This roadmap (updated Q3 2015) reflects the current focus of the core GRR development team and the pieces of work that have current active development.
-
UI simplification One right way to do things, with less options for shooting yourself in the foot when scheduling work. Focus is on complex hunts.
-
Memory collection and analysis Rekall for all platforms, better memory acquisition capabilities.
-
Automated GRR HTTP based API for running GRR flows automatically.
-
Data interchange and export Improved export capabilities for interchanging data with other systems.
-
Better integration with other forensics solutions Introduce a plugin like system for the client to allow fast iteration of third party tools (Rekall!, OSQuery?, ChipSec?).
-
Anomaly detection Automated server side processing of artifacts to automatically detect anomalies.
-
Baselining Work on building out the framework to support snapshots and analysis of various pieces of data to allow for comparison across a fleet and across time.
Because there are a number of developers working on extending individual parts of GRR, there may well be significant other pieces of work going on, checking the dev list is probably your best option if you want an up to date picture of that.