Lumora · Field notes
Engineering deep dives, customer stories, and field notes from the people building Lumora.
We've audited the auditors. Three patterns explain why teams scramble in the final 90 days — and how a continuous-evidence model fixes them.
Engineering · 12 min
Designing a detection engine that costs $0.0004 per eventBehind every continuous-evidence claim is a query engine deciding which events matter. Here's how we kept the per-event cost under half a millicent.
Customers · 7 min
FedRAMP Moderate in eight weeks: an Ironclad case studyIronclad Defense needed FedRAMP Moderate to bid on a federal contract closing in 90 days. Here's how we got them to the JAB in 56.
Engineering · 8 min
Five anti-patterns we see in policy-as-code adoptionPolicy-as-code is the right idea. The implementations we see most often aren't. Here are the five mistakes we keep talking teams out of.
Product · 5 min
Introducing the Audit Log APIStream every privileged action from Lumora into your SIEM, your warehouse, or your own webhook — with cryptographic signatures and 7-year retention.
Engineering · 11 min
SCIM without the tearsIf you've never integrated with SCIM, you may believe it's a quiet, well-specified protocol. We're here to tell you the truth.
Writers
Maya leads the platform team. She writes about compliance automation, policy-as-code, and the human side of incident response.
Alex is the founder of Lumora Cloud. Previously security lead at two SOC-2 audited startups, both of which he wishes he'd had Lumora for.
Riya works directly with our highest-volume customers. Half writing technical guides, half on Zoom helping teams ship to production.
Jin built the Lumora detection engine. She writes about distributed systems, latency budgets, and PostgreSQL.
Field notes
Engineering deep dives and compliance lessons. We send 12 emails a year. No tracking pixels, no upsells.