Kindo × Deloitte — Sprint & Release Plan

A.1–A.5 Production Readiness · June 9–22, 2026
Definition of Done: Production-ready releases with P1/P2 bugs remediated, ready for handoff to Krishna's D&RaaS team
Sprint 1Jun 9–11
Sprint 2Jun 11–13
Sprint 3Jun 13–15
Sprint 4Jun 16–18
Sprint 5Jun 18–20
Sprint 6Jun 20–22

Release 1 — A.1–A.5 Production Ready

June 15
Goal: Krishna's analysts run all 5 core agents in production — threat monitoring, intel enrichment, hunting, detection engineering, and exposure assessment — end-to-end without data gaps or tool failures.

Sprint 1 — Unblock Critical Paths

Jun 9–11
🎯 Eliminate the 3 urgent blockers that prevent A.1 and A.2 from functioning
  • URGENT
    TEK-154 Swimlane 0-record fetch — searches returning zero kills A.1 monitoring workflows A.1
  • IN PROG
    TEK-95 VirusTotal threat-intel — no enrichment = A.2 is blind. Oldest urgent (Apr 11) A.2
  • IN PROG
    TEK-106 ThreatConnect reliability — high failure rate breaks intel correlation A.2
  • READY
    TEK-58 SailPoint ISC → push to Deloitte prod validation A.1
  • READY
    TEK-141 Swimlane record update → push to Deloitte validation A.1

Sprint 2 — Resolve Blocked + Complete Reviews

Jun 11–13
🎯 Unblock SailPoint writes, land Jira capabilities, complete SQL MCP for A.3/A.5 data access
  • BLOCKED
    TEK-139 SailPoint write ops — escalate for failing-call evidence from Deloitte A.1 A.4
  • REVIEW
    APO-117 Jira upload attachments — evidence back into tickets A.3 A.4
  • REVIEW
    APO-95 SQL Database MCP — data store queries for hunting + exposure A.3 A.5
  • ADDED
    APO-131 Jira priority default bug — fix medium-priority default A.4
  • ADDED
    TEK-155 SailPoint operational tool policies — production policy coverage A.1
  • IN PROG
    TEK-128 Saviynt connector — cloud IAM for exposure assessment A.5

Sprint 3 — Validate + Release Prep

Jun 13–15
🎯 P1/P2 bug sweep, Deloitte validation sign-off, integration testing across all 5 agents
  • P1/P2
    Bug sweep across A.1–A.5 agent workflows — remediate all P1 and P2 issues
  • VALIDATE
    Deloitte validation of TEK-58 (SailPoint ISC) + TEK-141 (Swimlane) in production
  • HIGH
    Structured JSONagent output schemas for downstream consumption ALL
  • 85%
    Long-running reliability hardening — ship remaining 15% ALL
  • E2E
    Integration testing: each agent end-to-end against Deloitte test systems
  • HANDOFF
    Release 1 package to Krishna's team with release notes + known issues

Release 2 — Platform Hardening + Operational Readiness

June 22
Goal: Operations leads can monitor agent performance from Command Center, detection rules connect to GitHub, multi-agent workflows are production-stable, and the platform is client-deployment ready.

Sprint 4 — A.4/A.5 Enhancement + Dev Tooling

Jun 16–18
🎯 Complete GitHub connectivity for detection eng, land Python MCP, finish Saviynt
  • TO DO
    TEK-143 GitHub OAuth on SMK — detection rules live in GitHub, no OAuth = no connection A.4
  • TO DO
    APO-119 Python MCP server support — custom integration extensibility ALL
  • IN PROG
    TEK-128 Saviynt connector completion — if not landed in Sprint 2 A.5
  • TO DO
    Step progress indicator in agent run chat — UX for long-running workflows
  • HIGH
    Show relevant tools per prompt — reduce noise in agent tool selection

Sprint 5 — Command Center + Observability

Jun 18–20
🎯 Ops leads can track agent cost, performance, and failures from one dashboard
  • TO DO
    Token logging — per-agent token logging & cost tracking CMD CTR
  • TO DO
    Usage export — data export beyond 60 days CMD CTR
  • ADDED
    Run ended column in agent runs tab CMD CTR
  • HIGH
    Failure logs — export failure logs from failed run OPS
  • HIGH
    Error messages — meaningful actionable error messages UX
  • 25%
    SMK Observability — telemetry, log forwarding, dashboards INFRA

Sprint 6 — Multi-Agent + Release Polish

Jun 20–22
🎯 Multi-agent orchestration stable, whitelabel ready, full regression across A.1–A.5
  • 61%
    Multi-Agent Orch — agent-to-agent workflows and spawn controls ALL
  • REVIEW
    Whitelabel flag config schema for custom deploys DEPLOY
  • TO DO
    Resizable chat — input & output windows UX
  • IN PROG
    SMK Release Process — upgrade and backport hardening INFRA
  • REGRESSION
    Full regression test across A.1–A.5 with Release 1 + Release 2 changes
  • HANDOFF
    Release 2 package to Krishna's team — platform hardened, ops tooling live

Critical Path by Sprint

🔴 Sprint 1 Critical Path (Jun 9–11)

  • TEK-154 Swimlane 0-record fetch → without this fix, A.1 Threat Monitoring cannot reliably query case data → all downstream monitoring workflows fail → Release 1 ships with a broken lead agent
  • TEK-95 VirusTotal + TEK-106 ThreatConnect → these two run in parallel but BOTH must land → A.2 Threat Intel has zero automated enrichment without them → analysts fall back to manual lookups
  • Gate: TEK-154 + (TEK-95 ∥ TEK-106) must be code-complete by Jun 11 or Release 1 date is at risk

🟡 Sprint 2 Critical Path (Jun 11–13)

