Roadmap
FlowLink эволюционирует из MCP gateway в полноценную AI-native SecOps & Operations Platform. Вот наш путь — что доставлено, что в работе, куда двигаемся.
5
фаз доставлено
1
в разработке
2
запланировано
Фаза 1: Core Security
✅ Доставлено- ✅MCP Gateway (inline, WSS/HTTP)
- ✅Shield Engine (pattern matching, risk scoring)
- ✅Policy Engine (per-agent, per-tool, per-service)
- ✅Approval Queue (Telegram, Web UI, API)
- ✅Audit Log (каждое действие записано)
- ✅Command History (exit codes, durations, shield results)
- ✅Rate Limiting (per-agent, hot-reloadable)
- ✅Authentication (OAuth VK/Yandex/GitHub, email, 2FA)
Фаза 2: Zero-Trust & Secrets
✅ Доставлено- ✅Secret Injection (env vars, files, vault pull)
- ✅Per-Org Encryption (X25519 + AES-256-GCM)
- ✅External Vault Integration (HashiCorp Vault)
- ✅Zero-Trust API (key setup, verification, rotation)
- ✅E2EE Agent Communication
Фаза 3: Infrastructure & Observability
✅ Доставлено- ✅Infrastructure Map (семантический граф сервисов)
- ✅Service Discovery (auto-detect через агентов)
- ✅Service Catalog (ownership, SLA, health, risk)
- ✅Agent Health Monitoring (heartbeat + auto-recovery)
- ✅SIEM Integration (Alertmanager, Generic webhooks)
- ✅Billing & Subscriptions (4-tier pricing)
Фаза 4: Forensics & AI Ops
✅ Доставлено- ✅Incident Timeline (blast radius + anomaly detection)
- ✅Agent Reconstruction (scenario replay)
- ✅Compliance Reports (security audit, policy compliance)
- ✅Context Snapshots (point-in-time state + diff)
- ✅AI Ops Assistant (natural language queries)
- ✅Efficiency Insights (agent ROI, time saved)
- ✅Change Management (approval + rollback)
- ✅Telegram Bot (webhook mode)
Фаза 5: GitOps & DevOps
✅ Доставлено- ✅ServerGuard (eBPF мониторинг файлов, Docker events, canary tokens)
- ✅Drift Detection (nginx, systemd, SSH configs)
- ✅Auto-Backup перед destructive operations
- ✅GitOps Bridge (agent↔relay sync)
- ✅K8s Operator (CRD + admission webhook)
- ✅Restore API + CLI commands
Фаза 6: Intelligence & Scale
🔄 В разработке- 🔄Pattern Learning (auto-suggest политик из поведения агентов)
- 🔄Anomaly ML (behavioral baseline, drift detection)
- 🔄Cost Attribution (per-agent, per-service cost tracking)
- 🔄Budget Alerts (spending limits per agent/org)
- 🔄Multi-tenant RBAC (fine-grained роли и permissions)
Фаза 7: Platform & Ecosystem
📋 Запланировано- 📋TypeScript SDK (программное управление платформой)
- 📋Python SDK (автоматизация и скриптинг)
- 📋Prometheus Metrics Exporter
- 📋Grafana Dashboard Templates
- 📋Terraform Provider (Infrastructure as Code)
- 📋Kubernetes Helm Chart
- 📋Plugin System (custom Shield rules, integrations)
- 📋Marketplace (community-contributed policies и patterns)
Фаза 8: Advanced Security
📋 Запланировано- 📋Prompt Injection Detection (анализ tool outputs)
- 📋Tool Poisoning Prevention (валидация MCP server signatures)
- 📋Data Loss Prevention (DLP patterns в tool responses)
- 📋Session Recording (полный terminal replay)
- 📋Threat Intelligence Feed (known malicious patterns)
- 📋Compliance Automation (SOC2/ISO27001/ФСТЭК)
Влияние и выравнивание
Наш roadmap основан на:
- •OWASP GenAI MCP Security Guide — tool poisoning, least-privilege, runtime guardrails
- •Enterprise AI Security Standards — zero-trust, audit compliance, incident response
- •ФСТЭК / ГОСТ Р 57580 — российский compliance для government и enterprise
- •Community feedback — GitHub Issues