Executive Overview
Total Issues
96
Across 6 workstreams
Open / Active
42
44% of portfolio
Completed
54
56% completion rate
Workstreams
6
2 complete ยท 2 mostly done ยท 1 active ยท 1 new
High Priority Open
19
Requires immediate attention
Unassigned
39
Need squad allocation
Portfolio Completion
56%
Done (54)
Active (42)
Workstream Health
Program Status
YELLOW
Active blockers pre-RSA
๐ Key Health Questions โ Reporting Period: Mar 12โ19, 2026
| Question | Status | Explanation |
|---|---|---|
| Is the team behind schedule? | โ ๏ธ Possible | Jira Data Center integration critical for RSA demos โ only days to fix. Agent reliability at 15%. |
| Problems preventing cycle goal? | ๐ด Yes | Jira DC auth broken (basic auth vs API token mismatch). ThreatConnect tool calls failing with validation errors. Both block Cyber workflows. |
| Foresee issues for next period? | โ ๏ธ Possible | RSA Conference (next week) will reduce engineering bandwidth. Deloitte expects RSA in-person review with fixes ready. |
| Unscheduled tasks this cycle? | ๐ด Yes | Jira DC debugging, ThreatConnect parameter investigation, SMK 1.0.3.1 release prep โ all unplanned work. |
| Have any estimates changed? | ๐ข No | โ |
| Tasks added or deleted this cycle? | ๐ด Yes | 4 new issues from Mar 17 Cyber Weekly + Jira DC and ThreatConnect escalations from today's call. |
| Technical problems encountered? | ๐ด Yes | Jira DC: auth flow assumes API token when using basic auth. ThreatConnect: MCP parameter descriptions causing validation errors. Fix may be in main but not in SMK release cut. |
| Resource problems? | โ ๏ธ Possible | Meta Global Ops fully unresourced (10 backlog items, 0 assigned). RSA week reduces available engineering. 25/25 open items across workstreams unassigned. |
โ
Accomplishments This Period Week of Mar 12โ19
| Accomplishment | Owner | Status |
|---|---|---|
| SMK system upgrade to v1.0.3.0 โ deployed to Deloitte hosted + self-managed instances | Engineering | โ Complete |
| Dashboard/Canvas agent cleanup โ auto-created agents now hidden from main list, new "Dashboard Agents" filter tab live | Aashman | โ Complete |
| DLP data scrubbing fix โ customer PII was being incorrectly scrubbed; resolved | Engineering | โ Complete |
| Feature flag management decoupled โ SMK feature flags separated from deployment-specific configuration | Engineering | โ Complete |
| Command Center now live โ visible in hosted instance and v1.0.3.0 SMK | Engineering | โ Complete |
๐ Plans for Next Period Mar 19โApr 2
| Plan | Owner | Target |
|---|---|---|
| ๐ด Fix Jira Data Center auth (CRITICAL) โ resolve basic auth vs API token mismatch for self-hosted Jira DC. Must be ready before RSA. | Engineering | ASAP / Pre-RSA |
| Investigate ThreatConnect parameter validation โ determine if fix is in main but not in release cut; if so, push SMK v1.0.3.1 | Bryan / Engineering | This week |
| RSA in-person review session โ Mo, Bryan/Nick, Kindo team meet Monday afternoon to walk through full update list | Tony / Mo Nezarati | Mon Mar 24 |
| Agent long-running reliability (Phase 1) โ context compaction, automatic retries, better error messages. Currently 15% through. | Engineering | End of March |
| SMK v1.0.3.1 release package โ includes dashboard agent cleanup + additional fixes not in v1.0.3.0 | Brandon | Pre-RSA |
| Webhook retry context preservation โ ensure workflow restarts retain original webhook trigger context (feedback from Deloitte) | Engineering | Apr |
| Streamlined one-click SMK installation โ environment validation tooling + simplified deployment process | Engineering | In progress |
๐ฏ Key Schedule Milestones
| Milestone | Target Date | Status |
|---|---|---|
| Jira DC + ThreatConnect integration fixes deployed to SMK | Mar 21 (Fri) | ๐ด At Risk |
| RSA Conference โ in-person review session with Deloitte | Mar 24 (Mon PM) | โ ๏ธ Scheduled |
| Agent reliability Phase 1 โ first capability drops | End of March | โ ๏ธ 15% |
| SMK v1.0.3.1 release to Deloitte | Pre-RSA | โ ๏ธ In Progress |
| Program dashboard ready for Deloitte leadership | Pre-RSA | โ ๏ธ In Progress |
| Agent reliability Phase 2 โ compaction + full retry | Mid-April | Planned |
| Meta Global Ops โ squad allocation & kickoff | TBD | Not Started |
๐บ Active Risks
| ID | Impact | Trend | Description | Mitigation |
|---|---|---|---|---|
| R1 | High | ๐ | RSA readiness at risk. Jira DC integration broken, needed for demos. Days remaining before RSA. | Engineering prioritizing Jira fix above all else. Fallback: demo on hosted instance only. |
| R2 | High | โก๏ธ | Missing Exhibits D & E in contract. No formal product spec or roadmap exhibit. Verbal commitments could be argued as enforceable scope. | Establish docs.kindo.ai as de facto Exhibit D. Frame requirements sessions around doc baseline. |
