase, helping early-stage teams get structured before the compliance pressure hits.

Curious: in your experience, what's the biggest mistake teams make when they're under contract pressure to get SOC 2 done quickly?
asdxrfx
·12 mesi fa·discuss
I just canceled my Mailchimp account after hitting their "Standard" plan limits. $230/month to send emails to 15k subscribers feels insane when my entire server infrastructure costs $50/month. Started building my own newsletter platform (Fertit) and realized most of the "premium" features are just basic CRUD operations with SMTP integration. The math is wild: Mailchimp Standard: $230/month for 15k contacts My current costs: $50/month for unlimited (using my own SMTP) But then I realized why people pay it - the setup/maintenance time is brutal. Spent 3 weeks just getting subscriber management right. So the real question: would you pay $10/month for a middle ground? All the features of the big players, but you bring your own SMTP (SendGrid, Mailgun, etc.) and own your data? Currently testing this approach - curious if others see the same pricing/ownership gap I do. GitHub: https://github.com/rasadov/NewsletterManager
asdxrfx
·anno scorso·discuss
Hi HN,

I'm a solo founder building a Compliance-as-a-Service platform focused on startups and indie developers who find tools like Vanta/Drata too expensive or complex. Think of it as "SOC 2 for solo devs" — affordable, easy to use, and monthly pricing.

I launched about 2 weeks ago, and so far: 100+ registered users; 60+ startups onboarded; Fully built MVP, launched, iterating fast; Based in Azerbaijan, which helps keep ops lean

I'm bootstrapping everything — product, design, support, and growth. No revenue yet, but lots of demand from early users asking about audits, integrations, and long-term support.

Why I'm Posting: I'm preparing to raise a small seed round to grow this into something serious — cover runway, build a small team, support more frameworks, and partner with audit firms.

I’m considering asking $200K for 10% equity (implying a $2M valuation). This would give me 18–24 months of runway here.

My Questions for HN: Is this a reasonable raise/valuation given the early traction and solo founder status?

Would investors be open to this if I’m based outside the US (Azerbaijan)?

Any tips on how/where to approach angels or pre-seed VCs who get compliance, SaaS, or developer tools?

Any thoughts, advice, or intros would be massively appreciated

Thanks!
asdxrfx
·anno scorso·discuss
Thank you, Rajiv. I appreciate you taking the time to share that perspective.

You're absolutely right: the language should reflect how our users think and talk, not just how the standards are formally defined. It's valuable to hear this from someone with real experience in the space. I'll definitely keep that framing in mind as we refine both our product and messaging.

Besides that, based on your experience, I wanted to ask for advice. We launched Lumoar 10 days ago and have already onboarded 50+ active users. Given this early traction, do you think it's worth starting investor conversations now, or should we focus more on deepening product-market fit before going down that path?

Would really value your thoughts on how you'd approach this phase based on your experience.
asdxrfx
·anno scorso·discuss
You are right. We will spend more time on creating educational content and resources. Thanks for the feedback, it's useful and will help us.
asdxrfx
·anno scorso·discuss
We do not currently have automation and integrations, but we are planning to add them later. Thanks for the feedback!
asdxrfx
·anno scorso·discuss
Fair to be cautious, I get it. We’re a real startup, just launched our MVP recently, and wanted to share what we’re building with the community. It’s our first time posting here, but we’re genuinely looking to get feedback and connect with others. Happy to answer any questions!
asdxrfx
·anno scorso·discuss
We understand your concern, and we will focus more on this step for now. Thanks for the feedback. If you have anything else to say, we are glad to listen.
asdxrfx
·anno scorso·discuss
Hi, thanks for reaching out! The issue you encountered with the CORS policy has been fixed. You should be able to register without encountering the CORS issue anymore. If you run into any other issues, please don't hesitate to let us know!
asdxrfx
·anno scorso·discuss
Thanks for asking! We’re not SOC 2 compliant yet, but we’re actively preparing for it. We recently launched our MVP, and ensuring strong security and compliance has been a key part of our roadmap from day one. We’re happy to share more about how we handle security today if that’s helpful!
asdxrfx
·anno scorso·discuss
Thanks for pointing out. We fixed our mistake.
asdxrfx
·anno scorso·discuss
No catch. It's completely free. We plan to offer paid add-ons (like AI automation and integrations) later, but the basics stay free.
asdxrfx
·anno scorso·discuss
Appreciate you flagging this. The current Terms of Use was generated using a standard terms generator we integrated into our site, so it’s not AI-generated, but we agree it still needs improvement. We’re planning to have it reviewed and refined soon to better reflect our product and responsibilities. Thanks again for keeping us sharp.
asdxrfx
·anno scorso·discuss
Exactly, staying organized is half the battle. Our goal with Lumoar is to make that organization effortless from day one. We’re also working on future updates with AI agents and automation to make audits and questionnaires even less painful. More coming soon!
asdxrfx
·anno scorso·discuss
Good day. We apologize for our mistake. We have now fixed the link on the page so it works correctly. Thanks for pointing out