Lumos is a San Francisco–based startup (founded 2020) that addresses the burgeoning challenge of SaaS sprawl and identity management in large enterprises.
With companies averaging 650+ SaaS applications on their tech stacks, IT and security teams struggle to provision access efficiently and control costs and compliance across dozens of vendors.
Lumos positions itself as an “internal AppStore” and unified platform for enterprises – a centralized command center where both IT and security can discover all applications, manage user access, and enforce identity policies in one place.
In Lumos’s own words, it is “the only unified command center to discover and manage software vendors, app access and user identities”.
The platform leverages AI-driven automation (its proprietary “Albus AI” engine) and over 300+ integrations (to IdPs, HR systems, cloud and on-prem services) to provide just-in-time access, automated provisioning/offboarding, license optimization, and compliance reporting.
By merging SaaS management and identity governance under one roof, Lumos aims to break down silos between CIO and CISO toolsets – enabling enterprises to cut software spend (e.g. reclaim inactive licenses), eliminate shadow IT, and scale access controls without endless help-desk tickets.
In its short history, Lumos has won high-profile customers (e.g. Pinterest, MongoDB, GitHub) and seen rapid growth.
As of 2024 it has reported 9× revenue growth since its prior funding round.
Lumos’s solution has already driven measurable impact: for example, Roku launched a Lumos-powered self-service AppStore in 90 days to boost onboarding speed, and Chegg automated access controls for 100+ apps to achieve SOX compliance.
Backed by top-tier investors (a16z, Neo, Scale Ventures, Harpoon, etc.), the company is riding the wave of a massive market – one analysis projects that the SaaS-management industry could grow from ~$114 billion in 2020 to ~$716 billion by 2028 (27.5% CAGR).
This article analyzes Lumos’s origins, founders, business model and offerings, funding history, competition, and strategic advantages, providing a comprehensive case-study overview.
Founding Story of Lumos
Lumos’s genesis traces to mid-2020 at Stanford University.
CEO Andrej Safundzic and co-founder Leo Mehr were enrolled in a course on ethics and technology, where a lecture on the fragmentation of our online identities struck a chord.
Safundzic later recalled searching his password manager and being shocked by “400 passwords” – he realized “I am one Andrej offline but at least 400 Andrejs online. Too many.”.
The class highlighted that while single-sign-on (Google login, Okta SSO) had unified authentication, there was no unified authorization or access-management layer for all those accounts.
Motivated to solve this “APPocalypse” of unmanaged applications and identities, Safundzic and Mehr reached out to their friend Alan Flores-López (a Stanford Ph.D. student and software engineer at Samsara) for input.
Together they concluded that enterprises desperately needed an “App Store” for the enterprise: a self-service portal where employees could easily request the tools they need, while IT/security would gain back-office control.
“If we as individuals cannot get a handle on all our apps, picture how many apps need to be managed in a 1,000-person company,” Safundzic reflected. This insight became the founding vision of Lumos: unify the administration of hundreds of SaaS applications and user identities into one streamlined platform.
The name “Lumos” (Latin for “light”) is fitting – the founders describe the product as casting light into the darkness of shadow IT and complex identity sprawl.
The team formally launched Lumos after a period of stealth development.
In May 2022 Lumos emerged from stealth with press coverage announcing over $30 million in funding.
The launch narrative emphasized their mission as building “the AppStore for companies,” replacing back-and-forth IT tickets with an intuitive self-service model for app access.
This early story (and subsequent marketing) coined terms like “APPocalypse” to dramatize the problem and presented the founders as “monster-slayers” delivering a new approach.
Founders of Lumos
Lumos was founded by three Stanford affiliates:
Andrej Safundzic, CEO and co-founder.
Safundzic (who holds or pursued degrees at Stanford in Computer Science and Business) has a background in tech entrepreneurship and government tech initiatives.
He previously co-founded DigitalService4Germany (a GovTech startup acquired by the German government) and an edtech venture (EduGlobe)lumos.com.
He dropped out of Stanford GSB to start Lumos. Safundzic is the public face of the company, quoted frequently about Lumos’s vision and strategy.