| R3 | Med | ๐ | Agent reliability below Deloitte expectations. Agents quit during long tasks. Timeout Band-Aids applied; root cause fix at 15%. | Phase 1 drops end of March. Context compaction + retries + better error reporting. |
| R4 | Med | โก๏ธ | Release cut lag. Fixes merged to main may not be in SMK release. ThreatConnect fix potentially in this gap. | v1.0.3.1 release being prepared. Need clearer release-to-SMK pipeline. |
| R5 | Med | โก๏ธ | Meta Global Ops fully unresourced. 10 backlog items, 4 high-priority, zero squad allocated. | Defer until post-RSA. Allocate squad in next Program Planning cycle. |
๐จ Key Issues
| ID | Description | Status | Owner | Due Date |
|---|---|---|---|---|
| I1 | Jira Data Center auth broken โ basic auth flow incorrectly requests API token. Deloitte unable to access self-hosted Jira DC at all. "Extremely critical" per Deloitte. | OPEN | Engineering | ASAP (Pre-RSA) |
| I2 | ThreatConnect MCP tool call failures โ validation errors on parameters. 6+ retries before a successful call. MCP descriptions may be unclear. Possible fix in main not in SMK release. | INVESTIGATING | Bryan | This week |
| I3 | Okta integration bug (ENG-8639) โ partial/no data, "Client association GWT kit is invalid" error. Blocks Okta write tools (ENG-8795). | OPEN | Unassigned | TBD |
| I4 | ServiceNow OAuth2 (ENG-8794) โ OAuth2 connection fails while REST API works. | OPEN | Unassigned | TBD |
| I5 | SMK v1.0.3.1 not yet released โ dashboard agent cleanup and potentially ThreatConnect fix not in customers' instances. | IN PROGRESS | Brandon | Pre-RSA |
๐ Key Decisions
| ID | Decision | Decision Maker | Date |
|---|---|---|---|
| D1 | Jira DC fix is #1 priority above all other work โ must be ready for RSA | Deloitte (Mo/Matthew) | Mar 19 |
| D2 | RSA in-person review scheduled Monday afternoon โ full update walkthrough with Mo, Bryan/Nick | Tony / Mo | Mar 19 |
| D3 | ThreatConnect โ Bryan to follow up via email with PR analysis (is fix in release or not?) | Bryan Vann | Mar 19 |
| D4 | Webhook retry must preserve original trigger context (Deloitte feedback โ accepted as enhancement) | Tony / Bryan | Mar 19 |
| D5 | Agent reliability Phase 1 target: end of March; iterative drops after that | Engineering | Mar 19 |
๐ Most Recent Call: Deloitte Cyber Weekly โ Mar 19, 2026
Kindo Attendees
Charlie Hulcher, Aashman, Tony Wong, Bryan Vann, Mo Nezarati, Joana Dias
Deloitte Attendees
Matthew
๐ด CRITICAL: Jira Data Center integration completely broken โ auth flow requests API token when using basic auth for self-hosted Jira DC. Credentials confirmed working. Deloitte: "Extremely critical โ number one priority. Needed for RSA." Screenshot captured.
โ ๏ธ DEGRADED: ThreatConnect MCP tool calls failing โ 6+ validation error retries before a successful call. May be fixed in main but not in current SMK release. Bryan to follow up via email with PR analysis.
๐
RSA MEETING PLANNED: Monday afternoon at RSA โ Mo arrives SF ~10AM from Toronto, available after ~12PM. Bryan + Nick to join. Full update walkthrough in person.
โ
DELIVERED: SMK v1.0.3.0 upgrade, Command Center live, dashboard agent cleanup (Mar 16), DLP scrubbing fix, feature flag decoupling. Some items need v1.0.3.1 for SMK instances.
๐ก FEEDBACK CAPTURED: Workflow restart doesn't preserve webhook trigger context โ accepted as enhancement. Per-step retry (not just full restart) requested for hard failures.
๐ Changes Since 2026-03-17 4 new issues
| Issue | Title | Type | Source |
|---|---|---|---|
| ENG-8792 | API action step: Dynamic input mode fails to resolve variables from prior workflow steps | ๐ด Bug | Mar 17 Cyber Weekly |
| ENG-8793 | Workflow list: Add ability to filter workflows by creator | ๐ก Feature | Mar 17 Cyber Weekly |
| ENG-8794 | ServiceNow integration: OAuth2 connection fails while REST API works | ๐ด Bug | Mar 17 Cyber Weekly |
| ENG-8795 | Expand Okta integration with write/create action tools | ๐ด Feature | Mar 17 Cyber Weekly |
๐งญ Strategic Discussion Guide โ Key Decisions for Stakeholders
1. Canvas: Tactical Fixes vs. Strategic Rebuild
Decision Required
Canvas is the #1 request category from Deloitte and is blocking SOC production deployment. Current JSON-based architecture has a hard ceiling. Three investment paths to evaluate:
Path A: Tactical Fixes
URL params, navigation, filters. Unblocks SOC short-term. Doesn't solve escalation cycle.
URL params, navigation, filters. Unblocks SOC short-term. Doesn't solve escalation cycle.
Path B: Kindo API
Expose API for Deloitte to build custom UIs. Relatively easy. Shifts UI burden to customer.
Expose API for Deloitte to build custom UIs. Relatively easy. Shifts UI burden to customer.
Path C: Generative UI
v0/Lovable-style system. ~90 days R&D. Solves the problem permanently. Quarter-sized investment.
v0/Lovable-style system. ~90 days R&D. Solves the problem permanently. Quarter-sized investment.
