About SecureLuna

SecureLuna is a self-service SaaS that helps small-to-medium businesses run scheduled configuration checks on the Linux servers they operate, and receive a clean daily report by 7 AM KST. Like the moon at night, we run quietly while you sleep — and surface what matters by morning.

Mission

Compliance posture for SMB infrastructure shouldn't require a dedicated security team. SecureLuna packages industry-standard checklists (KISA, CIS, NIST SP 800-53, GB/T 22239) into a tool that any operator can adopt in five minutes — register a server, install a public SSH key, and read a daily report.

What we build

• Daily read-only configuration checks via SSH (no agent, no payload)
• Cross-standard mapping (KISA / CIS / NIST / GB/T) per check item
• Email + PDF reports, in-dashboard history, asset metric trends
• Asset delegation (VIEW / SCAN / MANAGE) for working with consultants
• (Coming) AI configuration analysis · risk prioritization · suggested fix guides

Service operator

• Operating contact: wndudgns2001@gmail.com
• Service domain: www.secureluna.com
• Headquarters: Seoul, Republic of Korea
• Operating hours (support): 09:00 – 18:00 KST, 영업일 (holidays excluded)

Technology stack (transparent)

• Next.js 16 (App Router) + React 19 + TypeScript
• PostgreSQL 16 + Prisma ORM
• BullMQ + Redis 7 (scan / report / metric queues)
• Auth.js v5 (Credentials, JWT)
• SSH connections via ssh2 / sshpk (Ed25519 keys)
• AES-256-GCM seal for SSH credentials (KMS-ready)
• Resend for transactional email (verified DKIM/SPF on secureluna.com)
• Polar (Merchant of Record) for subscription billing
• OpenAI GPT-4o for daily security news curation

Trust & legal

• Terms of Service — subscription, refund, SLA credits, customer responsibility
• Privacy Policy — data collection, KMS-encrypted credentials, retention, PIPA/GDPR
• How SecureLuna works (Security) — connection model, what we do (and never do)
• security.txt — vulnerability disclosure contact (RFC 9116)

What SecureLuna is not

We want to be transparent about what we are and aren't. SecureLuna is not:

• A penetration testing tool (we never execute exploits)
• A vulnerability scanner with active probing of third-party systems
• A remote IT support service (we don't modify your systems)
• An OSINT or surveillance platform

We are a configuration-reporting SaaS for self-managed Linux servers. The decision to apply, defer, or ignore any recommendation rests entirely with the customer's designated administrator (see Terms §8).

한국어 요약

SecureLuna는 중소기업이 자사 Linux 서버의 시스템 설정을 매일 자동으로 점검하고, 매일 아침 7시 (KST) 에 보고서를 받아볼 수 있도록 돕는 셀프서비스 SaaS 입니다. 달이 밤하늘에 떠있듯, 모두가 잠든 시간에도 조용히 점검하고 아침에 보고드립니다.

• 점검 기준: KISA · CIS · NIST SP 800-53 · GB/T 22239 산업 표준
• 접속 방식: 고객 본인이 등록한 자산만 SSH 읽기 전용 점검 (에이전트 없음)
• 운영팀 연락: wndudgns2001@gmail.com
• 서비스 도메인: www.secureluna.com
• 본사: 대한민국 서울
• 지원 시간: 영업일 09:00–18:00 KST

SecureLuna 는 모의해킹 도구도, 침투 가능한 취약점 스캐너도, 원격 IT 지원 서비스도 아닙니다. 자기 서버의 설정을 점검하고 보고받는 SaaS 이며, 점검 결과의 적용 여부는 전적으로 고객사 담당자가 판단합니다.