The Roadmap for CtrlOne
By CtrlOne Team ·
A roadmap is a promise about priorities, not a list of guarantees, and the most useful thing we can share is how we decide what to build. CtrlOne is a Windows configuration, hardening, and device-governance platform: it expresses controls as named toggles, pushes them to enrolled devices through Group Policy and registry policy, versions every change, and re-asserts the intended state when a machine drifts. This article lays out the direction we are steering, the constraints we hold ourselves to, and why staying honest about scope matters as much as adding features. It is our perspective on the road ahead, not a dated set of commitments.

How we choose what to build
Every proposed feature is measured against a simple question: does it help an administrator put a Windows fleet into a deliberate, provable state and keep it there? If a request cannot be traced back to that job, it waits.
We prioritise depth over surface area. A toggle that behaves predictably across editions of Windows, versions cleanly, and rolls back safely is worth more than a dozen half-supported switches that create uncertainty in production.
Making toggles clearer and safer
Named toggles are the heart of the product, so much of our planned work is about making them easier to reason about. That means better descriptions of what each control changes, clearer previews before you apply, and tighter scoping so a policy lands only where you intend.
Safety in rollout is the other half. We want staged application, obvious diffs between versions, and rollback that is a routine action rather than an emergency, so teams can move quickly without gambling with a live fleet.
- Plain-language descriptions of what each toggle actually changes.
- Preview and dry-run steps before a policy reaches devices.
- Cleaner version diffs so reviewers see intent at a glance.
- Rollback treated as a normal operation, not a fire drill.
Stronger evidence, not stronger claims
Compliance work on our roadmap centres on evidence packs: exportable records that show what was enforced, when it changed, and who approved it. The goal is to make an auditor's questions easy to answer with real data.
We are deliberate about language here. CtrlOne helps you build a compliance-ready posture and assemble HIPAA, SOC 2, and ISO 27001 evidence. It does not make you certified, and we will never dress up an export as an accreditation.
Scaling governance across tenants and sites
As fleets grow, the hard problems shift from single machines to structure: how policy inherits across groups, how per-tenant boundaries stay clean, and how a change is reviewed before it fans out.
Our planned investments in scheduling, grouping, and approval flows are about giving larger teams the same confidence a small shop has on one PC. The scheduler in particular lets change land in maintenance windows rather than in the middle of the working day.
- Group-based inheritance that stays predictable at scale.
- Per-tenant separation for MSPs and multi-site estates.
- Scheduled application aligned to maintenance windows.
- Approval steps that record who signed off on a change.
The scope we will not drift into
A roadmap is also a set of things we choose not to do. CtrlOne is not an antivirus, EDR, XDR, SIEM, or firewall, and we are not planning to become one. Those tools detect and respond to threats; that is a different discipline with different assumptions.
Our contribution is complementary. By reducing attack surface and keeping configuration honest, CtrlOne gives your detection stack less to catch and a cleaner baseline to reason about. Staying in our lane keeps the product trustworthy.
How the roadmap stays honest
We treat the roadmap as a living document shaped by how the platform is actually used, not by hype cycles. Feedback from admins running real fleets carries more weight than a trend that looks good on a slide.
That is why we frame this as direction rather than a dated contract. Priorities can shift, but the principles behind them - clarity, safety, evidence, and honest scope - are the part we intend to keep constant.
Frequently asked questions
Is this roadmap a list of guaranteed release dates?
No. It describes direction and priorities rather than fixed commitments. We share the principles that guide our planning so you can see how decisions are made.
Will CtrlOne add threat detection or antivirus features?
That is not the plan. CtrlOne stays a configuration and governance platform and remains complementary to your antivirus, EDR, and SIEM tools rather than replacing them.
How does the roadmap treat compliance?
It focuses on evidence packs and a compliance-ready posture for frameworks like HIPAA, SOC 2, and ISO 27001. CtrlOne supports your audit; it does not make you certified.
Can I influence what gets built?
Yes. Feedback from administrators running real Windows fleets is a primary input into how we prioritise work, especially around toggle clarity and safer rollouts.
See where CtrlOne is heading
Explore how CtrlOne governs Windows fleets today and where our planned work is taking configuration control next.