2. Agent Reliability: Timeline & Expectations
Alignment Needed
Deloitte expects agents that run for hours reliably. Currently at 15% progress โ first drops end of March, full reliability mid-April+. Need to align on: what "reliable" means for each team, acceptable failure modes, and interim workarounds. Deloitte feedback on retry behavior and webhook context preservation already captured.
3. RSA Readiness: Jira DC is a Blocker
Urgent
Jira Data Center integration is completely broken and is Deloitte's #1 critical issue โ needed for RSA demos. Monday afternoon in-person session planned (Mo + Bryan/Nick + Kindo team). ThreatConnect also degraded. SMK v1.0.3.1 release needed before RSA.
4. Integration Priority Ranking
Input Requested
5 integration streams competing for engineering bandwidth: Jira DC (broken), ThreatConnect (degraded), ServiceNow + SAP (not started), SailPoint & Okta (bugs). Deloitte wants to discuss prioritization at RSA. Stakeholder input needed to sequence these.
5. Meta Global Ops: Resource Allocation
Not Started
10-issue automated QA testing platform for Meta via Deloitte โ entirely unresourced. 4 high-priority items including RACI plan. Needs squad allocation and Deloitte kickoff before any work begins. Decision: priority vs. existing workstreams?
๐ Previous Call Context (2026-03-18)
- โธ Discussion focused on internal Deloitte infra friction โ K8s environment differences not fully understood internally
- โธ NGINX ingress deprecation referenced by Deloitte, but Kindo ships AWS ALB (not the same thing, per Marcos)
- โธ Amazon Bedrock model catalog โ some models require preliminary customer steps to enable access
Workstreams
๐ก๏ธ Cyber / Adelina Squad
workstream:cyber-adelina
33% complete14 of 43
29
Open
14
Done
27
Cancelled
Squad: CharlieAashmanMadisonDoinkBrandon
๐ IAM / Johnson & Johnson
workstream:iam-jnj
91% complete21 of 23
2
Open
21
Done
12
Cancelled
Squad: YashAashmanSeanCharlie
๐ IAM POC (SailPoint / Entra)
workstream:iam-poc
90% complete9 of 10
1
Open
9
Done
1
Cancelled
Squad: AashmanSeanDevon
๐ข ERP Security (SAP)
workstream:erp-security
100% complete7 of 7
0
Open
7
Done
2
Cancelled
Squad: SeanHannahAmanda
๐ NetOps (Cisco)
workstream:netops
100% complete3 of 3
0
Open
3
Done
3
Cancelled
Squad: Charlie
๐ Meta Global Ops
workstream:meta-global-ops
0% complete0 of 10
10
Backlog
0
Done
0
Cancelled
Squad: Unassigned
Strategic Project View
Projects group related work across workstreams. This view helps stakeholders understand scope, strategic impact, and cross-cutting dependencies โ not just individual tickets.
Active Projects
9
+ 2 completed
Large Scope
2
Canvas + Meta QA
Medium Scope
3
Reliability ยท Extensions ยท Multi-Agent
Small / Focused
4
SMK ยท API ยท GitOps ยท Auth
๐ผ๏ธ
Canvas Production Readiness
6 active ยท 1 done
LARGE SCOPE
In Progress
Strategic Context: Transform Canvas from an internal tool into a production-grade end-user interface for Deloitte. Canvas is the primary surface Deloitte's teams interact with daily โ and it's currently blocking production deployment for the SOC.
๐ฃ๏ธ Customer Voice โ What Deloitte Is Asking For
1. Show Kindo agent data in Canvas โ Matthew wants Canvas to display data about what agents are running, their status, and project-related information. Essentially showing Kindo agent data as tool data in dashboards.
2. Navigation between Canvas dashboards โ Matthew wants linking between different dashboards, menus, navigation โ an interconnected experience, not isolated views.
3. URL parameters for drill-down โ "Right now, if I wanted to push this to production for our SOC, I can't do that unless I have those URL parameters." Click one dashboard โ opens another with filter context. This is the #1 production blocker.
4. More interactive web app capability โ Deloitte leadership "don't love the current UI experience." If Canvas can't deliver sufficient interactivity, they will build their own UI. The IAM team is already considering this. This affects every workstream at Deloitte, not just Cyber.
โ ๏ธ Pattern Problem & Architectural Limit
Escalation cycle: Every time a Canvas request is fulfilled, the next one comes immediately. Endless escalation on a limited architecture.
Architecture ceiling: Current Canvas is JSON dashboards โ not infinitely scalable. Stacking features on this architecture has a hard ceiling.
๐ฎ Strategic Path Forward
Real solution: Build a v0/Lovable/Replit-style generative UI system โ estimated as a quarter-sized initiative (~90 days R&D) to reach operational confidence.
Agreed tactical approach: Ship immediate Canvas fixes now (URL params, navigation) + offer a Kindo API (relatively easy). Position generative UI as a 2026 roadmap item without committing to a specific timeline.
