Antum Secure Inc — AI-Powered Cyber Risk Management

Platform

Everything Your Security Team Needs

A unified platform that replaces spreadsheets and ad-hoc processes with structured, AI-augmented workflows — producing consistent, auditable, board-ready risk records.

AI Engine

AI-powered threat enumeration, executive summaries, and risk scoring — in under 3 seconds.

Threat Modeling

STRIDE analysis with auto-generated Data Flow Diagrams from Terraform, YAML, or plain text in seconds.

Attack Trees

Visual AI-populated attack trees with probability scoring and MITRE ATT&CK technique mapping.

Risk Management

Configurable risk matrix, inherent vs. residual scoring, ownership tracking, and full immutable audit trails.

Compliance

Multi-framework posture tracking with evidence management, control mapping, and audit-ready reports.

Asset Registry

Full inventory with CIA ratings, data classification, exposure type, and AI-generated risk summaries.

Dashboard & KPIs

Executive risk heatmaps, residual score trends, and shareable customisable dashboards.

Guided Wizard

Step-by-step workflows let junior analysts document risks independently within 2–3 days of onboarding.

How It Works

From Zero to Board-Ready
in Three Steps

Citadel replaces weeks of manual spreadsheet work with a guided, AI-augmented workflow any analyst can follow from day one.

Register Your Assets

Connect your Terraform, Kubernetes, or CloudFormation code — or describe your asset in plain text. Citadel automatically discovers components, data flows, and exposure types.

IaC Import Manual Entry CIA Ratings

AI Analyses Every Threat

In under 3 seconds, Citadel's AI engine runs full STRIDE and PASTA analysis, generates a Data Flow Diagram, maps MITRE ATT&CK techniques, and writes an executive summary — automatically.

STRIDE / PASTA Auto-DFD MITRE ATT&CK

Track, Report & Comply

Risks flow into the live register with ownership, scoring, and remediation tracking. Compliance posture updates in real time. One click exports a board-ready PDF or auditor package.

Risk Register Live Compliance Audit Export

2–3 Days

analyst onboarding
vs. 4–6 weeks manually

< 3 Seconds

full threat analysis
per asset, end-to-end

Always Audit-Ready

immutable evidence trail
across all 6 frameworks

Product Modules

Every Module. Purpose-Built.

Citadel ships four core AI modules that work together across your entire risk workflow — from first draft to final audit.

app.citadel.antumsecure.com / risks / new

Risk Composer

Auto-save ON

Risk

2 Assets

3 Threats

4 Vulns

5 Controls

6 Summary

Risk Data Breach via SQL Injection — Payment Gateway API

Select assets affected by this risk

Payment Gateway API Selected

Application AWS · us-east-1 Confidential — PCI scope

C:5

I:5

A:4

· Exposure: Internet-facing

PostgreSQL — AppDB

Database · AWS RDS · Internal

S3 — prod-app-assets

Storage · AWS S3 · Internet-facing

Citadel AI Active

Inherent Score

20 / 25 · Critical

Likelihood × Impact

Likelihood

Impact

AI Suggestions

Based on this asset's exposure and classification, 14 threats will be auto-generated in Step 3.

6-step guided wizard — AI auto-generates threats, scores, and descriptions the moment you link an asset.

app.citadel.antumsecure.com / risks

Total Risks

Critical

High

Mitigated

RISK NAME	ASSET	SCORE	STATUS	OWNER	LIKELIHOOD	IMPACT
SQL Injection via Payment API ID: #1042	Payment Gateway API	20	In Review	JM	High (4)	Critical (5)
Hardcoded JWT Secret in Env Vars ID: #1041	Payment Gateway API	20	Open	SC	High (4)	Critical (5)
Over-Privileged IAM Lambda Role ID: #1038	S3 — prod-app-assets	15	In Review	AP	High (4)	High (4)
PII Leaked in API Error Responses ID: #1035	Payment Gateway API	12	Mitigated	SC	Med (3)	High (4)
No Rate Limiting on /api/v2/charge ID: #1031	Payment Gateway API	9	Accepted	JM	Med (3)	Med (3)
Showing 5 of 47 risks · View all →

