Capabilities Who We Serve Government Position Schedule Briefing
Defensive Mobile Forensics

Know who's listening.
Before they hear you.

LUMA detects state-sponsored spyware and surveillance operations on iOS and Android devices - built for the protectors, not the investigators.

In an era of zero-click exploits and persistent mobile surveillance, institutional security requires proactive verification - forensic depth without reliance on offensive third-party vendors.

FORENSIC AUDIT · iPhone 15 Pro NO THREAT
Kernel integrity100%
Bootrom baseline100%
Memory exploits96%
Traffic heuristics88%
IOC signatures100%
15,353 indicators indexedaudit · 00:27:41
15,353
Threat indicators
7
State-sponsored actors
17
Detection layers
< 30 min
Full forensic audit
Trusted by Intelligence Agencies Diplomatic Missions Executive Protection Units Compliance Officers Forensic Specialists
Two sides of mobile forensics

Built for the protectors.
Not the investigators.

The mobile forensic industry has built powerful tools for investigators to extract data from third-party devices. LUMA covers the opposite side - protecting the device owner from state-sponsored exploitation.

Offensive forensics

Investigation Tools

Industry-standard digital acquisition platforms
Purpose
Data extraction and decryption from seized devices for evidentiary analysis.
Use case
Post-incident criminal investigation or intelligence gathering from a target.
License
Hardware-bound dongles or proprietary workstation software suites.
Client
Law enforcement agencies, digital forensic labs, and prosecutors.
Output
PDF/Excel reports of deleted messages, location history, and media.
Defensive forensics

Protection Tools

LUMA - purpose-built for high-assurance device protection.
Purpose
Real-time detection of state-sponsored spyware and hardware tampering.
Use case
Ongoing integrity monitoring for high-value targets and embassy staff.
License
Enterprise-grade cloud or on-premise security orchestration.
Client
Executive protection units, intelligence agencies, and diplomats.
Output
Threat alerts, compromise indicators, and real-time defense status.

Both categories are necessary. LUMA covers the side no one else does.

Defensive forensics protocol

Integrity over history.

LUMA's proprietary scanning engine identifies memory-only exploits and persistent bootrom modifications that traditional investigative tools frequently overlook - the ultimate shield against modern surveillance.

Zero-Touch Integrity Verification

Confirm device integrity without altering the device or relying on offensive acquisition.

Kernel Attribute Fingerprinting

Baseline the kernel and bootrom to expose persistent, hardware-level modifications.

Real-Time Traffic Heuristics

Detect memory-only exploits and anomalous exfiltration behaviour as it happens.

Who uses LUMA

Five missions.
One forensic capability.

Engineered for deployment across diverse government and security frameworks - defensive forensic verification where trust is non-negotiable.

Intelligence Services

Pre-Mission Device Verification

Operational security for personnel entering high-threat environments - detecting persistent threats before deployment.

Use case
Verify a station chief's iPhone before posting to a sensitive country.
Embassy Security

Diplomatic Device Audit

Systematic screening for mobile hardware assigned to diplomatic missions - protecting embassy communication protocols.

Use case
Post-trip device sweep after senior staff returns from a foreign capital.
Executive Protection

Principal Counter-Surveillance

Securing the personal and professional digital perimeters of high-value individuals and corporate leadership.

Use case
Scan a CEO's personal phone before quarterly board meetings.
Counter-Intelligence

Internal Threat Detection

Forensic hygiene audits designed to identify unauthorized access or compromise within internal device fleets.

Use case
Cross-team mobile hygiene audit during an internal investigation.
Foreign Service

Travel Forensic Hygiene

Mandatory security checks for attachés and foreign-service officers returning from high-risk geopolitical zones.

Use case
Mandatory device check for returning attachés from designated countries.
The defensive gap

While offensive tools prioritize access, LUMA prioritizes verification.

The missing layer in executive protection and TSCM operations.

LUMA's position

What LUMA is.
What LUMA is not.

Buyers in regulated environments need clarity. The following defines LUMA's operational scope - the categories of use LUMA supports, and those it explicitly does not enable.

"LUMA is a defensive forensic platform. It operates only on devices for which the operator has explicit authorization. LUMA does not facilitate access to third-party devices, does not provide surveillance capabilities, and is not an offensive cyber tool."
- TSCM Intelligence Agency Ltd. · Operational Scope Statement
LUMA SUPPORTS

Authorized defensive forensic operations

In scope by design
  • Forensic analysis of owned devices
  • Detection of state-sponsored spyware
  • Detection of stalkerware
  • Court-admissible reports
  • Air-gap / on-premise deployment
  • Multi-language reporting
LUMA DOES NOT PROVIDE

Out-of-scope by design

Explicitly not enabled
  • Forensic acquisition for 3rd-party devices
  • Remote surveillance / interception
  • Offensive cyber tooling / exploit kits
  • Mass data collection
  • Tools without owner consent
  • Capabilities exceeding defensive proportionality
Procurement

Built for government acquisition.

LUMA streamlines the procurement cycle for defense and intelligence agencies - comprehensive technical documentation, pre-vetted contract templates, and rapid response for formal RFI/RFP processes.

365 days
Standard License Term

Predictable annual licensing structure designed for government fiscal cycles and multi-year procurement planning.

On-premise
Deployment Model

Engineered for air-gapped environments. No cloud dependencies, external telemetry, or data exfiltration - absolute sovereignty.

Operational integrity

Regulated procurement standards.

Zero-Trust Architecture

LUMA operates entirely on-premise. No data ever exits the secure environment.

Forensic Verifiability

Every scan produces a hashed, immutable audit log for investigative transparency.

Evidentiary Standards

Designed to meet the standards required by government defense councils and intelligence committees.

Classified briefing

Schedule a classified briefing for your acquisition team.

Briefings include a live forensic analysis demonstration, technical Q&A, and NDA documentation review.

Schedule Government Briefing
Contact: briefings@luma-scan.com · All inquiries routed via encrypted channel
For Authorized Use Only Export-Controlled Capability Contact for Jurisdiction Review