Impacts: All Deloitte teams (cross-workstream)
Dependencies: Chat Actions Public API (for Kindo API path)
Stakeholder Input Needed: Priority ranking of tactical fixes, acceptance of generative UI timeline, whether to invest in Kindo API as interim
โถ Show issues
| Issue | Title | Priority | State |
|---|---|---|---|
| ENG-8509 | Interactive web page UI functionality for canvases | ๐ด High | Backlog |
| ENG-8860 | URL parameters for drill-down navigation | โ | Triage |
| ENG-8598 | Canvas editor: filters + multi-page navigation without JSON editing | ๐ก Med | Backlog |
| ENG-8057 | Implement observability for canvas | ๐ก Med | Backlog |
| ENG-8563 | Dashboard sharing for authorized recipients | โ | Backlog |
| ENG-8514 | Mermaid graph/diagram support in canvas markdown | โ | Backlog |
| ENG-7580 | Audit log everything in dashboards | โ | Backlog |
๐
Chat / Agent Long-Running Reliability
3 active
MEDIUM SCOPE
Critical Path
Strategic Context: Deloitte's core use case requires agents that run reliably for hours. Today, agents quit due to context overflow, timeouts, and unrecoverable failures. Currently 15% through โ first drops expected end of March.
๐ฃ๏ธ Customer Voice โ What Deloitte Is Experiencing
Agents quit mid-task โ agents stop after hitting timeouts or unspecified failures. Initial timeout increases were a "Band-Aid." Deloitte needs agents that work for hours on complex tasks.
Uninformative error states โ "Red boxes that don't give any real information about what's happening." When agents fail, users have no way to understand why or what to do next.
No per-step retry โ if an agent hard-fails mid-run, the only option is restarting the entire workflow. Deloitte requested a "retry this step" button for unrecoverable automatic failures.
Webhook restart loses context โ "The retry does not work if it's a web trigger. It won't pull in the same context from the webhook." Restarts lose the original triggering data.
No visibility into intermediate steps โ "We don't know the results of step 2 or step 3 of a 5-step agent." Need to see/analyze results from each individual step.
Impacts: Cyber/Adelina (primary), all workflow users
Timeline: Phase 1 end of March, iterative drops after
Stakeholder Input Needed: Acceptable failure modes, retry vs. restart preferences, minimum session duration requirements
โถ Show issues
| Issue | Title | Priority | State |
|---|---|---|---|
| ENG-8859 | Workflow restart doesn't preserve webhook trigger context | โ | Triage |
| ENG-8511 | Selective data flow between model context windows ("Plan Mode") | โ | Todo |
| ENG-8502 | Conversation compaction (continuous conversation) | โ | Todo |
๐
Deloitte Platform Extensions
5 active
MEDIUM SCOPE
In Progress
Strategic Context: New integrations and platform capabilities requested specifically by Deloitte. Each extension expands what Deloitte teams can automate in their security and identity workflows.
๐ฃ๏ธ Customer Voice โ Integration Needs
๐ด Jira Data Center (CRITICAL) โ completely broken after recent deployment. Auth flow requests API token when using basic auth for self-hosted Jira DC. "Number one critical โ we definitely need to get fixed ASAP. Needed for RSA."
โ ๏ธ ThreatConnect (degraded) โ connects but 6+ validation error retries per successful call. MCP parameter descriptions may be unclear to the agent. "I'm limping along with it." Possible fix in main but not in SMK release cut.
ServiceNow + SAP โ connectivity needed for test systems. ServiceNow OAuth2 fails while REST works. SAP needs JCo/RFC connectivity.
SailPoint & Okta โ Okta shows partial/no data with "GWT kit invalid" error. Deloitte sending full list of SailPoint write ops they need.
Version confusion โ "Is there a way to see what version of the integration we have?" Deloitte doesn't know whether fixes in main are in their instance.
Impacts: Cyber (Jira, ThreatConnect), IAM (ServiceNow, SailPoint, Okta), all teams (JSON output)
Dependencies: SMK release pipeline (fixes in main vs. deployed)
Stakeholder Input Needed: Integration priority ranking, test system access for ServiceNow/SAP, Okta write ops scope
โถ Show issues
| Issue | Title | Priority | State |
|---|---|---|---|
| ENG-8794 | ServiceNow OAuth2 connection fails | ๐ด High | Backlog |
| ENG-8863 | ThreatConnect MCP parameter validation errors | โ | Triage |
| ENG-8463 | BYO Embeddings (Pinecone) | โ | Backlog |
| ENG-8233 | Delete deprecated CrowdStrike standalone MCP | ๐ข Low | Backlog |
| ENG-7911 | Structured JSON Output (JSON Schema Enforcement) | โ | Backlog |
๐ฆ
Efficient SMK Install
2 active ยท both ๐ด High
SMALL SCOPE
HIGH URGENCY
Strategic Context: Streamlining the self-managed Kindo (SMK) deployment experience. Critical for scaling to 7 planned SMK deployments across Deloitte teams.
๐ฃ๏ธ Customer Voice
Installation friction โ initial deployments had many slowdowns: environments not set up, prerequisites not tested, multiple manual steps. "It always looks good when we come in, push a button, and it works."
Privacy / AI policy compliance โ Adelina's team requires users to sign on and acknowledge Deloitte's AI use policy before accessing the system. Must be configurable per deployment.
Agent portability โ need to import agents between Kindo installations so configurations don't have to be recreated manually for each SMK instance.
Impacts: All SMK deployments (7 planned)
Stakeholder Input Needed: Privacy notice requirements per deployment, agent export/import scope, environment pre-validation checklist
โถ Show issues
| Issue | Title | Priority | State |
|---|---|---|---|
| ENG-8596 | Configurable privacy notice flow for whitelabelled deployments | ๐ด High | Todo |
| ENG-7913 | Import Agents between Kindo installations | ๐ด High | Backlog |
๐ค
Multi-Agent Orchestration
2 active
MEDIUM SCOPE
Future / Strategic
Strategic Context: Enable agents to trigger and coordinate other agents โ a prerequisite for complex multi-step workflows. This is a platform capability that will unlock new use cases across all Deloitte workstreams. Currently in research/backlog phase.
