Roadmap
What we're building.
We ship with speed & thought, then work with users to build out what they care about most.
Shipped
What design partners can use today
- Composite identity binding (user · agent · workload)
- Task-bound credential issuance
- Inline policy evaluation via SDK or transparent proxy
- MCP-aware proxy enforcement for tool servers and internal APIs
- Policy proposal queue from observed agent traffic
- Self-evolving policies with human approval before promotion
- Signed, chained decision log
Iterating
What we're hardening with design partners
- Evidence export packs for audit and security review
- Control-specific evidence mapping for SOC 2, ISO 27001, and internal reviews
- Reviewer workflows for accepting, editing, and rejecting proposed policies
- Deployment playbooks for VPC-native and self-hosted environments
Later
What moves up as demand becomes clear
- Self-serve workspace setup for smaller teams and developers
- Public SDK packaging and examples
- Expanded policy templates for common agent stacks
- Richer integrations with SIEM, ticketing, and GRC systems
- Third-party security audit
- Self-hosted control plane GA