What PatchPilot is building next

Native macOS agent: Homebrew + softwareupdate patching, full compliance evidence, FileVault escrow (BitLocker-equivalent), remote terminal. Full feature parity with Windows where Apple APIs allow.

Mobile device inventory, OS version tracking, and basic policy enforcement (screen lock, encryption state). Lightweight — not a full MDM. Full MDM management commands ship Q2 2027 once this foundation is in place.

Pre-built control mapping and evidence template specifically for NHS Data Security & Protection Toolkit submissions. One-click PDF for your DSPT assessment officer. No other RMM vendor has a native DSPT pack — it's currently a manual spreadsheet exercise.

v1 ships network discovery and topology graph. v1.1 adds full SNMP polling: live device metrics — uptime, port utilisation, bandwidth — plus SNMP trap ingestion. Switch and router visibility alongside your endpoint data in one pane.

Compliance evidence pack generation, ransomware tripwire, and full baseline comparison ship on Linux in v1.1. The v1 Linux agent covers patching, posture, shell commands, and run_script. v1.1 closes the remaining gap with Windows.

Bitdefender, CrowdStrike, and SentinelOne alert feeds surfaced in the PatchPilot dashboard. Status sync, alert triage, correlated CVE view. Surfaces your EDR data alongside patch and posture — doesn't replace it.

Exchange, SharePoint, and OneDrive backup with granular restore. Point-in-time recovery, configurable retention. Backups stream to customer's own BYO storage or managed Vault. Datto's flagship SaaS backup, delivered at SMB price.

Currently Mode A shadow uses MeshAgent. Guacamole gives browser-native RDP shadow — no agent install on the technician's machine, better UX, simpler network path. Completes the remote access stack.

LLM analyses vulnerability data, patch history, system criticality, and business hours to recommend patch order with risk scoring. Explains its reasoning in plain English — not just a ranked list.

When tickets arrive via existing helpdesk integrations, AI pre-classifies priority, suggests likely resolution steps, links to similar past tickets, and recommends the right technician. Reduces Tier 1 handle time materially.

Full ticketing module: email-to-ticket, SLA tracking, ticket merging, time entries, internal notes, customer portal. For teams on Jira/Zendesk/HubSpot, the existing webhooks remain. For teams who want single-pane-of-glass, this replaces a separate helpdesk tool entirely.

End-users can submit tickets, check their device's patch and vulnerability status, request software from an approved catalogue, and view audit data about their own machine. White-labellable per MSP child-org.

Mock audit dashboard: evidence checklist, "Are you CE+ ready?" readiness score, gap report. Reduces certification anxiety and shortens the assessor engagement. Pairs with the existing CE+ evidence pack already shipped at v1.

LAN scan aggregation: hardware inventory, warranty tracking, lease end dates, lifecycle alerts. "What do you actually have?" across the whole estate, surfaced in one dashboard alongside patch and vulnerability data.

Per-client password vault, knowledge base articles, runbooks, and basic network diagrams — all linked to devices in the estate. Removes the "we need IT Glue for this" objection at a lower cost.

Alerts to channels, ticket creation from messages, slash commands: "PatchPilot, show me all devices with critical CVEs." Fully operational without leaving your chat platform.

Multi-vendor support beyond the v1 three, deeper telemetry pull, threat hunting view, and correlated risk scoring across endpoint + EDR data. Turns PatchPilot into your unified security operations console.

Volume-level continuous backup with cloud target. Bare-metal restore tested and verified end-to-end. Configurable retention, de-duplication, compression. File/folder backup to BYO storage ships at v1; Q1 2027 is Datto-grade bare-metal image backup.

SNMP polling ships Q3 2026. v2 adds NetFlow aggregation: traffic baselines, anomaly alerts, per-application bandwidth. Live network dashboards alongside endpoint data — one pane of glass for the whole estate.

Active-active control plane in UK and EU data centres. Customers pin their data to a region. Supports EU-only data residency requirements — particularly relevant for regulated continental European buyers.

Script library with AI-recommended remediation steps. "AI detected this issue and suggests this script — run it?" One-click execution with full audit trail. Builds on the existing script + step-up MFA infrastructure shipped at v1.

Per-tech hours logged against tickets, billable rate cards, monthly invoice generation, client-facing time reports. Closes the "we need Autotask for billing" objection for smaller MSPs who don't want a full PSA.

SMART disk health forecasting, patch conflict prediction before deployment, anomalous behaviour alerts. Surface problems 2–4 weeks before they become incidents — move from reactive to genuinely predictive IT.

Full mobile device management: iOS and Android enrolment, MDM commands (lock, wipe, enforce passcode, app push), BYOD separation policies. Builds on the Q3 2026 iOS/Android agent foundation. Replaces Jamf Now and Intune mobile for SMB.

Community-contributed scripts with reputation scoring, vetting, version history, and one-click deployment. Browse, fork, and publish PowerShell and Bash automations. Revenue share for top contributors. Discover, not just run.

Power-user self-service: hardware order requests, software approval workflows, password reset flows, status tracking. Full approval gates for IT admin. Reduces Tier 0 ticket volume without adding technician workload.

AI autonomously handles common Tier 1 tickets: password resets, approved software installs, basic connectivity troubleshooting. Closes tickets without technician touch. Full audit trail retained for every autonomous action.

High-margin upsell for customers who prefer not to configure their own BYO storage destination. Managed, geo-redundant, GDPR-compliant. BYO remains the default and always free — Vault is the convenience tier.

"Show me every Win11 device with BitLocker disabled and a CVE score above 9.0." Natural-language queries against the full device estate — no SQL, no filter menus. Powered by the knowledge graph built across v1.x releases.