28 Posts

Koen Van Impe

Security Analyst

Koen Van Impe is a security analyst who worked at the Belgian national CSIRT and is now an independent security researcher. He has a twitter feed (@cudeso) and a personal blog (www.vanimpe.eu). Koen is passionate about computer security, incident handling, network analysis, honeypots, Linux, log management and web technologies. He is responsible for the follow-up and coordination of computer security incidents and gives security advice to customers.

Written By Koen Van Impe

How to Leverage Log Services to Analyze C&C Traffic

Security teams can generate valuable insights about ongoing attacks by using log services and threat intelligence to analyze C&C traffic.

How to Defend With the Courses of Action Matrix and Indicator Lifecycle Management

The lifecycle management of indicators is an important element to support decisions and actions against attackers. This process informs the courses of action matrix to build a response plan.

How Pivoting Can Help Your Incident Response Process

Indicators of compromise are key data points used during an incident response process. Regularly testing the reliability of your indicators can make all the difference in your IT security process.

How Can an ISAC Improve Cybersecurity and Resilience?

Sharing computer security information is now an established practice in IT. But pooling resources in an ISAC can provide greater insight, broader collaboration and improved overall cyber resiliency.

What Are the Different Types of Cyberthreat Intelligence?

Building a cyberthreat intelligence program can be a daunting task. However, it's best to start small and grow continuously.

Analyzing PDF and Office Documents Delivered Via Malspam

Endpoint detection and antiphishing tools can help users filter basic spam email, but detecting malspam in PDF and Microsoft Office documents requires a more thorough investigation.

How to Choose the Right Malware Classification Scheme to Improve Incident Response

Analysts can improve and automate their incident response processes by adopting the right malware classification scheme according to specific threat management goals.

Reducing Dwell Time With Automated Incident Response

As the threat landscape evolves, it is increasingly important for organizations large and small to invest in automated incident response solutions to reduce dwell time and eliminate alert fatigue.

Basic Security Tools You Cannot Afford to Miss in Your Risk Management Program

Security professionals can leverage freely available, open source security tools to protect their environments from threats.

Raise the Red Flag: Guidelines for Consuming and Verifying Indicators of Compromise

Before sharing indicators of compromise, analysts must consider the sensitivity of the data and verify the identities of the senders and receivers.