Impacts: All workstreams (platform capability)
Dependencies: Chat/Agent Reliability must stabilize first
Stakeholder Input Needed: Priority use cases for multi-agent workflows, acceptable latency
โถ Show issues
| Issue | Title | Priority | State |
|---|---|---|---|
| ENG-7910 | "Agent Trigger" Type & Inter-Agent Orchestration Lifecycle | โ | Backlog |
| ENG-6801 | Hatchet flow control & multi-agent tool research | โ | Backlog |
๐
Chat Actions Public API
1 active
SMALL SCOPE
New
Strategic Context: Public API with streaming support for custom UI integrations. Enables Deloitte to build bespoke interfaces on top of Kindo's agent infrastructure.
๐ฃ๏ธ Customer Voice
Streaming API โ currently must poll run IDs repeatedly with no idea how long to wait. Need real-time streaming to see results step-by-step as agents work.
Ephemeral tool calls โ today, to do any dynamic tool calling, they must create a full agent. Need the ability to trigger tool calls without agent creation โ from Canvas or scripts.
Kindo API as Canvas interim โ agreed as a tactical path: offer a Kindo API (relatively easy to build) so Deloitte can build custom UIs while generative UI is on the roadmap.
Impacts: All teams โ enables custom UI path, unblocks Canvas limitations
Stakeholder Input Needed: API scope requirements, streaming vs. polling preference, authentication model
โถ Show issues
| Issue | Title | Priority | State |
|---|---|---|---|
| ENG-8861 | Agents API: streaming support for real-time results | โ | Triage |
๐
Agent Version Control
1 active
SMALL SCOPE
Future
Strategic Context: GitOps workflow for agents and canvases โ version control, collaboration, and rollback. Critical for enterprise governance as Deloitte teams scale agent usage across multiple teams and deployments.
โถ Show issues
| Issue | Title | Priority | State |
|---|---|---|---|
| ENG-8512 | GitOps for agents and canvases โ version control & collaboration | โ | Backlog |
๐
Auth & Session Hardening
1 active
SMALL SCOPE
Backlog
Strategic Context: Session timeout and authentication hardening. Enterprise requirement for security compliance in Deloitte's environment.
โถ Show issues
| Issue | Title | Priority | State |
|---|---|---|---|
| ENG-6440 | 48-hour session timeout | โ | Backlog |
๐
Meta Global Ops โ Automated QA Testing Platform
10 active ยท 0 assigned ยท all backlog
LARGE SCOPE
Not Started
Strategic Context: Build an automated QA testing platform for Meta via Deloitte. New engagement with significant scope โ browser automation, mobile testing, visual comparison, ticketing integrations. Entirely unresourced. Requires RACI definition and phased engagement plan before work can begin.
Impacts: New revenue stream via Deloitte
Prerequisites: RACI plan, squad allocation, Deloitte kickoff
Stakeholder Input Needed: Priority vs. other workstreams, resource allocation, timeline expectations
โถ Show issues
| Issue | Title | Priority | State |
|---|---|---|---|
| ENG-8472 | RACI & Phased Engagement Plan with Deloitte | ๐ด High | Backlog |
| ENG-8469 | 2FA & Identity Flow Workarounds | ๐ด High | Backlog |
| ENG-8466 | Screenshot / Visual Comparison Engine | ๐ด High | Backlog |
| ENG-8465 | Web Flow Hardening & Demo Polish | ๐ด High | Backlog |
| ENG-8471 | Performance, Scale, and Reliability at Meta Scale | ๐ก Med | Backlog |
| ENG-8467 | Mobile Browser Emulation | ๐ก Med | Backlog |
| ENG-8470 | Messaging & Ticketing Integrations (Google Chat, Salesforce) | ๐ก Med | Backlog |
| ENG-8468 | Full Mobile App Testing via Device Farm Partner | ๐ข Low | Backlog |
| ENG-8317 | Browser output visibility in product โ live sidebar viewport | โ | Backlog |
| ENG-8056 | Implement Chromium for Browser Use in Sandbox Pod | โ | Backlog |
โ
Release 2026.03.0
SMK integration validation, PII cleanup, SMK Installer โ all shipped.
โ
Scalable Integrations
Microsoft Defender MCP + Microsoft Graph Alerts โ both delivered.