Leo Mehr, co-founder and former Head of Engineering (as indicated on LinkedIn).
Mehr was classmates with Safundzic at Stanford and worked as an algorithm engineer at Hudson River Trading before Lumos. At Lumos he drives product and technical development.
Alan Flores-López, co-founder and VP of Technology.
Flores-López was a Ph.D. student in cryptography and security at Stanford (mentored by Professor Dan Boneh) and had engineering roles at Samsara.
He joined Lumos after Safundzic and Mehr conceived the idea, contributing deep expertise in security and distributed systems.
All three founders met through Stanford’s tech ecosystem (classes and research) and shared the insight that, while tools like Okta solve authentication at scale, there was “no unified authorization layer” or single pane for managing who has access to what. Together they brought expertise in systems (Lek, Alan) and startup growth (Andrej) to build Lumos. Their complementary backgrounds (market, tech, policy) are reflected in the company’s focus on technology and governance.
Business Model of Lumos
B2B enterprise SaaS model
Lumos operates a B2B enterprise SaaS model. Its product is a cloud-based platform (delivered via multi-tenant SaaS) sold to large organizations.
Rather than offering a freemium or self-service entry plan, Lumos employs a high-touch sales strategy targeting mid-size and large enterprises (hundreds to thousands of seats).
In practice, Lumos’s sales team works directly with IT/security leadership (CIOs, CISOs) on multi-year contracts. Pricing is custom-quoted, likely based on number of users or managed apps, as is typical for corporate identity/security solutions.
Customers deploy Lumos both as an IT operations tool and as a security/compliance platform. The platform’s value proposition encompasses multiple IT and security use-cases in one purchase, which in turn simplifies vendor management for customers.
CIOs gain a way to onboard/offboard employees faster and enforce least-privilege policies; CISOs gain automated audit reports and just-in-time access controls.
Lumos often steps in to reduce overlaps between separate systems. For example, instead of buying one product for SaaS spend (like Torii) and another for IGA (like SailPoint), a CIO/CISO can adopt Lumos to cover both needs with one system.
Partners and Integrations
Lumos offers over 300 built-in integrations to SaaS applications, cloud services, identity providers (Okta, Microsoft Entra ID, Azure AD, etc.), HRIS systems, ITSM tools and on-prem apps.
This broad interoperability (including APIs and connectors) is core to its model; it lets Lumos serve as a centralized “source of truth” across the organization. The company also may partner with consulting firms and resellers to implement on-premise setups or compliance processes, given the complexity of large-scale deployments.
Lumos’s value-based model emphasizes ROI for customers. Marketing materials cite typical outcomes such as dramatic reductions in IT tickets, reclaimed software spend, and faster audits.
For instance, Lumos highlights savings like $230K of annual SaaS spend cut by Checkr and 72% fewer tickets at Prosper (from case studies).
These ROI figures support sales pitches and justify subscription costs. Ultimately, Lumos generates revenue mainly through license subscriptions (likely annual or multi-year), supported by implementation and professional services for integration and customization.
The business model is recurring revenue from a growing enterprise customer base, with additional revenue from consulting/advisory as needed.
Revenue Streams of Lumos
- The primary revenue stream for Lumos is expected to be software subscription licenses. Clients pay recurring fees (typically annually) for access to the Lumos platform, often priced per user or per managed resource.
Because Lumos serves large enterprises, contracts are usually enterprise-scale, with annual billing and support fees. According to market norms, this would cover software usage, updates, and standard support.
- Professional Services: In addition to subscriptions, Lumos likely earns revenue from implementation services. Deploying an identity/governance platform often requires custom configuration, integrations to HR and identity systems, and policy definition. Lumos may offer professional services (either in-house or via partners) to configure the platform, integrate directory services (e.g. Azure AD, Okta), and migrate data from existing systems. These are typically one-time or annual fees that can be significant for large customers.
As an early-stage startup, Lumos’s financial disclosures are private, but press coverage notes the company’s rapid growth. A 2024 press release reported that Lumos’s revenue grew 9× since its last funding round, indicating strong subscription momentum.