The Risk Register gives your team a single source of truth — score, status, ownership, and mitigation in one view.

app.citadel.antumsecure.com / mitigations

Total Plans

Completed

41% completion rate

In Progress

Overdue

Active Mitigation Plans

PLAN NAME	LINKED RISK	EFFECTIVENESS	STATUS	OWNER	DUE DATE	RESIDUAL ↓
Parameterised Query Refactor MP-2024-001	#1042 SQL Injection	High	In Progress	SC	10 Jun 2026	↓ 95%
JWT Secret Rotation to AWS Secrets Manager MP-2024-002	#1041 Hardcoded JWT	High	Not Started	JM	03 Jun 2026 !	↓ 85%
IAM Least-Privilege Policy Review MP-2024-003	#1038 IAM Over-Priv	Med	In Progress	AP	20 Jun 2026	↓ 60%
Error Response Sanitisation MP-2024-004	#1035 PII Leak	High	Completed	SC	22 May 2026	↓ 100%

Each mitigation plan links directly to its risk, tracks effectiveness, and updates the residual score automatically when marked complete.

app.citadel.antumsecure.com / risks / 1042

SQL Injection via Payment API

Payment Gateway API · Application Security · J. Moreau · Created 02 May 2026

In Review Critical

Inherent Score

Likelihood 4 × Impact 5

Residual Score

With active controls

Risk Tolerance

Above appetite !

AI Risk Review

2.8s · 28 May 2026

This risk presents a Critical inherent score driven by an unmitigated SQL injection in the transaction endpoint. PCI-DSS cardholder data is in scope. 3 of 4 priority controls pending — residual will drop to 8 on completion. Immediate action required on P1 and P2.

Description AI-Generated

The Payment Gateway API accepts user-supplied input in the transaction_id and account_ref parameters without adequate parameterisation. An attacker could craft malicious SQL payloads to read, modify, or delete records in the PostgreSQL backend, potentially exposing PCI-scoped cardholder data.

Key Findings

2 Critical threats with no mitigations applied — immediate remediation required before next audit

PCI-DSS Req 6.2 and 6.3 currently non-compliant — QSA assessment at risk

Threat T04 (PII disclosure) successfully mitigated by S. Chen on 22 May 2026

DoS risk accepted by J. Moreau on 14 May 2026 — review due in 90 days

The AI Risk Review runs on a configurable schedule and writes a versioned, immutable summary to the audit trail every time.

AI Risk Composer

From raw data to reviewed risks
in a single workflow

Citadel pulls context from your connected assets, feeds it through the AI engine, and surfaces ranked, ready-to-create risks — in seconds.

Data Sources

Connected integrations

Ingesting asset context…

Citadel AI Engine

Risk generation & scoring

Risks generated

AI-Generated Risks

Review, refine, create

Awaiting AI output…

or click the phase buttons above

Auto-ingested context

Asset CIA scores, exposure level, and classification — alongside IaC, DFDs, attack trees, and your existing threat and risk data — are ingested automatically. No manual re-entry.

Refine before saving

Edit AI-proposed names, adjust scores, or prompt for a re-score — then accept with one click.

Instant risk register

Selected risks are created, scored, and assigned in a single action — auto-linked to the source asset.

AI Engine

Intelligence at
Every Step

Every workflow in Citadel is AI-augmented. From the moment you register an asset, the engine is generating threat scenarios, mapping controls, and writing board-ready summaries — in under 3 seconds.

One-Click Threat Enumeration

AI generates complete STRIDE and PASTA threat scenarios based on asset context, sector, and exposure. No manual lookup required — 90%+ coverage guaranteed.

Executive Risk Summaries

Auto-generated board-ready paragraphs for every asset and risk, cached and versioned. Directors get the context they need without chasing analysts.

Mitigation Recommendations

Industry-standard controls mapped to each threat, prioritised by cost-effectiveness and residual risk reduction potential.

Risk Score Enrichment

Combines likelihood, impact, threat intelligence, and active controls into a transparent, explainable residual risk score.