All Open Issues
๐ก๏ธ Cyber / Adelina โ Open Issues 29
| Issue | Title | State | Priority | Assignee |
|---|---|---|---|---|
| ENG-8597 | Command Center: collaborative alert triage workflow | Triage | ๐ด High | โ |
| ENG-8795 | Expand Okta integration with write/create action tools | Triage | ๐ด High | โ |
| ENG-8792 | API action step: Dynamic input fails to resolve variables | Triage | ๐ด High | โ |
| ENG-8640 | Expand SailPoint ISC tool coverage | Triage | ๐ด High | โ |
| ENG-8639 | Okta integration bug: partial/no data, disconnected state | Triage | ๐ด High | โ |
| ENG-8596 | Add configurable privacy notice flow for whitelabelled deployments | Todo | ๐ด High | โ |
| ENG-8721 | ThreatConnect Integration | Todo | ๐ด High | Aashman |
| ENG-8425 | Get ServiceNow and SAP connectivity working with test systems | Todo | ๐ด High | โ |
| ENG-8744 | Docs site gaps: workflow tutorial, cyber walkthroughs, memory patterns | Confirming | ๐ด High | Doink |
| ENG-8509 | Interactive web page UI functionality for canvases | Backlog | ๐ด High | โ |
| ENG-7913 | Import Agents between Kindo installations | Backlog | ๐ด High | โ |
| ENG-8732 | Release package 2026.03.1 (Opus 4.6 + GPT OSS 120) | Backlog | ๐ด High | Brandon |
| ENG-8730 | Model management: delete/modify models without direct DB access | Backlog | ๐ด High | โ |
| ENG-8729 | SMK system status verification endpoint | Backlog | ๐ด High | โ |
| ENG-8793 | Workflow list: Add ability to filter workflows by creator | Triage | ๐ก Med | โ |
| ENG-8598 | Canvas editor: filters and multi-page navigation without JSON editing | Backlog | ๐ก Med | โ |
| ENG-8423 | Canvas: Production-ready primary end-user UI mode with hierarchical nav | Backlog | ๐ก Med | โ |
| ENG-8057 | Implement observability for canvas | Backlog | ๐ก Med | โ |
| ENG-8563 | Add dashboard sharing for authorized recipients | Backlog | ๐ก Med | โ |
| ENG-8424 | Native prompt saving and management | Backlog | ๐ข Low | โ |
| ENG-8233 | Delete deprecated standalone CrowdStrike Falcon MCP server | Backlog | ๐ข Low | โ |
| ENG-8463 | BYO Embeddings: Allow custom OpenAI-compatible embeddings endpoint | Backlog | ๐ข Low | โ |
| ENG-8511 | Selective data flow control between model context windows | Todo | โ | โ |
| ENG-8514 | Mermaid graph/diagram support in canvas markdown | Backlog | โ | โ |
| ENG-8513 | MITRE ATT&CK tool integration | Backlog | โ | โ |
| ENG-8512 | GitOps approach for agents & canvases โ version control & collab | Backlog | โ | โ |
| ENG-8319 | Sub-agent execution support โ first-class agent-triggers-agent | Backlog | โ | โ |
| ENG-7911 | Structured JSON Output (JSON Schema Enforcement) | Backlog | โ | โ |
| ENG-7910 | "Agent Trigger" Type & Inter-Agent Orchestration Lifecycle | Backlog | โ | โ |
๐ IAM / J&J โ Open Issues 2
| Issue | Title | State | Priority | Assignee |
|---|---|---|---|---|
| ENG-7580 | Audit Log Everything in Dashboards | Backlog | โ | โ |
| ENG-6801 | Hatchet flow control & multi-agent tool research | Backlog | โ | โ |
๐ IAM POC โ Open Issues 1
| Issue | Title | State | Priority | Assignee |
|---|---|---|---|---|
| ENG-8794 | ServiceNow integration: OAuth2 connection fails while REST API works | Triage | ๐ด High | โ |
๐ Meta Global Ops โ All Issues (Backlog) 10
| Issue | Title | State | Priority | Assignee |
|---|---|---|---|---|
| ENG-8472 | RACI & Phased Engagement Plan with Deloitte | Backlog | ๐ด High | โ |
| ENG-8469 | 2FA & Identity Flow Workarounds | Backlog | ๐ด High | โ |
| ENG-8466 | Screenshot / Visual Comparison Engine | Backlog | ๐ด High | โ |
| ENG-8465 | Web Flow Hardening & Demo Polish | Backlog | ๐ด High | โ |
| ENG-8471 | Performance, Scale, and Reliability at Meta Scale | Backlog | ๐ก Med | โ |
| ENG-8467 | Mobile Browser Emulation | Backlog | ๐ก Med | โ |
| ENG-8470 | Messaging & Ticketing Integrations (Google Chat, Salesforce) | Backlog | ๐ก Med | โ |
| ENG-8468 | Full Mobile App Testing via Device Farm Partner | Backlog | ๐ข Low | โ |
| ENG-8317 | Browser output visibility in product โ live sidebar viewport | Backlog | โ | โ |
| ENG-8056 | Implement Chromium for Browser Use in Sandbox Pod | Backlog | โ | โ |
Delivery Cadence โ Two-Week Team Cycle
๐ฆ Week 1 โ BUILD
TUESDAY
Requirements Day (Human Touchpoint)
8:00 AM โ Adelina (90 min)
9:45 AM โ Cyber (90 min)
11:30 AM โ J&J (90 min)
1:30 PM โ Meta (90 min)
Each: Deliver โ Gather โ Deep Dive โ Scope Triage โ Commit
9:45 AM โ Cyber (90 min)
11:30 AM โ J&J (90 min)
1:30 PM โ Meta (90 min)
Each: Deliver โ Gather โ Deep Dive โ Scope Triage โ Commit
TUE PM โ WED
๐ค Agentic Sprint Execution
Requirements โ Akira pipeline โ 3 parallel squads
12 sprints per release in ~6.5 hours
60-min sprint cycles: Req โ Arch โ Build โ Test โ Ship
12 sprints per release in ~6.5 hours
60-min sprint cycles: Req โ Arch โ Build โ Test โ Ship
THU โ FRI
๐ง Human Review Gates
Quality review ยท Edge cases ยท Staging verification ยท Evidence packages
FRIDAY
๐ Status Report #1 โ Each Team
