Roadmap

Built foundations first. Scaling operations next.

The current pass moved BreachScope from a scanner into a connected workflow for policy, evidence, triage, and integrations. The remaining roadmap is focused on production identity, connected repositories, organization workflows, and portfolio-level analytics.

Current codebase01

Shipped

  • Policy-as-code gates, baselines, SARIF, SBOM, OpenVEX, and fix suggestions
  • Projects, scoped API keys, integrations, audit logs, and finding triage
  • SCIM user lifecycle endpoints and SAML metadata foundation
  • Tracee/eBPF runtime command for Linux event capture
  • Deterministic supply-chain risk scoring across registry and security signals
  • Secret-safe sandbox defaults and hardened Docker runtime flags
Next02

Operationalization

  • Production SAML ACS with assertion validation and IdP certificate pinning
  • Repository connection flows for GitHub, GitLab, and Bitbucket
  • Scheduled organization scans from the dashboard
  • Role-based organization access controls across projects
  • Provider credential management UI for all integration executors
Later03

Scale

  • Cross-project dependency blast-radius graph
  • Central evidence archive for release audits
  • Risk trend analytics by team, project, ecosystem, and policy
  • Runtime event correlation with static findings
  • Automated pull requests for verified safe dependency updates

Need something specific?

Open a GitHub issue with the workflow, environment, and risk outcome you need. Product requests should include an API contract, audit behavior, and verification plan.

Open issueRead docs