AI Analysis — Payment API Asset

Complete

Threat scenarios generated 14 threats

STRIDE categories covered 6 / 6

Controls recommended 22 controls

Executive summary drafted 2.1 s

Total AI response time 2.8 seconds

70%

less documentation time

<3s

avg AI response

90%+

STRIDE coverage

Analyst Productivity

Onboarding time 4–6 weeks → 2–3 days

Hours saved / analyst / week 8–12 hours

Threat Modeling & Auto-DFD

Continuous Threat Modeling
from Your Infrastructure Code

Citadel integrates directly with your IaC and FaC pipelines — Terraform, CloudFormation, Kubernetes, Bicep, and more. Every infrastructure change triggers a fresh STRIDE analysis and an updated Data Flow Diagram, automatically. Confluence pages and Jira tickets are pulled in as context to make threat models specific to each asset.

infrastructure/main.tf Terraform HCL

resource "aws_instance" "web_server" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t3.medium"

  vpc_security_group_ids = [
    aws_security_group.web.id
  ]
  subnet_id = aws_subnet.public.id

  tags = { Name = "WebServer", Env = "Prod" }
}

resource "aws_db_instance" "database" {
  engine         = "postgres"
  instance_class = "db.t3.small"
  db_name        = "appdb"
  multi_az       = true
  storage_encrypted = true
}

resource "aws_s3_bucket" "assets" {
  bucket = "prod-app-assets"
  tags   = { Classification = "Confidential" }
}

Terraform HCL Kubernetes YAML CloudFormation Bicep / ARM Firewall as Code

AI Analysis
~30 seconds

DFD + STRIDE Threat Register Generated

%%  Mermaid DFD (interactive, zoomable)
Internet ──▶ [WebServer : T3]
[WebServer : T3] ──▶ [RDS : Postgres]
[WebServer : T3] ──▶ [S3 : assets]
✓ 3 components  ·  5 data flows  ·  exported SVG

S Spoofing — unauthenticated access on WebServer API endpoint

T Tampering — SQL injection via unsanitised input to RDS

I Info Disclosure — S3 bucket misconfigured with public-read ACL

D DoS — no rate limiting on web tier ingress

E Elevation — over-privileged IAM role on EC2 instance profile

+ 9 more threats · promote all to Risk Register with 1 click

Full STRIDE coverage — all 6 categories analysed systematically (vs. 40–60% coverage from memory)

Spoofing

Tampering

Repudiation

Info Disclosure

Denial of Service

Elevation of Privilege

Continuous Modeling

IaC and FaC changes trigger automatic re-analysis — threats never go stale

Confluence & Jira Context

Architecture docs, runbooks, and Jira tickets are used to ground threats to your specific environment

Versioned Models

Full diff view as your architecture evolves — see exactly what changed and what new threats emerged

One-Click Promotion

Threats promote directly to the risk register with full IaC context intact

Integrations

Connects to Your Existing Stack

Citadel plugs directly into your IaC pipelines, vulnerability scanners, and issue trackers. No rip-and-replace. Plug in and go.

Infrastructure as Code

Auto-discover assets from state & templates

Terraform Cloud

Remote state · asset discovery

Terraform Enterprise

On-premises state management

AWS CloudFormation

Stack templates · change sets

Azure Bicep / ARM

Resource templates · deployments

Firewall as Code

Version-controlled firewall policy automation

Palo Alto Panorama

Centralised policy & rule management

Fortinet FortiGate

FortiManager API · Ansible provider

AWS Network Firewall

WAF rules · Security Groups as code

Cisco Firepower / FMC

FMC REST API · policy deployment

OPA / Ansible

Policy as Code · network playbooks

Vulnerability Scanners

Import CVEs and scan results

Tenable.io

Cloud vulnerability management

Tenable.sc

Nessus professional manager

Qualys

Cloud vulnerability scanning

Rapid7 InsightVM

Vulnerability management

Nessus Professional

Local vulnerability scanning

Issue Trackers & ITSM

Bi-directional ticket sync

Jira Cloud

Vulnerabilities · mitigations · custom fields

ServiceNow

Incident & change management

Confluence

Wiki & documentation sync

Compliance

Multi-Framework Compliance,
All in One Place

Map your controls once, comply with multiple frameworks simultaneously. Evidence management, assessment tracking, and posture scoring — always audit-ready.

