Home > Contributors > Archives for Koen Van Impe

31 Posts

Koen Van Impe

Security Analyst

Koen Van Impe is a security analyst who worked at the Belgian national CSIRT and is now an independent security researcher.He has a twitter feed (@cudeso) and a personal blog (www.vanimpe.eu).Koen is passionate about computer security, incident handling, network analysis, honeypots, Linux, log management and web technologies. He is responsible for the follow-up and coordination of computer security incidents and gives security advice to customers.

Written By Koen Van Impe

Fiber optic cable box in a DNS server room: passive DNS

article

How to Use Passive DNS to Inform Your Incident Response

Passive DNS replication can be an essential source of data to contextualize your threat intelligence and inform your incident response plan.

November 5, 2018 | By Koen Van Impe

A hand holding a magnifying glass over a computer screen: how to detect a breach in your network

article

Don’t Dwell On It: How to Detect a Breach on Your Network More Efficiently

Dwell times for data compromises are still shockingly high. Understand how to detect a breach in your network to improve response and mitigation time.

October 22, 2018 | By Koen Van Impe

Measure the success of your SOC illusrated concept

article

What Metrics Do You Need to Measure the Success of Your SOC?

Your SOC collects mounds of data every day, but not all of it will contribute to a useful, relevant analysis of its performance. What metrics do you need to measure the success of your SOC?

September 24, 2018 | By Koen Van Impe

Cars stuck in traffic on a highway: C&C traffic

article

How to Leverage Log Services to Analyze C&C Traffic

Security teams can generate valuable insights about ongoing attacks by using log services and threat intelligence to analyze C&C traffic.

August 20, 2018 | By Koen Van Impe

Worker updating the lifecycle management of multiple programs on a smartphone.

article

How to Defend With the Courses of Action Matrix and Indicator Lifecycle Management

The lifecycle management of indicators is an important element to support decisions and actions against attackers. This process informs the courses of action matrix to build a response plan.

August 13, 2018 | By Koen Van Impe

A group of IT professionals discussing data sets to strategize: incident response

article

How Pivoting Can Help Your Incident Response Process

Indicators of compromise are key data points used during an incident response process. Regularly testing the reliability of your indicators can make all the difference in your IT security process.

July 23, 2018 | By Koen Van Impe

An IT team pouring over cybersecurity data and strategizing collaborative responses: ISAC

article

How Can an ISAC Improve Cybersecurity and Resilience?

Sharing computer security information is now an established practice in IT. But pooling resources in an ISAC can provide greater insight, broader collaboration and improved overall cyber resiliency.

July 16, 2018 | By Koen Van Impe

Three coworkers collaborate on a new project: cyberthreat intelligence

article

What Are the Different Types of Cyberthreat Intelligence?

Building a cyberthreat intelligence program can be a daunting task. However, it's best to start small and grow continuously.

June 4, 2018 | By Koen Van Impe

A woman checking her email on a desktop computer.

article

Analyzing PDF and Office Documents Delivered Via Malspam

Endpoint detection and antiphishing tools can help users filter basic spam email, but detecting malspam in PDF and Microsoft Office documents requires a more thorough investigation.

May 1, 2018 | By Koen Van Impe

A gauge similar to a speedometer labeled "High Priority."

article

How to Choose the Right Malware Classification Scheme to Improve Incident Response

Analysts can improve and automate their incident response processes by adopting the right malware classification scheme according to specific threat management goals.

April 23, 2018 | By Koen Van Impe