Staging links ยท Demo recordings ยท Visual progress ยท Blockers w/ mitigation
โจ Week 2 โ HOLD & POLISH
MON โ THU
Release Complete
Polish ยท Document ยท Prep demos ยท Address review findings ยท Prep delivery presentation for Tuesday
FRIDAY
๐ Status Report #2 โ Each Team
Release-ready summary with staging links ยท Preview of Tuesday delivery
NEXT TUE
๐ Deliver + New Intake (Cycle Repeats)
Full release cycle = equivalent of 4-5 traditional sprints, delivered every 2 weeks
Intake
Day 1
Tuesday
Agentic Build
~6.5h
12 sprints
Human Review
+2 days
Thu โ Fri
Release Ready
Day 5
Friday
Delivery
Day 15
Next Tuesday
Monthly Program Management Overlay
๐๏ธ Week 1 โ Cycle A Build
MONDAY
Program Planning (Internal)
Unified backlog review ยท Cross-team prioritization ยท Contract scope governance ยท Capacity allocation
TUESDAY
Requirements Intake (Cycle A)
All 4 teams back-to-back + Deliver Cycle B results
FRIDAY
Status Reports + Program Check-in
Story prioritization ยท Issue/blocker list ยท Scope triage results
๐๏ธ Week 3 โ Cycle B Build
TUESDAY
Requirements Intake (Cycle B)
All 4 teams + Deliver Cycle A results
WEDNESDAY
Reality Check (Internal)
Staging review ยท Progress to monthly goals ยท Time/cost/scope assessment ยท Cross-team adjustments
FRIDAY
Status Reports + Program Check-in
๐๏ธ Week 4 โ Monthly Review
THURSDAY
Monthly Program Review & Re-Assessment
Cycle results across all 4 teams ยท Unified backlog re-prioritization ยท Contract scope audit ยท Dependencies reassessed ยท Velocity trends ยท Pod 2 sync
FRIDAY
Portfolio Summary โ Deloitte Leadership
Roll-up to Vikram, Kush, Arun
Scope Governance
๐
Bug / Defect
Software doesn't function per docs.kindo.ai
โ Support ticket โ SLA response
Sev1: 4hr ยท Sev2: 1 business day
Sev1: 4hr ยท Sev2: 1 business day
Covered by $500K/yr support fee
โ
In-Scope Feature
Functionality documented or implied by docs.kindo.ai
โ Build in current cycle
โ Deliver next Tuesday
โ Deliver next Tuesday
Covered by $5M/yr license
๐ซ
Out-of-Scope / Bespoke
Functionality NOT in docs.kindo.ai or product roadmap
โ Flag for SOW negotiation
โ Additional Services amendment
โ Additional Services amendment
Separate SOW / rate card
๐ Scope Authority: docs.kindo.ai
The reference contract defines the product by its Documentation. For the Deloitte engagement, docs.kindo.ai serves as the canonical baseline.
Every requirement is triaged against this baseline:
Deloitte Request
โ
Diff vs docs.kindo.ai
โ
Bug
In-Scope
Out-of-Scope
โ ๏ธ Risk: Missing Exhibits D & E
Without Exhibit D (product spec) and Exhibit E (roadmap), verbal commitments from demos/sales could be argued as enforceable scope. Mitigation: Establish docs.kindo.ai as the de facto Exhibit D.
Without Exhibit D (product spec) and Exhibit E (roadmap), verbal commitments from demos/sales could be argued as enforceable scope. Mitigation: Establish docs.kindo.ai as the de facto Exhibit D.
๐ง Human Decision Gates
| Gate | Who Decides | When | Scope |
|---|---|---|---|
| ๐ง Scope Commitment | Deloitte team | Tuesday requirements session | Approves what they want built |
| ๐ง Sprint Approval | Kindo (Tony/Charlie) | Tuesday PM (internal) | Reviews sprint plan before agents execute |
| ๐ง Evidence Review | Kindo (Tony/Charlie) | ThursdayโFriday | Verifies delivered work before staging |
| ๐ง Scope Triage | Tony | Gray zone requests | Build vs. flag for SOW |
| ๐ง Monthly Re-prioritization | Kindo leadership | Week 4 Thursday | Unified backlog adjustment |
Team & Stakeholders
๐ข Deloitte
VikramSenior Leadership
KushSenior Leadership
ArunProgram Leadership
MatthewCyber / Adelina Squad
Adelina SquadTeam Leads TBD
J&J SquadTeam Leads TBD
Meta SquadTeam Leads TBD
โก Kindo
Tony WongChief Delivery Officer
Mo NezaratiEngagement Lead
Charlie HulcherEngineering
Joana DiasProgram Support
Mathew VargheseCRO
AkiraAI Program Manager
BurkeAI Engineering
๐ง Engineering Squad
AashmanPrimary IC โ dashboards, canvas, MCP, integrations
MadisonCrowdStrike, ThreatConnect
Yash KothariIAM J&J dashboards
Sean WalkerSAP, SailPoint, IAM
Devon PeroutkyIAM POC, Entra AD
HannahSAP ODATA
AmandaSAP user validation
Brandon CSMK validation, release packages
Doink (kinDOS)Docs site, call transcript processing
MarcosInfrastructure (ALB, K8s)
โฑ๏ธ Time Commitments
Deloitte Teams (per team)
Requirements Intake + Delivery Review90 min ร 2/mo
Friday Status Report (read + click)~10 min ร 4/mo
Total per team~3.5 hrs/month
Deloitte Leadership
Monthly Portfolio Summary (async read)~20 min
Monthly Review Discussion (optional)30โ60 min
Total~1 hr/month
Tony's Time
Program Planning2 hrs
Requirements Intake (4 teams ร 90 min ร 2)12 hrs
Friday Program Check-ins2 hrs
Reality Check1.5 hrs
Monthly Program Review2 hrs
Total~19.5 hrs/month
Risks & Blockers
Missing Exhibits D & E in Contract
Without product specification (D) and roadmap (E), verbal commitments from demos/sales calls could be argued as enforceable scope. Biggest scope governance risk.