NIST SP 800-53 ISO/IEC 27001 PCI-DSS SOC 2 CIS Controls + Custom Frameworks

Evidence Management

Upload PDFs, images, and documents as compliance evidence. URL references and text notes supported. Full audit trail with uploader identity and timestamp — ready for external auditors.

PDF / DOCX Images URLs Notes

Control Mapping

Link your existing controls to framework controls with coverage percentages. Map once to NIST — see your ISO 27001 and PCI-DSS gaps automatically. 20+ NIST control families supported.

20+ control families Gap analysis Coverage %

Posture Scoring

Weighted compliance scores per framework, per asset, and organisation-wide. Real-time posture from assessment status: Compliant, Partial, Non-Compliant, N/A.

Per-asset scores Org-wide posture Trends

Dashboard & Reporting

Executive visibility,
real-time

From analyst workbench to boardroom slide — Citadel surfaces the right risk data at every level, live.

app.citadel.antumsecure.com / dashboard / executive

Live

Risks by Severity 47 total

47 risks

Critical7

High18

Medium14

Low8

Residual Risk Trend ↓ 23% QoQ

Live Activity Streaming

Top Open Risks View all →

SQL Injection — Payment API #1042 · J. Moreau	Critical	20	In Review
Hardcoded JWT Secret #1041 · S. Chen	Critical	20	Open
Over-Privileged IAM Role #1038 · A. Patel	High	15	In Review
Unencrypted S3 Bucket #1036 · A. Patel	High	12	Open

Mitigation Velocity Last 6 months

Risk Heat Matrix

Likelihood (x-axis) × Impact (y-axis) — hover a dot to inspect

Critical High Medium

54321

L1L2L3L4L5 →

← Likelihood

Plotted Risks

SQL Injection
Score 20

Hardcoded JWT
Score 20

IAM Over-Priv
Score 15

PII in Errors
Score 12

No Rate Limit
Score 9

Residual Risk Score — 12-Month Trend

Average residual score across all active risks

↓ 23% this quarter

Risk appetite threshold = 10 Now below threshold

Risks Closed

+22

this quarter vs 14 last quarter

Avg. Time to Mitigate

18d

↓ from 31 days last quarter

Risk Appetite Status

Within Appetite

Avg. residual 8.4 vs threshold 10

Framework Coverage

Controls mapped & verified

Recent Audit Events

Next Audit Readiness

PCI-DSS QSA14 days

ISO 27001 Surveillance62 days

Risk Heat Matrix

Every risk plotted by likelihood × impact across your full asset portfolio.

Residual Trends

Prove programme effectiveness to the board with 12-month residual score history.

Compliance Coverage

PCI-DSS, ISO 27001, SOC 2, NIST — gaps, mapping status, and audit-readiness at a glance.

Shareable Reports

One-click PDF export or live share links with granular view/edit permissions.

AI-Powered Cyber Risk Management

Everything Your Security Team Needs

AI Engine

Threat Modeling

Attack Trees

Risk Management

Compliance

Asset Registry

Dashboard & KPIs

Guided Wizard

From Zero to Board-Readyin Three Steps

Register Your Assets

AI Analyses Every Threat

Track, Report & Comply

Every Module. Purpose-Built.

Risk Composer

Active Mitigation Plans

SQL Injection via Payment API

From raw data to reviewed risks in a single workflow

Intelligence atEvery Step

Continuous Threat Modelingfrom Your Infrastructure Code

Connects to Your Existing Stack

Multi-Framework Compliance,All in One Place

Evidence Management

Control Mapping

Posture Scoring

Executive visibility, real-time

Ready to SecureYour Organisation?

AI-Powered
Cyber Risk Management

From Zero to Board-Ready
in Three Steps

From raw data to reviewed risks
in a single workflow

Intelligence at
Every Step

Continuous Threat Modeling
from Your Infrastructure Code

Multi-Framework Compliance,
All in One Place

Executive visibility,
real-time

Ready to Secure
Your Organisation?