In summary, Lumos’s revenue model is typical of enterprise SaaS: recurring licenses under contract, supplemented by integration/consulting services for large deployments.
Funding and Funding Rounds of Lumos
Lumos has raised multiple venture rounds to date. The funding history can be summarized as follows:
| Round | Date | Amount | Lead Investor & Key Participants |
|---|---|---|---|
| Series A | May 2022 | $30M | Led by Andreessen Horowitz (Peter Levine); also Neo, Lachy Groom, Google CISO Phil Venables, OpenAI CTO Greg Brockman, etc. |
| Series B | May 2024 | $35M | Led by Scale Venture Partners; participated by Andreessen Horowitz, Harpoon Ventures, Neo, and others. |
The initial $30 million round (announced May 2022) was disclosed through TechCrunch: it noted that Andreessen Horowitz (with partner Peter Levine) led the raise, joined by Neo Ventures, Lachy Groom (AngelList founder), Google Cloud CISO Phil Venables, and Greg Brockman (OpenAI CTO). This funding lifted Lumos out of stealth and enabled initial product development and go-to-market launch.
The Series B round was announced May 23, 2024 via Business Wire. Lumos raised $35 million from Scale Venture Partners (lead) alongside follow-on investment from A16z, Harpoon Ventures, Neo, and existing investors. The round was intended to expand the platform’s capabilities across identity and SaaS management. By this point Lumos had achieved about 9× revenue growth over 18 months and signed enterprise logos like Pinterest, MongoDB, and GitHub.
Cumulatively, Lumos has raised at least $65M+ in venture funding. (A 2025 profile noted a “pre-seed” of A$800K in 2022 and then the $35M Series B, but public sources focus on the $30M and $35M rounds.) The company’s cap table includes top-tier VCs (Andreessen Horowitz, Neo, Scale, Harpoon) plus strategic angel investors from tech and security. This deep funding supports an aggressive product roadmap and customer acquisition.
Competitors of Lumos
Lumos occupies a unique niche overlapping SaaS management and identity governance. Its competitors fall into two broad categories:
SaaS Management Platforms:
Tools that discover cloud applications and optimize software spend.
Examples include BetterCloud, Torii, Zylo, Zluri, Blissfully, and Vendr.
These platforms can inventory SaaS usage, identify unused licenses, and automate provisioning to some extent. For instance, Torii and Blissfully are known for cost optimization and license reclamation. Lumos itself notes that these competitors “can identify shadow IT and unused SaaS licenses”, but often “are point solutions for the cost management use case”.
In contrast, Lumos argues it goes beyond just spend management. BetterCloud specializes in SaaS RBAC automation (on-/off-boarding workflows for popular apps), but by company claim it requires additional tools to handle full license optimization and compliance (Lumos markets itself as “all-in-one” to replace BetterCloud + other tools).
Similarly, Blissfully focuses on SaaS spend analytics; Lumos’s literature emphasizes that Blissfully lacks workflow automation and self-service capabilities, whereas Lumos provides an AppStore and automated access reviews in addition to cost control.
Identity/Governance Platforms:
Traditional identity solutions like Okta, SailPoint, Saviynt, CyberArk, and Microsoft Entra ID.
These cover employee authentication, provisioning, and compliance (IAM/IGA). Okta, for example, excels at single sign-on and lifecycle management, and SailPoint at governance reporting, but none are designed to manage SaaS subscriptions or usage.
Lumos positions itself as complementing or extending these: unlike Okta it provides SaaS spend visibility, and unlike SailPoint it includes real-time app discovery and end-user self-service. (Notably, Lumos’s site lists SailPoint and Okta as analogs to its “unified” platform in SEO content, implying it competes for modern enterprises seeking IGA solutions.)
