Roadmap

🎯 Purpose

This roadmap outlines the next major capabilities planned for the platform. Each feature strengthens a different layer of the cybersecurity ecosystem while integrating into a single, automated risk lifecycle.

Our goal is to expand prevention, visibility, and governance while maintaining simplicity, automation, and scalability.

🚀 Roadmap Overview (Next Major Features)

1️⃣ EASM – External Attack Surface Management

🔍 What It Is

EASM continuously discovers and monitors internet-facing assets such as:

• Domains & subdomains

• IP addresses

• Cloud services & shadow IT

• Exposed services, ports, and misconfigurations

🧠 Why It Matters

Organizations cannot protect what they don’t know exists. EASM provides outside-in visibility, mirroring how attackers see the organization.

🔗 Platform Integration

• Discovered assets automatically feed into ARA

• Identified exposures create risk entries in ERM

• Critical findings trigger alerts and remediation workflows

🎯 Business Value

• Reduced breach likelihood

• Early detection of shadow IT

• Strong alignment with NIST, ISO 27001, and SOC 2 requirements

2️⃣ Phishing Training & Simulation (PTS)

🎣 What It Is

A comprehensive phishing resilience program that:

• Simulates real-world phishing campaigns

• Measures user behavior (clicks, credential submission, reporting)

• Provides immediate, targeted training

🧬 Why It Matters

Over 85% of breaches involve human error. PTS transforms employees from a vulnerability into a first line of defense.

🔗 Platform Integration

• Results feed into Security Awareness KPIs

• High-risk users flagged as human risk indicators

• Metrics reported to management dashboards

📊 Key Metrics

• Click-through rate

• Report rate

• Repeat offender reduction

• Departmental risk trends

🎯 Business Value

• Measurable reduction in phishing risk

• Demonstrable awareness maturity

• Audit-ready training records

3️⃣ Policies Management System (PMS)

📜 What It Is

A centralized system to manage the full lifecycle of security policies:

• Creation & version control

• Review and approval workflows

• Distribution & employee acknowledgment

• Audit logs and evidence collection

🧭 Why It Matters

Policies are the foundation of governance, yet often unmanaged, outdated, or unacknowledged.

🔗 Platform Integration

• Missing acknowledgments create compliance findings

• Policy status reflected in Trust Center

🎯 Business Value

• Stronger governance posture

• Faster audits with evidence on demand

• Reduced compliance risk (ISO, GDPR, SOC 2, NIST)

🧩 Strategic Impact

Together, these features deliver:

• Full attack surface visibility (external + internal)

• Human-layer risk reduction

• Governance automation and audit readiness

They strengthen the continuous defense loop:

Discover → Assess → Train → Govern → Monitor → Improve