K0NSULT // ai-truth/ipIII
k0nsult.cloud / ai-truth / ipIII / roadmap / en

Roadmap, Changelog & Maturity

A public record of what has been built and what does not yet exist. An honest maturity assessment: the current state of the portal is a public prototype / reference demonstrator, not a production product. The entire production layer (live authentication, database, authenticated API) has ROADMAP status — we do not pretend it works.

🇵🇱 Polski 🇬🇧 English
Reference specification. This is neither a certification nor a legal opinion; the production implementation has ROADMAP status. This page documents plans and change history, not a declaration of operational readiness. The GAP and ROADMAP statuses are explicit and deliberate — they mark features that are designed but not yet deployed in a production version.
Claim ≤ Proof — including toward the portal itself.

The same doctrine we apply to incidents, we apply to our own maturity state. Instead of claiming "the system is ready," we show exactly what is built as a demonstrator (static pages, deterministic illustrative engines) and what remains to be done in a production version (IAM, database, audit, API).

MATURITY PATH: public prototypeGO CONTROLLEDpilotproduction

Where we are now

▮ public prototype / demonstrator ← WE ARE HERE GO CONTROLLED (limited access) pilot (1 entity, real data under NDA) production (SLA, IAM, audit)

Prototype = a complete reference and documentation layer (57+ pages), deterministic illustrative engines, demonstration data marked SIMULATION. There is not yet production authentication, a persistent incident database, or an authenticated API — those elements appear below as ROADMAP.

57+
Reference pages
built · F0–F11
12
Build waves (F0–F11)
changelog below
2
Internal audits
fixes deployed
0
Production auth/DB integrations
ROADMAP status

Changelog — what has been built

The history of building the portal in waves. Everything below is a reference/demonstration layer unless noted otherwise.

WaveScopeStatus
F0Core: Hub, evidence-first doctrine, data model (illustrative SQL), roles and priorities P0–P3, navigation.BUILT
F1–F2Panels: Dashboard, Cyber Map, AI Risk Map, Evidence Board, Legal Board, Response Board (static, demo data).BUILT
F3Intake and classification: Incident Intake, Classification Engine (deterministic illustrative rules), Threat Map, incident table.BUILT
F4–F5Cyber playbooks (phishing, ransomware, DDoS, vulnerabilities, data leak, supply chain) + AI playbooks (prompt injection, agent hijack, hallucination, deepfake, AI Act, continuity).BUILT
F6Compliance and reporting, AI/Agent Security, banking security demo.BUILT
F7Exercise layer: Civilization, roster, swarms and cycles, Red Team, Pentest, Exercise Board, Rules of Engagement — no offensive payloads.BUILT
F8Interactive: Sentinel (attack/defense simulator, illustrative inline CSS+JS), 4D Tesseract, Poland Protection, Effectiveness (dogfooding).BUILT
F9Scale and learning: scales (local→RSC), training + test, Hackathon (rules, leaderboard).BUILT
F10Global gateway: Disclosure/VDP, Bug bounty, Threat Intel, Global. English flagship.BUILT
F11Full report + uni0nai research program, navigation stitching, tesseract as a 4D trust model.BUILT

Post-audit fixes

Two internal audit reviews. Deployed corrections:

Audit 1 — navigation and consistency

Navigation between waves F0–F11 was completed (subnav, section map, no orphan pages). The phosphor terminal and .wrap structure were unified.

Audit 1 — incidents endpoint

The /api/ip3/incidents contract was designed (read-only, demo data). Production wiring remains ROADMAP — the endpoint is not connected to a persistent database.

Audit 2 — language hygiene

Phrases suggesting operational readiness ("100% protection", "impenetrable") were removed. Replaced with claim ≤ proof: "evidence coverage", "GAP status".

Audit 2 — disclaimers

Reference notices and SIMULATION / GAP / ROADMAP markers were added to pages that could be read as a product declaration.

Roadmap — P1 (high priority)

Production layer. All items have ROADMAP status — designed, not yet deployed. This is not a list of working features.

PriorityItemDescriptionStatus
P1IAM / RBACIdentity management and role-based access control (analyst, SOC, compliance, admin). Separation of views by role.ROADMAP
P1Audit logImmutable event log (who, what, when) for audit trail and NIS2/KSC compliance purposes.ROADMAP
P1Data retentionRetention and deletion policies for incident data (GDPR Art. 5), TTL, archival.ROADMAP
P1Organizations / UsersMulti-tenancy: organizations, users, data isolation between entities.ROADMAP
P1legal_assessmentsPersistent table of legal assessments (incident → reporting obligation mapping) with history and versioning.ROADMAP
P1Production APIAuthenticated API (OIDC / mTLS), per-scope authorization, rate limiting. The current contract is illustrative.ROADMAP
P1Law Change WatchDynamic tracking of legal changes (AI Act, NIS2, KSC, GDPR) instead of static frames. Currently the framework content is entered manually.ROADMAP
P1PostgreSQL integration testsPersistence layer on PostgreSQL + integration tests (intake→classification→report against a real database).ROADMAP

Roadmap — P2 (medium priority)

PriorityItemDescriptionStatus
P2EN-allFull translation of the portal into English (currently the English flagship = one overview page).ROADMAP
P2OpenAPI / Swagger UIFormal OpenAPI specification + interactive API documentation for integrators.ROADMAP
P2RoE / VDP formsWorking Rules of Engagement and Vulnerability Disclosure forms (currently descriptive pages without a submission backend).ROADMAP
P2Real cyber-rangeAn actual exercise environment (isolated labs) instead of the illustrative Sentinel simulator.ROADMAP
P2SIEM / STIX / TAXIIThreat-intel exchange integrations: STIX 2.1 import/export via TAXII, SIEM connectors.ROADMAP
Path to production. public prototypeGO CONTROLLEDpilotproduction. Moving to each subsequent stage requires operator ACK and evidence (evidence-first). Until the "production" stage, no feature from the P1/P2 tables may be presented as working at a real entity.
Maturity honesty. The portal is valuable as an architectural reference, an evidence-first doctrine, and a complete skeleton of the SOC/GRC process. It is not — and does not claim to be — a deployed product with live authentication and an incident database. This page exists so that this boundary is always explicit. An alert without proof is a hypothesis; a feature without deployment is ROADMAP.