What PatchPilot is building next

Native macOS agent on the same .NET 8 codebase as Windows/Linux. .pkg + .tar.gz for x64 + arm64. Build-verified — install verification rolls into a v1.0.x patch when Apple notarization is set up. Signed/notarized .pkg is the only remaining v1.1 work.

Mark devices as VM hosts; manage their guests directly from the dashboard: pause, resume, shutdown, launch, snapshot, export, import. Hypervisor adapters: Hyper-V (WMI), QEMU/libvirt (virsh), VirtualBox (vboxmanage), VMware (vSphere). v1.0 ships the schema + dashboard scaffold + command queue; v1.1 ships the agent-side handlers that actually execute.

Mobile device inventory, OS version tracking, and basic policy enforcement (screen lock, encryption state). Lightweight — not a full MDM. Full MDM management commands ship Q2 2027 once this foundation is in place.

Pre-built control mapping and evidence template specifically for NHS Data Security & Protection Toolkit submissions. One-click PDF for your DSPT assessment officer. No other RMM vendor has a native DSPT pack — it's currently a manual spreadsheet exercise.

v1 ships network discovery and topology graph. v1.1 adds full SNMP polling: live device metrics — uptime, port utilisation, bandwidth — plus SNMP trap ingestion. Switch and router visibility alongside your endpoint data in one pane.

Compliance evidence pack generation, ransomware tripwire, and full baseline comparison ship on Linux in v1.1. The v1 Linux agent covers patching, posture, shell commands, and run_script. v1.1 closes the remaining gap with Windows.

Bitdefender, CrowdStrike, and SentinelOne alert feeds surfaced in the PatchPilot dashboard. Status sync, alert triage, correlated CVE view. Surfaces your EDR data alongside patch and posture — doesn't replace it.

Exchange, SharePoint, and OneDrive backup with granular restore. Point-in-time recovery, configurable retention. Backups stream to customer's own BYO storage or managed Vault. Datto's flagship SaaS backup, delivered at SMB price.

Currently Mode A shadow uses the unified PatchPilot agent. The new shadow path gives browser-native RDP — no extra install on the technician's machine, better UX, simpler network path. Completes the remote access stack.

Real-time CPU%, top processes, network bandwidth, battery state, and onboard temperatures streamed from every agent. Sub-30-second metric refresh on the device detail page — no waiting for a polling cycle.

Time-series storage for every device metric with 7-day, 30-day, and 90-day trend graphs. Spot creeping disk usage, memory leaks, or thermal drift weeks before they cause an outage.

Server-Sent Events pipeline for sub-second alert delivery to the dashboard and mobile clients — replacing today's 30-second polling loop. Technicians see incidents the moment they happen.

SSL certificate expiry tracking plus HTTP/HTTPS uptime monitoring for customer URLs. Get a 30/14/7-day expiry warning and an immediate alert on first failed probe.

Pull Microsoft Defender and other EDR detections into device_alerts so threats appear in the same triage queue as patch and posture alerts. One pane, one workflow.

Docker Compose bundle for on-prem / private-cloud / air-gapped installs. License-file activation (no phone-home), offline CVE feed sync (USB or proxy-cached), on-prem TLS, dedicated support engineer, optional managed update channel. Unlocks public-sector, defence-adjacent, and heavily-regulated enterprise that cannot host on third-party cloud. Sales can quote against Q4 2026 GA from today; design partners get co-engineering input.

Shipped at v1.0 launch as AI Vulnerability Triage. Claude (via Anthropic API, AWS Bedrock, OR on-prem Ollama) scores each CVE 0–100, explains the rationale in plain English, suggests remediation. Ollama is the default so customer data never leaves your server. The full LLM patch-ordering layer (factoring patch history + business hours) ships in v1.1.

When tickets arrive via existing helpdesk integrations, AI pre-classifies priority, suggests likely resolution steps, links to similar past tickets, and recommends the right technician. Reduces Tier 1 handle time materially.

Full ticketing module: email-to-ticket, SLA tracking, ticket merging, time entries, internal notes, customer portal. For teams on Jira/Zendesk/HubSpot, the existing webhooks remain. For teams who want single-pane-of-glass, this replaces a separate helpdesk tool entirely.

End-users can submit tickets, check their device's patch and vulnerability status, request software from an approved catalogue, and view audit data about their own machine. White-labellable per MSP child-org.

Mock audit dashboard: evidence checklist, "Are you CE+ ready?" readiness score, gap report. Reduces certification anxiety and shortens the assessor engagement. Pairs with the existing CE+ evidence pack already shipped at v1.

LAN scan aggregation: hardware inventory, warranty tracking, lease end dates, lifecycle alerts. "What do you actually have?" across the whole estate, surfaced in one dashboard alongside patch and vulnerability data.

Per-client password vault, knowledge base articles, runbooks, and basic network diagrams — all linked to devices in the estate. Removes the "we need IT Glue for this" objection at a lower cost.

Alerts to channels, ticket creation from messages, slash commands: "PatchPilot, show me all devices with critical CVEs." Fully operational without leaving your chat platform.

