Sold by: Citadel SecurityÂ
Deployed on AWS
AWS Free Tier
This product has charges associated with the pre-built security hardening and recurring maintenance. Deploy a Hardened Microsoft Windows Server 2025 virtual machine with 300+ security controls already applied. Start secure. Stay secure. Save weeks of work.
Overview
This Hardened Microsoft Windows Server 2025 image is a hardened virtual machine configured with over 300 security controls designed to protect cloud-based workloads from the start. Ideal for companies operating in regulated or sensitive environments, this image gives teams a secure and production-ready foundation out of the box.
Our hardened images are built using proprietary internal pipelines that automate and validate the implementation of critical security controls. Each control is carefully selected to reduce attack surface, enforce secure defaults, and help teams meet internal or external compliance expectations. No tools are pre-installed. The image is clean, consistent, and easy to integrate into any environment.
Use cases include deploying workloads in healthcare, finance, government, SaaS platforms, or any application where security is a priority. Default cloud OS images offer little to no security by default. Our hardened images save engineering teams weeks of effort, reduce risk from misconfiguration, and accelerate your ability to launch in secure environments. We are a US-based company with over four years of operation, trusted by enterprises and government agencies. All engineering and support work is performed by US-based employees.
Highlights
- Over 300 security controls are pre-applied to the base image to reduce vulnerabilities, enforce strong defaults, and simplify compliance. This saves teams weeks of manual effort and ensures consistency across deployments.
- Every image is built through our internal security pipeline and validated for integrity and reliability. You can deploy in minutes with confidence that your base operating system is secure and ready for production use.
- Backed by billions of compute hours and trusted by Fortune 500 and government teams. Our hardened images are the secure foundation for mission-critical workloads in regulated environments.
Details
Sold by
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Win 2025
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
t3.large Recommended | $0.105 |
t3.micro AWS Free Tier | $0.07 |
g6.48xlarge | $0.175 |
r5dn.metal | $0.175 |
r6id.2xlarge | $0.175 |
t3.2xlarge | $0.175 |
m5a.8xlarge | $0.175 |
c5d.18xlarge | $0.175 |
g4ad.16xlarge | $0.175 |
z1d.metal | $0.175 |
Vendor refund policy
Refunds are not available. Billing will be assessed per the standard billing terms of the applicable cloud service provider.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
This is the initial release of the Hardened Microsoft Windows Server 2025 image. It includes 300+ security controls pre-applied to the operating system and all latest updates as of this build. No extra software is included.
Additional details
Usage instructions
Secure Launch and RDP Access Instructions for Hardened Windows Images
1. Launch the Hardened Image
Deploy the hardened Windows Server image into your secure VPC using the AWS Console, Terraform, or other infrastructure-as-code tooling.
2. Restrict Network Access
Update the instance's Security Group to:
- Allow RDP (TCP port 3389) only from your trusted IP address
- Avoid exposing to 0.0.0.0/0
- If using AWS Systems Manager (SSM), you do not need to open any inbound ports
3. Optional but Recommended
- Use AWS Systems Manager Session Manager for administrative access
- Alternatively, connect via VPN or bastion host if you choose to expose RDP
4. Retrieve the Default Administrator Password
Using the AWS Console
- Go to EC2 > Instances
- Select your Windows instance
- Click "Get Windows Password"
- Upload the private key (.pem) used when launching the instance
- The password for the Administrator account will be decrypted and displayed
Using AWS CLI
Run the following command:
aws ec2 get-password-data -instance-id i-xxxxxxxxxxxxxxxxx -priv-launch-key path/to/your-key.pem
5. Connect via RDP
- Open Remote Desktop Connection on your local machine
- Enter the public IP or DNS name of the instance
- Login using the username Administrator and the retrieved password
6. Security Group Reminder
- Ensure port 3389 is open only to your IP address
7. Post-Launch Notes
- No additional hardening steps are required
- The system is already pre-hardened with over 300 security controls
- You can immediately begin using the instance for production or testing workloads
Resources
Vendor resources
Support
Vendor support
Standard support is available via email during US business hours. To open a support ticket, contact support@citadelelement.com . We pride ourselves on timely SLA-based responses. Additional support for audit documentation or integration guidance is available upon request. All support is handled by US-based staff.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
CIS Hardened Image Level 1 on Microsoft Windows Server 2025
By Center for Internet Security
This product has charges associated with the pre-built hardening to the CIS Benchmarks™ and recurring maintenance. The CIS Hardened Images® are hardened in accordance with the associated CIS Benchmarks, an industry best practice for secure configuration. Reduce cost, time, and risk by building your AWS solution with CIS AMIs.
CIS Hardened Image Level 2 on Microsoft Windows Server 2025
By Center for Internet Security
This product has charges associated with the pre-built hardening to the CIS Benchmarks™ and recurring maintenance. The CIS Hardened Images® are hardened in accordance with the associated CIS Benchmarks, an industry best practice for secure configuration. Reduce cost, time, and risk by building your AWS solution with CIS AMIs.
Hardened Microsoft Windows Server 2025 by North Security
By Hardened VM
This product has charges associated with it for providing seller premium support. The Microsoft Windows Server 2025 instance is pre-configured and hardened to the Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) standard, delivering enhanced security over a baseline image. Benefit from a fully maintained hardened image with regular STIG updates, security patches, and hotfixes, along with limited premium OS support to assist with troubleshooting, optimization, and compliance guidance. This makes it an ideal choice for companies that require a secure, compliance-ready, production-quality OS backed by expert assistance.
Windows Server Core 2025 + Support by Cloud Infrastructure Services
By Cloud Infrastructure Services
This product has charges associated with it, which includes support by Cloud Infrastructure Services. Windows Server Core 2025 is a streamlined, minimalistic OS, resulting in faster boot times and reduced resource usage.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.