38 Posts

Koen Van Impe

Security Analyst

Koen Van Impe is a security analyst who worked at the Belgian national CSIRT and is now an independent security researcher.He has a twitter feed (@cudeso) and a personal blog (www.vanimpe.eu).Koen is passionate about computer security, incident handling, network analysis, honeypots, Linux, log management and web technologies. He is responsible for the follow-up and coordination of computer security incidents and gives security advice to customers.

Written By Koen Van Impe

How to Patch BlueKeep and Get to Know Your Company’s Critical Assets

In theory, dealing with BlueKeep should be no different from dealing with other vulnerabilities. Unfortunately, many organizations are lagging in their patch management efforts.

Bind Certificates to Domain Names for Enhanced Security With DANE and DNSSEC

The biggest hurdle for implementing DANE lies with DNSSEC. Granted, setting up DNSSEC can be daunting, but the reward of a much higher level of DNS security can make it worth the effort.

Dark Web TLS/SSL Certificates Highlight Need for Shift to Zero Trust Security

Some of the latest website security threats originate from thriving dark web marketplaces for TLS/SSL certificates, which often come packaged with other cybercrime services.

Missed DNS Flag Day? It’s Not Too Late to Upgrade Your Domain Security

Whether or not you plan on using DNS cookies or DNSSEC, foreseeing an upgrade plan for your software to the latest version made available as part of DNS Flag Day is highly advised.

Breaking Down the Incident Notification Requirements in the EU’s NIS Directive

Similar to the GDPR, you can approach the NIS Directive as a roadblock or a nuisance, or you can consider it an excellent opportunity to improve your security posture.

Is It Time to Start a PSIRT? Why Your CSIRT May Not Be Enough

Your CSIRT protects your organizational network, but who secures your products? It may be time you started a PSIRT at your company.

Why You Need a BGP Hijack Response Plan

BGP hijack attacks are increasing in popularity, but are still largely unaddressed in many organizational incident response plans.

How to Use Passive DNS to Inform Your Incident Response

Passive DNS replication can be an essential source of data to contextualize your threat intelligence and inform your incident response plan.

Don’t Dwell On It: How to Detect a Breach on Your Network More Efficiently

Dwell times for data compromises are still shockingly high. Understand how to detect a breach in your network to improve response and mitigation time.

What Metrics Do You Need to Measure the Success of Your SOC?

Your SOC collects mounds of data every day, but not all of it will contribute to a useful, relevant analysis of its performance. What metrics do you need to measure the success of your SOC?