Pre-launch readiness sweep
CSP + security headers, per-user notification gating, Slack plan re-check on every send, automated smoke suite + pre-push hooks, DSAR/incident/backup runbooks. Most of this has shipped in the last 30 days.
Roadmap
What's coming,in the order it's coming.
Soft dates. Quarter-grain at best. Items in Soon are committed; items in Later are honest guesses; items in Considering may never happen. Roadmap items move to the changelog the day they ship — not before.
01 · Now
In flight this quarter
Q2 2026 · pre-launch. Most of these items have already landed or are mid-flight.
Status page + uptime probes
trueno.io/status now reports overall + per-subsystem health (database, scanner, email) with a 30-second revalidation. The page itself is server-rendered so it's accurate the moment you load it.
Sentry + PostHog wiring
Server-side instrumentation already in tree; turning on production environment variables to start capturing real funnel + error data ahead of the public launch push.
Product Hunt launch
Bundling the items above into a launch-ready surface so the first wave of visitors hits a complete, instrumented product rather than a half-instrumented preview.
02 · Soon
Next quarter
Q3 2026 · planned. Order may shift as we hear from launch users; the set is committed.
Weekly digest email on every plan
Today only Control+ workspaces get critical-finding emails. A weekly digest of new findings, resolved findings, and cost movement would land on Free + Command too — the single biggest retention lever for a notification-driven product.
Public /cost-check (no signup)
A one-shot Cost Explorer scan you can run by pasting a role ARN. No signup, no workspace. The same engine that powers the dashboard, exposed as a wedge for traffic that's not ready to commit yet.
Customer feedback widget in dashboard
A floating feedback button that writes to a single Supabase table. Continuous signal without standing up an external tool. Pre-launch is when this is most valuable — every reaction matters disproportionately at low volume.
Scan diff view
“What changed since last scan” for resources and findings. This is the one capability where continuous monitoring beats a one-off audit. Once it ships, daily scans start to look like a feature, not a chore.
First-finding remediation runbooks
Per-rule fix guides — Terraform snippet, AWS console steps, and CLI commands. Stops being “another dashboard,” starts being a tool that closes the loop.
Mobile dashboard QA sweep
We already ship a mobile-first marketing site and an opinionated mobile nav for /. The dashboard surfaces haven't had the same systematic mobile pass. Executives check phones — this fixes that.
Comparison pages
Honest comparison content for the categories people actually search — generic FinOps tooling, infrastructure visualizers, security posture tools. Not “we win on every axis” marketing; specific tradeoffs.
GitHub Actions CI + weekly backup
Lint + typecheck + build + smoke on every PR. Weekly Supabase pg_dump to a private S3 bucket. Both have runbooks written already; the CI surface is the only thing missing.
03 · Later
Beyond next quarter
Q4 2026 onward. Best-guess sequencing. Customer signal will reorder this aggressively — that's the point of writing it down.
AWS Organizations bulk onboarding
Connect a payer + auto-discover all member accounts in one trust-policy ceremony. Today onboarding is one role per account, which doesn't scale past ~5 accounts. The single biggest enterprise-readiness gap.
AWS Marketplace listing
Lets customers pay through their existing AWS commitment, bypassing the platform-billing question entirely for the customers who matter most. Independent of the Stripe direction below.
Recommendation prioritization scoring
A unified score — severity × estimated savings × confidence × remediation effort — that ranks cost and security recommendations on a single list. Replaces the per-module sort that exists today.
Ticketing integrations
Jira, Linear, and GitHub Issues — one-click create-ticket-from-finding plus bidirectional status sync. Moves trueno from a dashboard into a workflow tool.
Slack DM-on-assignment
Distinct from the existing channel alerts. When a finding is assigned to you specifically, you get a 1:1 ping. Channel-level alerts are noisy; personal ones are sticky.
Per-account health score (0–100)
A single, trending number per AWS account that rolls up findings, recommendations, and cost trajectory. Re-frames findings as a metric leaders track over time, not a queue they clear.
Public REST API + outbound webhooks
Read access to findings, recommendations, and resources. Webhook notifications on new critical / resolved / cost-spike events. Lets customers integrate trueno into their own pipelines.
AWS Security Hub writeback
Bidirectional sync with Security Hub: findings flow in, our resolutions flow back. The biggest single enterprise unlock for organizations already standardized on Security Hub.
04 · Considering
Ideas without a date
Things worth thinking about, none of which are committed. Appearing here is not a promise.
Customer-writable custom rules
Big surface area — DSL design, evaluation engine, RBAC, versioning. Only worth shipping when 2–3 customers are explicitly asking. Today, none are.
IaC overlay (Terraform plan / CDK)
Overlay drift between deployed state and the IaC that's supposed to define it. Differentiated, expensive, and depends on customers committing IaC sources to trueno — a privacy question we haven't worked out yet.
Mobile PWA
Manifest + offline shell + install prompt. Days of work, useful for executives who want a one-tap home-screen launcher. Below the bar until we hear it asked for.
Verticalized compliance mode
A SOC 2 / FedRAMP / HIPAA framing where findings are re-grouped by control rather than by module. Real moat if we picked one; splitting effort across all of them wins none.
05 · Not on the roadmap
Deliberately out of scope
The most useful thing a roadmap can do is tell you what won't happen. Each item here is a choice, not a backlog.
Multi-cloud (Azure, GCP)
AWS-only is a design choice, not a capacity constraint. AWS-only lets us go deeper on AWS-specific things (Cost Optimization Hub, Security Hub, Organizations, Marketplace) that multi-cloud tools can't reach.
Write access to AWS
trueno is read-only by design. Every IAM action we ask for is list/describe/get. We won't introduce a write path — even an opt-in one — because read-only is a load-bearing trust property, not a limitation.
Cross-tenant benchmarking
There is no “your spend vs. peers,” no anonymized aggregate, no training data extracted from your environment. Workspace isolation is enforced at the database layer — see /security for how.
AI-generated remediation autopilot
We will ship remediation runbooks (see Soon, above) and we will ship recommendation scoring. We will not ship a system that automatically applies cloud changes on a customer's behalf. Read-only is the answer to that whole class of question.
06 · Want to influence the order?
Tell us what's missing.
The fastest way to move something up is to email with a specific use case. The fastest way to add something is the same — a roadmap is a conversation, not a contract.
Have a request?
Email the team at hello@trueno.io with the workspace problem you're trying to solve. We read every message, and the ones that name a concrete pain are the ones that win priority arguments.