Skip to main content

Public roadmap

This page is a snapshot of where Control Zero is heading. It is updated roughly monthly and lags the engineering tracker by a release or two on purpose: we list things here once they are real enough that customers can plan around them.

We do not promise dates on this page. If a date matters to your rollout, the dashboard release notes and the changelog are the source of truth for what is actually shipped.

Shipped, Q1 to Q2 2026

What has landed and is generally available.

  • Approvals (human-in-the-loop). Sensitive actions can pause for a human reviewer before they execute. End-to-end Python, Node, and Go SDK support. Dashboard inbox, per-approval drawer, and configurable timeouts and TTL grants. RBAC narrowing so only admins can edit policy or revoke grants.
  • Multi-project dashboards. The Governance Home, Analytics, and Audit pages all accept a project filter. Org admins can scope every view to a single project without leaving the org.
  • Stable, hashed argument fingerprints. Every SDK now produces an RFC 8785 canonical hash of the arguments passed to a guarded call. Policies can match on the hash without ever transmitting raw argument values.
  • Tamper response. Policy bundles are signed and encrypted; on tamper the SDK enters a configurable quarantine mode (warn, deny, deny-all). Configurable per org and per policy.
  • Approvals identity provenance. Every approval grant carries a verifiable chain of who requested, who approved, and which API key resolved the identity. Recorded in the immutable audit trail.
  • Policy library, republish flow, and detach as hard delete. Library policies can be versioned, republished, and detached cleanly with a distinct paused state for temporary disablement.
  • In-app invite inbox. Pending invites surface on a header bell even when the email got spam-trapped.
  • Browser extension (beta). Govern actions taken in claude.ai and chat.openai.com from the same policy bundle as your SDKs.
  • Shadow AI Scout (beta). Detect unsanctioned AI traffic on the network.
  • Compliance reports. SOC 2 style scoped reports across the immutable audit trail. (We do not claim certification on this page; ask your account contact for current certification status.)

In flight

What we are actively building, with usable previews already in customers' hands.

  • Dual-write storage cutover for self-managed. Self-managed installs are migrating from one transactional store to another behind a feature flag, with a parity harness comparing every read and write. Goal: a single, well-understood store across SaaS and self-managed for everything except the analytics path.
  • Approvals: delegation and group approvers. A pending request can be delegated to another reviewer; a request can target a group rather than a single user. Identity and audit semantics already shipped; UI is in beta.
  • Approvals: notification channels. Slack, email, and webhook fan-out for pending requests, with per-channel templates and quiet hours.
  • Coverage gaps. A first-class view of which users, agents, and projects do not yet have any governed calls, so an admin can spot a missing rollout before it becomes a blind spot.
  • Onboarding flow refresh. Server-persisted four-step checklist, deep-linkable for support handoff, with cache-clear resistance so a returning user is never bounced back into onboarding.

Next up

What we plan to start in the next quarter, scoped enough to commit to but not yet built.

  • Args fingerprinting, phase 1B: policy matching by hash. Phase 1A shipped the canonical hash. Phase 1B turns it into a policy primitive so you can deny by example without listing every variant.
  • Approvals: time-bound grants with budget. Approve once for the next N matching calls, or for the next N minutes, with a per-grant spend cap.
  • Tighter MCP server. Let an AI assistant manage your Control Zero policies through the same trust boundary as everything else. Today the MCP server is read-mostly; we are rolling out write actions one verb at a time.
  • Policy recipe library, expansion. More copy-paste playbooks for common scenarios. Submissions welcome.

Considering

Ideas under exploration. No commitment that they will ship in this form, or at all.

  • Native policy preview in the dashboard. Edit a policy, see exactly which historical calls would have flipped from allow to deny, before publishing.
  • Args fingerprinting, phase 2: similarity match. Match on near-duplicates rather than exact hashes, for fuzzy denials.
  • Per-user adaptive thresholds. Approval cadence that learns from a user's confirmed-safe history.
  • Compliance pack: HIPAA report scaffolding. SOC 2 style scaffolding adapted to a HIPAA narrative.
  • Self-hosted, single-binary distribution. A reference deployment with no orchestrator dependency, for very small teams.

How to influence this list

  • File a feature issue on the GitHub tracker with the feature label.
  • Email team@controlzero.ai for enterprise-shaped requests.
  • For security-shaped requests, see the security policy.

Last updated: 2026-05-18.