  • TEK-139 SailPoint write ops → BLOCKED on Deloitte evidence → if not unblocked by Jun 11, A.1/A.4 ship read-only → remediation actions require manual SailPoint work
  • APO-95 SQL Database MCP → gate for both A.3 (hunt queries) and A.5 (exposure data) → must clear review by Jun 12 or two agents lose data access capabilities
  • TEK-128 Saviynt → sole cloud IAM connector for A.5 CTEM → if it slips, A.5 launches without IAM exposure visibility
  • Gate: APO-95 review complete + TEK-139 escalation response received by Jun 12

🔵 Sprint 3 Critical Path (Jun 13–15)

  • Deloitte validation of TEK-58 + TEK-141 → both are READY but need Deloitte sign-off to go live → if Harshal/team doesn't validate by Jun 14, SailPoint ISC and Swimlane updates don't make R1
  • P1/P2 bug sweep → must run against ALL 5 agents in Deloitte test environment → requires ENG-8425 SAP connectivity to be stable (currently in progress)
  • Long-running reliability (85%→ship) → remaining 15% is the difference between agents timing out on complex workflows vs completing them
  • Gate: Krishna's team available for acceptance testing Jun 14–15. If not scheduled by Jun 12, handoff slips.

🟣 Sprint 4 Critical Path (Jun 16–18)

  • TEK-143 GitHub OAuth on SMK → detection rules live in GitHub → without OAuth, A.4 Detection Eng can't pull or push rules → agent is functional but disconnected from rule source-of-truth
  • APO-119 Python MCP → enables custom integration patterns → prerequisite for any bespoke connector work in Sprint 5–6
  • Gate: GitHub OAuth connection config available from Divya Singhal by Jun 16

🟠 Sprint 5 Critical Path (Jun 18–20)

  • Per-agent token logging → Command Center metrics depend on this → without it, org-wide usage graphs and cost tracking have no data source
  • Export failure logs → ops team can't diagnose agent failures at scale without this → production support readiness depends on it
  • Gate: Token logging pipeline instrumented by Jun 19 or Command Center maturity items cascade into post-R2

🟢 Sprint 6 Critical Path (Jun 20–22)

  • Multi-Agent Orchestration (61%→ship) → agent-to-agent handoffs are the foundation for complex Deloitte workflows → remaining 39% determines whether multi-step investigation chains work
  • Full regression → must cover R1 + R2 changes together → any regressions introduced by Sprint 4–5 work caught here
  • Gate: Regression pass + Krishna team sign-off by Jun 22 EOD

Agent × Integration Dependency Map

A.1 Threat Monitoring
TEK-154 Swimlane 0-fetch ⚠️
TEK-139 SailPoint write 🔒
TEK-58 SailPoint ISC ✅
TEK-141 Swimlane update ✅
TEK-155 SailPoint policies
A.2 Threat Intel
TEK-95 VirusTotal ⚠️
TEK-106 ThreatConnect ⚠️
A.3 Threat Hunt
APO-111 Jira read ✅
APO-121 Jira fields ✅
APO-117 Jira upload 🔍
APO-95 SQL MCP 🔍
A.4 Detection Eng
APO-117 Jira upload 🔍
APO-131 Jira priority bug
TEK-143 GitHub OAuth
A.5 CTEM
TEK-128 Saviynt 🔨
TEK-91 Okta writes 📋
APO-95 SQL MCP 🔍

Resource Constraints, Blockers & Mitigation

🚫 Blockers (External Dependencies)

  • TEK-139 SailPoint writes — Blocked on Deloitte providing failing-call evidence. Mitigation: Escalate directly to Harshal; offer to pair on evidence capture this week.
  • APO-42/44 SAP JCo/RFC — Need JCo params + cert config from Deloitte. Mitigation: Out of R1 scope; park for R2+ unless params arrive early.
  • TEK-97 MS Exchange — Needs licensed M365 mailbox. Mitigation: Deloitte infra team dependency; out of R1/R2 scope.
  • TEK-91 Okta writes — Deloitte-side enablement. Mitigation: Request confirmation by Sprint 4; plan A.5 workaround without Okta write.

Assumptions

  • Kindo engineering capacity sustains current velocity on TEK-95, TEK-106, TEK-154 through June 15
  • Deloitte validation turnaround for READY items (TEK-58, TEK-141) is ≤3 business days
  • Krishna's team is available for Release 1 acceptance testing June 14–15
  • Structured JSON output spec can be defined from existing agent schemas (no new product design needed)
  • ENG-8425 SAP test-system connectivity does not block A.1–A.5 (separate workstream)

👥 Resource Constraints

  • Kindo eng bandwidth: 6 items IN PROGRESS simultaneously — any new urgent pull risks slippage on TEK-95/TEK-106
  • Deloitte validation: Harshal Sarode is the requester on 8+ items — single point of contact bottleneck
  • Kindo UX session (Jun 9): Product team time diverted to design alignment — protect eng focus on R1 blockers
  • T&C (Tony/Joana): Escalation + stakeholder alignment capacity — not implementation resources

🛡️ Mitigation Plans

  • If TEK-154 slips past Sprint 1: A.1 ships with known limitation + monitoring workaround documented for Krishna's team
  • If TEK-95/106 don't land by June 13: A.2 ships with manual enrichment fallback; automated enrichment becomes R2 Sprint 4 priority
  • If TEK-139 stays blocked: A.1/A.4 ship read-only for SailPoint; write-back becomes R2 deliverable
  • If structured JSON isn't feasible in Sprint 3: Move to Sprint 4; R1 ships with current output format + schema spec doc for R2
Generated June 9, 2026 · Kindo × Deloitte Sprint Plan · Source: Status Update Jun 9 + A.1–A.5 Registry