Multi-vendor support beyond the v1 three, deeper telemetry pull, threat hunting view, and correlated risk scoring across endpoint + EDR data. Turns PatchPilot into your unified security operations console.

Volume-level continuous backup with cloud target. Bare-metal restore tested and verified end-to-end. Configurable retention, de-duplication, compression. File/folder backup to BYO storage ships at v1; Q1 2027 is Datto-grade bare-metal image backup.

SNMP polling ships Q3 2026. v2 adds NetFlow aggregation: traffic baselines, anomaly alerts, per-application bandwidth. Live network dashboards alongside endpoint data — one pane of glass for the whole estate.

Active-active control plane in UK and EU data centres. Customers pin their data to a region. Supports EU-only data residency requirements — particularly relevant for regulated continental European buyers.

Script library with AI-recommended remediation steps. "AI detected this issue and suggests this script — run it?" One-click execution with full audit trail. Builds on the existing script + step-up MFA infrastructure shipped at v1.

Per-tech hours logged against tickets, billable rate cards, monthly invoice generation, client-facing time reports. Closes the "we need Autotask for billing" objection for smaller MSPs who don't want a full PSA.

SMART disk health forecasting, patch conflict prediction before deployment, anomalous behaviour alerts. Surface problems 2–4 weeks before they become incidents — move from reactive to genuinely predictive IT.

Full mobile device management: iOS and Android enrolment, MDM commands (lock, wipe, enforce passcode, app push), BYOD separation policies. Builds on the Q3 2026 iOS/Android agent foundation. Replaces Jamf Now and Intune mobile for SMB.

Community-contributed scripts with reputation scoring, vetting, version history, and one-click deployment. Browse, fork, and publish PowerShell and Bash automations. Revenue share for top contributors. Discover, not just run.

Power-user self-service: hardware order requests, software approval workflows, password reset flows, status tracking. Full approval gates for IT admin. Reduces Tier 0 ticket volume without adding technician workload.

AI autonomously handles common Tier 1 tickets: password resets, approved software installs, basic connectivity troubleshooting. Closes tickets without technician touch. Full audit trail retained for every autonomous action.

High-margin upsell for customers who prefer not to configure their own BYO storage destination. Managed, geo-redundant, GDPR-compliant. BYO remains the default and always free — Vault is the convenience tier.

"Show me every Win11 device with BitLocker disabled and a CVE score above 9.0." Natural-language queries against the full device estate — no SQL, no filter menus. Powered by the knowledge graph built across v1.x releases.

15+ new built-in alert templates: sustained CPU, event-log keyword match, repeated login failures, certificate expiry, BSOD, network packet loss, sustained disk IO, scheduled task failed, app crash count, login from new IP, and more.

Compose your own alerts: any metric + operator + threshold + time window. Save, share, and version control alert rules across the org. No need to wait for us to add the alert you want.

Email and in-app notifications already ship at v1. Q2 2027 adds Slack, Microsoft Teams, SMS, and generic webhook destinations with per-channel routing rules and quiet-hours support.

Tickets auto-close inside PatchPilot the moment they're resolved in Jira, Zendesk, or HubSpot. Completes the bidirectional sync — no more stale device alerts waiting on a technician to tidy up.

L1 -> L2 -> L3 rotations with configurable acknowledgement timeouts. Page the on-call engineer when the first responder doesn't ack within N minutes. Built for MSP NOC workflows.

Windows already has signed SelfUpdate at v1. Q2 2027 brings the same signed, staged auto-update flow to the macOS and Linux agents — no more manual fleet upgrades.

Drops the device_offline_hours default from 24h to 15min so customers learn about offline devices within a coffee break, not a working day. Per-org override remains available.

/tasks, /defender, /entra, /intune, /alerts, /managed-devices, /updates currently 404 from the sidebar. Backend handlers needed.

/billing surface exposes the env-var name STRIPE_SECRET_KEY to customers. Sanitise the error path.

Direct links to dev-console tabs don't restore the correct active tab on load.

Both pages load Tailwind from a CDN; CSP blocks the script. Inline build or self-host Tailwind.

Settings subroutes render the 404 body inside the Settings chrome rather than wiring real handlers.

Top-level /alerts page currently 503s for signed-in users. Wire the alerts handler + view.

Audit log UI renders user_id UUIDs and machine event codes. Resolve to friendly names and human-readable events.

Watchdogs panel 502s — backend route or upstream worker not responding.

/education returns HTTP 200 but body says 404. Redirect to /for/education or render real content.

Some marketing pages use .html-suffixed nav links, others use extension-less. Normalise to extension-less.

Mega-nav trigger renders without an explicit type and defaults to submit; should be type="button" to avoid stray form submits.

Failing contract test. Public /readiness endpoint shape mismatch — repair backend response to match spec.

Failing contract test. Marketing copy claims drift from shipped capability — sweep and reconcile.

Failing contract test. Internal marketing cross-links broken or stale.

Failing contract test. Readiness wizard mis-handles AWS Bedrock error paths.

Failing contract test. Remote-control UI leaks underlying vendor branding instead of full white-label.

Failing contract test. Visual regression suite reporting drift — review baselines and re-snapshot the intentional changes.