Violet Sky Security
Information Assurance of
Digital Security
& Consultancy
Cyber Security and Information Assurance
Established and trading in Netherlands since April 2017
(KVK 68589174 in Amsterdam).
Identifying true risk and vulnerabilities for our clients.
Helping you to enhance Information Assurance.
Keeping an eye on the big picture and improving digital security.
SERVICES

CyberSecurity Assurance Services
Helping organisations to become more mature in cybersecurity and identifying gaps is a proactive attitude.
Cyber Threat Modelling:
Cyber threat model captures information about potential means of cyber attack on enterprise’s operations, through its computer systems and networks, that it must be prepared to withstand or defend against.
Source Code review
(Java, .NET, python)
OS Hardening:
Military grade hardening of systems
PenetrationTesting:
Infrastructure (LAN Network, remote, cloud), API, Web Applications and Mobile (iOS and Android).
Experience with triage and correlation of vulnerabilities, tooling help to management huge quantities of data.
Creating action plans and seeing the big picture of cyber security, risk and information assurance.

Consulting Services
We offer specialised security audits and risk assessment services.
Adding value in interpret root causes, identifying what needs to change in DevOps teams to be more secure. Or helping organisations to understand monetary value of risk with FAIR (Factor Analysis of Information Risk).
Action plans and seeing the big picture of cybersecurity, risk and information assurance.
We can provide advice on Governance, Risk and Compliance management advice (PCI, ISO27001, GDPR, SOC2, CCSS)
Security Architecture / Security Solution Design and Blockchain security
Cyber Incident Planning and Response advice.
Assist with roles as Virtual Chief Information Security Officer as a services (VCISO).
Be prepared for a cyber security incident is part of the playbook of every CISO.
Helping the business think critical towards response plan is a step in the right direction.
CryptoCurrency Security Standard (CCSS) is a set of requirements for all information systems that make use of cryptocurrencies, including exchanges, web applications, and cryptocurrency storage solutions.
CCSS is designed to complement existing information security standards (i.e. ISO 27001:2013) by introducing guidance for security best practices with respect to cryptocurrencies such as Bitcoin.
CCSS is a cryptocurrency standard that augments standard information security practices.

Security Solution Design
Solutions design are always part of change and innovation in any business. We support FOSS and want to help you find fit for purpose solutions (even if it is closed source as a commercial solution COTS).
Identity Access Management:
We can help with identity and access management for web and mobile applications.
Single Sign-on:
Configure SSO on any web portal that support CAS, SAML or OPENID Connect for federated identity.
Strong Authentication:
FIDO U2F tokens, one-time passcode (OTP), mobile authentication options.
Access Management:
Central policy management
Associate access management policies with OAuth scopes to define which people, using which client, can access which web resources.
User Consent Management
Identify Management:
Push, pull, and locally manage identity data to deliver a multi-protocol single sign-on (SSO) and access management service.
User consent management
Prompt users to approve the release of personal information, or to authorise high value transactions.
Directory Integration:
Use Gluu as the authoritative source of user information, or sync one or more backend directory servers to extend an existing identity infrastructure. Microsoft Active Directory infrastructure, OpenLDAP, OpenDJ etc.