To illustrate positioning, Lumos itself publishes comparison content. It claims that with Lumos, customers need not purchase separate tools: “Using BetterCloud means you have to use Productiv or Torii for license management and SailPoint for identity governance. Lumos is all-in-one”. In head-to-head scenarios:
-
BetterCloud vs Lumos: Lumos asserts that BetterCloud focuses on RBAC and automation but leaves spend and compliance to others. “Tools like BetterCloud only focus on RBAC, whereas Lumos offers a comprehensive solution with self-service access requests and access reviews”.
-
Torii vs Lumos: While Torii can track and minimize SaaS spend, Lumos argues Torii is a narrow cost-management tool. Lumos claims to extend Torii’s functionality by adding automated access workflows. “Like Lumos, Torii can identify shadow IT and unused SaaS licenses. Unlike Lumos, Torii is a point solution for the cost management use case”. In practice, Torii lacks the built-in access-request AppStore and policy automation that Lumos offers.
-
Blissfully vs Lumos: Similarly, “Like Lumos, Blissfully can identify shadow IT and unused SaaS licenses. Unlike Lumos, Blissfully is a point solution for the cost management use case”. Lumos emphasizes that it serves broader missions (productivity and compliance, not just cost-cutting).
In short, Lumos’s competitors either cover identity only or SaaS only, whereas Lumos claims to unify both. In the crowded marketplace, Lumos’s messaging is that it spares customers from stitching together multiple vendors (for example, a company that today might use BetterCloud + SailPoint could replace both with Lumos). That unified pitch is Lumos’s competitive angle.
Competitive Advantage of Lumos
Lumos’s key advantages stem from its holistic platform design, AI-driven automation, and integrated architecture:
1) Unified Platform:
From its inception Lumos deliberately built an end-to-end “source of truth” for both identities and apps. Unlike legacy vendors that added features piecemeal, Lumos “approach[ed] the access management problem holistically from day one”.
All Lumos features (discovery, workflows, analytics, reporting) share a common data model. As one blog explained, Lumos was engineered to serve “a broad spectrum of needs from day 1” – covering identity governance (IGA), privileged access (PAM), SaaS discovery and spend, etc., in a single system.
This contrasts with “point solutions” that address only one domain. The benefit is that Lumos can show, for example, exactly who has an email account in Google Workspace and what SaaS licenses they use, in one place.
2) Integration Breadth:
Lumos claims unmatched connectivity. It integrates with core HR systems and identity providers (Okta, Azure AD, Workday, etc.) and 300+ apps and systems. This means Lumos can automatically onboard or offboard accounts by listening to HR/SSO events, and can scan across the entire IT estate.
That breadth is a selling point: the founders note it took a fraction of the time to deploy “joiner/mover/leaver” workflows with Lumos than with legacy IGA suites. In practice, customers find this reduces the setup and maintenance overhead.
3) AI and Automation:
Lumos embeds AI (its “Albus” agentic AI) at the core of several features. For example, Access Reviews are automated with AI-generated recommendations: Lumos’s site touts that AI can “flag anomalies, privileged access, and risks upfront” so that reviews are “closed at AI speed”.
It also uses machine learning to spot over-entitlement and suggest policy changes. In product demos and quotes, Lumos leadership emphasizes that AI will automate routine tasks (granting temporary access, recertifications, etc.), cutting months of work to days. According to Scale Ventures partner Ariel Tseitlin, Lumos is “well on its way” to making automated management of access, spend, and security a reality.
These AI capabilities aim to deliver concrete ROI: for instance, Lumos highlights that organizations can generate audit-ready compliance reports with “one-click” (versus manual spreadsheets) and can automatically revoke unused app licenses.
4) Self-Service User Experience:
Another differentiator is the focus on end-user productivity. The Lumos AppStore gives employees a consumer-like interface to request any approved app or permission.
This reduces reliance on IT tickets. The platform supports requests via web, Slack, MS Teams or even command-line/ITSM integration. Customer testimonials underscore this: Roku’s IT manager praised how Lumos gave “visibility to all our software vendors, app access and user identities in one platform”, enabling “automate access requests” and just-in-time access.
By enhancing employee autonomy while enforcing least-privilege, Lumos claims a dual benefit of user productivity and security posture improvement.