Critical RiskOkta Integration Bug (ENG-8639)
Partial/no data, disconnected state โ "Client association GWT kit is invalid" error. Blocks ENG-8795 (Okta write tools, explicit Deloitte request).
BlockerServiceNow OAuth2 Bug (ENG-8794)
OAuth2 connection fails while REST API works. Related to broader ServiceNow/SAP connectivity (ENG-8425, ENG-8304).
BlockerMeta Global Ops โ Fully Unresourced
10 issues, all in backlog, zero assigned. 4 high-priority items (RACI plan, 2FA workarounds, screenshot engine, web flow hardening). No squad allocated.
Capacity RiskDeloitte K8s Environment Confusion
From today's call: Deloitte doesn't fully understand differences in their own K8s environments. NGINX ingress vs AWS ALB confusion. May cause deployment friction.
Infra RiskAmazon Bedrock Access Prerequisites
Some Bedrock models require preliminary customer steps to enable access. Deloitte may not have completed these.
Dependency~25 Unassigned Open Issues
Significant portion of open portfolio has no squad allocation. Particularly acute for Cyber (12 open, many unassigned) and all cross-workstream items.
Capacity Risk๐ Key Dependencies
| Dependency | Blocks | Status |
|---|---|---|
| Okta connection bug fix (ENG-8639) | ENG-8795 (Okta write tools) | In Triage |
| SMK release package (ENG-8732) | 7 SMK deployments | In Progress |
| SailPoint write ops (email from Deloitte) | ENG-8640 (SailPoint expansion) | Waiting |
| Deloitte Bedrock access setup | Model catalog availability | TBD |
| Docs site gaps (ENG-8744) | Scope baseline (docs.kindo.ai as Exhibit D) | Confirming |
๐ก Integration Signals (Reconfirmed)
| Integration | Issue | Status | Notes |
|---|---|---|---|
| Workday | AGE-149 | Requested | Reconfirmed as requested capability |
| Oracle | ENG-6612 | Requested | Reconfirmed โ on-prem + cloud support required |
Program Structure โ The Two-Pod Engine
AKIRA โ AI PROGRAM MANAGER
Decomposes requirements into executable sprint campaigns ยท Human oversight at every gate
Pod 1: Kingdom Portfolio & Program Management
Fulfills the Deloitte contract
- 4 Deloitte teams (Adelina, Cyber, J&J, Meta)
- 7 SMK deployments
- Requirement triage & client delivery
- Scope governance against docs.kindo.ai
- 3 parallel squads, 60-min sprint cycles
- 12 sprints/release in ~6.5 hours
Pod 2: Akira Autonomous Product Development
Builds Akira into the Kindo product
- Build Akira into Kindo platform
- New product surfaces
- Platform capabilities
- The engine IS the product
- Continuous delivery
- Contract learnings feed into product
๐ก Key Insight
Pod 1 delivers the Kingdom contract. Pod 2 builds Akira into the Kindo product. They share the same agentic architecture, sprint mechanics, and oversight model. What we build for Deloitte proves what we sell to the next 100 customers.
Operational Burn Reduction
70-80%
Lower vs. traditional delivery
Sprint Velocity
12
Sprints per release in ~6.5 hrs
Equivalent Traditional Pace
4-5ร
Sprint scope compressed to 2 weeks
๐ Implementation Phases
Phase 0: Pre-RSA (Now โ RSA)
โ Matthew warm-intro email ยท โ Prepare program dashboard ยท โ Lock docs.kindo.ai as scope baseline ยท โ Prepare RSA walkthrough materials
Phase 1: First Cycle (Post-RSA, ~1 week after)
First Tuesday requirements intake with all 4 teams ยท Run delivery manually โ Burke builds, Tony reviews ยท Generate first Friday status reports ยท Validate cadence with real requirements
Phase 2: Cadence Established (Cycles 2-3)
Semi-automated Reality Check and status reports ยท Scope triage process validated ยท Monthly Program Review produces first Cycle Results ยท Pod 2 feeds contract learnings into product
Phase 3: Full Engine (Cycle 4+)
Fully automated status, tracking, sprint execution ยท Humans attend only decision gates ยท Portfolio governance on live data ยท The engine that delivers Deloitte becomes the product demo for 100 more
๐ญ What Deloitte Sees vs. What Actually Happens
| What Deloitte Sees | What Actually Happens |
|---|---|
| "We have a structured delivery team" | 2 Mini-CEO Pods, 3 parallel squads, AI program management |
| "Requirements captured Tuesday, delivered next Tuesday" | 12 agentic sprints in 6.5 hours, held for human review |
| "Weekly status with staging links" | Auto-generated from pipeline state, not manually compiled |
| "Monthly portfolio view across all teams" | Akira synthesizes cross-team status in real-time |
| "Requests triaged against documented capabilities" | Automated diff against docs.kindo.ai, contract-aware scope governance |
| "Startup speed with enterprise rigor" | 70-80% lower operational burn, dual-pod engine |