CyberComply Version Roadmap

v1.0 – Initial Release (Foundation Build)

Release Focus: Core platform deployment for CMMC compliance readiness
Key Features:

• CMMC Level 2/NIST SP 800-171 control mapping interface (110 controls / 320 subcontrols)

• Manual assessment workflows with notes, scoring, and attachments

• Role-based user access controls

• Initial SSP and POA&M templates (manual export only)

• Secure user authentication (basic login)

• Static control guidance and high-level recommendations

v1.5 – Operational Baseline & Client Onboarding Enhancements

Release Focus: Practical tools for early adopters and onboarding consultants
Key Features:

• Evidence attachment support per control and subcontrol (PDFs, images, logs)

• On-platform policy and procedure document upload

• Basic reporting engine (export assessments, evidence summary)

• “Assessment Summary” dashboard introduced

• Custom branding and white-labeling options for C3PAOs and consultants

• User onboarding flow and invitation system (manually triggered)

v1.9 – Documentation Automation + Consultant Mode

Release Focus: Improved documentation generation and consulting workflows
Key Features:

• Dynamic SSP generation based on scoping data and assessment results

• First version of POA&M auto-generation tied to failed subcontrols

• “Consultant Mode” for managing multiple clients under one admin account

• Exportable artifact library per client

• Scoping questionnaire added to front-load project setup

v2.0 – Secure Containerized Architecture & Multi-Tenant Capabilities

Release Focus: Infrastructure overhaul and enhanced security posture
Key Features:

• Each client deployed into its own isolated, containerized enclave

• Dedicated SSL certificate for every tenant instance

• No FCI/CUI storage or transmission across the platform

• Multi-tenant admin console released for MSPs, MSSPs, C3PAOs

• Scoping now drives tailored SSP and POA&M generation

• Audit Readiness Mode added for mock assessments and team prep

• First integrations introduced (e.g., basic SSO, Slack notifications)

v2.1 – Advanced Documentation & Usability Tools

Release Focus: Depth of compliance support, templates, and QA features
Key Features:

• Full policy/procedure library (14 CMMC domains) now embedded and editable

• Inline control guidance upgraded with how-to steps and sample evidence

• Enhanced reviewer tools: status flags, control-specific comments, and tags

• Manual control mapping support for hybrid environments (e.g., IT + OT)

• Notifications for upcoming POA&M deadlines and expiring documents

• UI improvements for mobile and tablet users

v2.2 – AI-Driven Insights & Assessment Enhancements

Release Focus: Intelligence, automation, and full assessment readiness
Key Features:

• CyberComply AI launched to provide plain-language control explanations

• Assessment Objectives and Recommendations embedded for all 110 controls

• Subcontrol-specific guidance finalized (320 total with detailed descriptions)

• Enhanced POA&M logic with dependency mapping and milestone tracking

• Scoped evidence library with filters by domain, status, and control family

• Internal user roles expanded: auditor, implementer, read-only, consultant

• Assessment timeline tracking added

v2.3 – Smarter AI, Vendor Risk, and Remediation Automation (Latest)

Release Focus: Vendor security management, smarter workflows, and automation
Major Features:

• Multi-Factor Authentication (MFA) for platform and console login

• Upgraded AI Engine with improved infrastructure and higher LLM token limits

• Vendor Assessment Module for conducting and managing third-party assessments

• Remediation Workflow Upgrades:

  • Email notifications for task assignment and status changes

  • Editable “Level of Effort” and “Resources” fields

  • Remediation tasks can be linked to risks instead of controls

  • Advanced filtering and sorting (e.g., by control, domain, status)

• Quality-of-Life Improvements:

  • Auto-saving comments

  • Clear login error messaging

  • 24-hour expiration on user invite links

  • Minor bug fixes, control mapping corrections, data consistency updates

Planned Roadmap for v2.4+ (Optional future planning based on current trends)

CyberComply GRC v2.3. Even more powerful and intuitive major platform update 2025