5) Demonstrated ROI and Growth:
Lumos has early wins that reinforce its value. Case studies cite significant impact (e.g. Chegg saved weeks of manual work across 100+ apps, Secure Code Warrior cut spend 15% by eliminating redundancies). The company leverages these success metrics in sales demos. The strong revenue growth (9× in 18 months) and rapid customer acquisitions suggest Lumos’s solution resonates.
Moreover, having marquee backers (Scale, A16z, etc.) provides credibility. As Safundzic put it, they are “enabling the trend towards centralizing CIO and CISO technology stack needs, and providing clear ROI cross-functionally”.
In sum, Lumos’s competitive advantage lies in offering a more comprehensive, automated, and user-friendly solution than piecemeal alternatives – effectively unifying capabilities that customers would otherwise assemble from multiple vendors.
Products and Services of Lumos
Lumos’s product suite can be described as a consolidated Access Management Platform with several modules. Key components include:
| Module/Feature | Description/Functionality |
|---|---|
| SaaS Discovery & Spend | Discovers all enterprise SaaS apps and accounts; identifies unused licenses and app redundancies; generates spend reports (helps negotiate better pricing). |
| AppStore (Self-Service) | Employee portal to browse and request approved apps; requests auto-route for JIT (just-in-time) provisioning or manager approval, with time-bound access and audit logs. |
| Joiner/Mover/Leaver (JML) | Automated onboarding/offboarding workflows. Integrates with HR and SSO systems to auto-create or remove user accounts across apps, based on role changes. |
| Access Reviews | Compliance review engine. Schedules and automates periodic attestation of user permissions; provides AI-powered recommendations and one-click audit reports. |
| Identity Analytics (Albus) | AI-driven analysis of identities and entitlements. Flags risky access (privileged or stale) in real-time, suggests policy clean-ups, and enforces least-privilege access. (Agentic AI that “goes beyond reporting”). |
| Integrations | Pre-built connectors to 300+ SaaS apps, on-prem systems, IdPs, HRIS, and ITSM tools. Enables data flow and automation across the enterprise tech stack. |
Each of these modules is part of the same Lumos platform. Collectively, they allow an organization to gain visibility over every user–app relationship, automate workflows, and enforce security policies at scale. The unified dashboard means teams no longer jump between disjoint tools; everything from cost optimization to audit evidence is available in one pane.
Conclusion
Lumos has rapidly established itself as a novel player at the intersection of SaaS management and identity governance. Founded in 2020 by Stanford entrepreneurs who recognized that the explosion of web apps demanded a new kind of platform, Lumos built a product from the ground up to unify these domains. Its executive team leveraged their technical backgrounds and a bold “story-led” vision to raise significant venture funding and deliver a product to market. Early traction with large customers and investor enthusiasm (a16z, Scale, etc.) underscore that Lumos’s “AppStore for companies” resonates with CIOs and CISOs alike.
Strategically, Lumos’s advantage lies in tackling a broad, urgent problem (the modern enterprise’s APPocalypse) with an integrated solution, rather than piecemeal point tools. By automating routine identity tasks and illuminating hidden software spend, Lumos claims to achieve rapid ROI for clients. The company’s narrative of lighting the way through automation is backed by strong growth: it reported 9× revenue increase post-launch.
Looking ahead into 2025 and beyond, Lumos sits in a high-growth market (SaaS spend and identity management) and continues to invest in AI enhancements and deeper integrations. Plans likely include expanding the product (e.g. AI-powered request fulfillment, partner ecosystem) and scaling sales. The founding vision remains: to give enterprises one platform instead of many, so IT/security teams can focus on strategy instead of maintenance. If Lumos continues on its current trajectory—fueled by deep VC backing and expanding customer base—it aims to be a market leader in unifying IT and security operations. In sum, Lumos’s brand story is one of simplifying complexity: it casts a light on shadow IT and promise of a streamlined future where app access is fast, secure, and cost-efficient.
Also Read: LambdaTest – Founders, Business Model, Funding & Competitors
To read more content like this, subscribe to our newsletter
