Phase 2
Commercial positioning
- Workflow-first homepage around CVE prioritisation.
- No-key demo with bundled RPS sample data.
- Canonical product surface, copy alignment, and roadmap publishing.
Product roadmap
DevSecure Intelligence is focused on importing vulnerability findings, enriching them with real-world signals, and returning ranked, explainable risk decisions for AppSec and security engineering teams.
Phase 2
Phase 3
Phase 4
Task 2.6 - Integrate
The first import milestone covers the scanner exports teams already have. Imported findings are normalized into CVE IDs, enriched, scored, and ranked with policy-neutral guidance.
| Source | Format | Target | Scope |
|---|---|---|---|
| Snyk | scanner export | Q3 2026 | Normalize dependency findings into CVE rows for RPS ranking. |
| Trivy | JSON export | Q3 2026 | Import container and dependency findings into the prioritisation workflow. |
| GitHub Dependabot | SARIF | Q3 2026 | Preserve source context while ranking advisories by real-world risk. |
| Checkmarx One | scanner export | Q3 2026 | Map imported vulnerability findings to CVE enrichment and priority bands. |
| Aikido | CSV | Q3 2026 | Moved from Q4 2026 into the first scanner-import milestone. |