Turn-Key Cloud Infrastructure for your Compliance Needs

A cloud platform compliant with CDR, HIPAA, PCI DSS, SOC 2, or ISO 27001 standards, providing security for your application, data, and customers. Get a compliant and automated environment from the very start and accelerate your time-to-market.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
The image shows the process of Citadel infrastructure that uses AWS as Cloud Provider. On that Citadel deliver a compliance in-a-box solution that will provide Continuous Security a Continuous Compliance, securing customers application on top of that.
Trusted by some of the best Fintechs and Scale-ups

Less complexity and more time to focus on your business needs

Accelerate time-to-market

Deploy secure and compliant apps in days, not months. Reach a compliant end to end solution fast with all the infrastructure and your DevSecOps pipeline taken care of.

You are in control

We build and maintain compliant environments in your AWS accounts. All components are built with infrastructure-as-code giving you complete control and flexibility over your cloud.

Simplify your work

Simplify your work to focus entirely on your application and business development, resulting in happy and productive development teams.

Designed for Regulated Industries

Citadel brings security and compliance to smaller businesses in a more cost-effective way by applying cloud-native concepts, disrupting the old guard of institutions in sectors like finance and health.


What's in the box

Security Monitoring

Setup of common alarms and tools to keep your environments secure

Long-term evidence storage

Selected logs and security events are send to another environment to be stored long-term and have a central location for visualising your compliance standing

Secrets Management

We help you setup your application to use secrets from an encrypted source and with the right policies


For when you need to access internal services, we got your back

Single Sign-On

Never worry about adding and removing internal users and permissions in multiple places anymore

IAM Setup

Some say AWS IAM is the most complex service from AWS. We load your environment with pre-set policies and roles to simplify the setup

Full Encryption

We make sure all traffic and at-rest data is encrypted following the best industry standards


We support you every step of the process to make sure your applications are up and running in the new environment as soon as possible and ready to be audited when the time comes

100% Infrastructure-as-code

The platform is deployed with IaC and you have full access to the code, no black boxes here.

AWS Account Architecture

Isolating your workloads into different accounts to isolate production to non-production environment

How does it work?

Citadel will build your Citadel, setup the DevOps pipeline, and kick-start the audit process from the outset. With automation, the infrastructure is always up-to-date, and your Citadel will be continuously updated to match new regulations or requirements, giving you more time to focus on development. Make way for easier re-accreditation or re-certification with automation of necessary processes and reports.


Based on comprehensive understanding of your strategy

Business Centricity

We learn your objectives and together design an architecture based on our core platform, with room for all your needs.

Infrastructure as Code

Citadel builds the platform into your AWS accounts with automated Infrastructure as Code.

Heading DevSecOps

Citadel migrates your apps with continuous integration, deployment, and security pipelines.


An expert assessment of your organisation’s compliance

Support along the way

Citadel's expertise supports you along the way, making the necessary adjustments to achieve the desired level of compliance, accreditation, or certification.

Working with auditors

Citadel is designed to ensure that all auditing requirements are fulfilled to precise standards, whether working with our referred auditors or using your own.

Automated auditing

We support your continuous and recurring auditing requirements with automated processes, automated reports, and compliance expertise.

Citadel as a Service

Ongoing reinforcement for your needs and objectives

Ongoing Management

Post-accreditation, Citadel supports the environment by providing incident management and compliance, performance, and security reports. Ongoing management includes routine checks and alerts, proactive fixes, and generation of reports needed for recertification and reaccreditation.

Continuous Improvements

The environment will also be kept up-to-date with continuous improvements such as updates and new AWS features added to the platform.

Peace of Mind

Ensure peace-of-mind with an environment which is continuously aligned with updated compliance rules.

Are you ready to dive in?

Book a time with us today so we can understand your needs.

Request a demo

Our best solutions in one box

Citadel and its partners combined what we do best into one bundle so that your business can save time and go further with simplicity.

Meet our team
DNX logo
Compliant and Well-Architected cloud and data infrastructure.
Adatree logo
Connect CDR endpoints via APIs to access and leverage data.
Assurance Lab logo
Security & risk leadership integrated into your team.
Trend Micro logo
Customise and automate infra misconfiguration reports.
Astero logo
Modern and cloud-native cybersecurity audit partner.


Helpful Resources

Spreading the Word

Listen now to Episode 10 of the FinTech report podcast

Listen to Frost’s conversation with Bo Melin, DNX’s Business Development Manager, about the launching of Citadel, the benefits of this fully compliant platform for CDR, PCI, SOC 2, and HIPAA businesses and why open banking is the “cherry on the cake”


You've got questions. We've got answers.

Which clouds do you work with?

At the moment our platform is designed only for AWS.

I'm still developing my applications, how can I make sure they are compliant?

Our integration partners and us will guide you and review your architecture to make sure your applications are designed in a way that is secure and compliant with the standards required.

My applications are already serving customer and now need to abide by a certain standard. Can I bring them over to Citadel?

Yes. You have full access to your environments and therefore can deploy any code there, but changes to the application architecture or code might be necessary to keep the level of compliance of the environment. We work with integration partners to help you in this process.V

I already have AWS environments with my applications running, can you add Citadel features on top of it without causing disruption?

To some extent, yes. We need to assess your environment to understand what can be done.A common scenario is when the AWS accounts are already following the Well-Architected pillars, so we implement features to remediate any possible gaps in the existing environments and work with you to add other features like SSO, VPN, Security Monitoring, etc.

Does Citadel have an UI?

Not yet, but we are currently developing one and will release for customers on Q3/2022

Do I have access to the code used to build my infrastructure and automations?

Yes. Citadel deploys infrastructure to your accounts using mostly Terraform and your team has full access to the code. You can make changes and deploy infrastructure at any time, or you can enforce a workflow to be followed.

Who does the AWS accounts created for Citadel belong to?

All AWS accounts and resources are created under your Organization, so you get control of the AWS bill.

How do I avoid "bill surprise" on AWS?

As part of Citadel, we also provide a setup to keep control of your bill with budget and anomaly detection alarms.

Get In Touch

Get started with Citadel solution

Talk to our sales team, request a demo, and get a quote based on your business needs.

Sydney office
Level 8/11 York St, Sydney, NSW 2000

Brisbane office
Level 6/200 Adelaide St, Brisbane, QLD 4000