Koen Van Impe

Security Analyst

Koen Van Impe is a security analyst who worked at the Belgian national CSIRT and is now an independent security researcher. He has a twitter feed (@cudeso) and a personal blog (www.vanimpe.eu). Koen is passionate about computer security, incident handling, network analysis, honeypots, Linux, log management and web technologies. He is responsible for the follow-up and coordination of computer security incidents and gives security advice to customers.

Incident Response November 15, 2021

How Attackers Exploit the Remote Desktop Protocol

4 min read - The Remote Desktop Protocol (RDP) is one of the most popular communication protocols for remotely controlling systems. RDP comes with all current Windows operating systems, and its graphical user interface makes it an easy-to-use remote access tool. In addition, Microsoft…

Incident Response October 15, 2021

When Is an Attack not an Attack? The Story of Red Team Versus Blue Team

6 min read - Cybersecurity experts fill our days with terminology from warfare, including jargon such as red team versus blue team. The concept of ‘red team’ has its origin in wargaming. The red team plays an opposing force and attempts to bypass the…

Software Vulnerabilities April 23, 2021

Health Care Ransomware Strains Have Hospitals in the Crosshairs

5 min read - The language of digital attacks shares a lot with the language of disease: ‘viruses’ ‘infect’ computers, and stopping their spread can be like trying to keep down a contagious disease. The two worlds also come together when threat actors attack…

Intelligence & Analytics April 16, 2021

Combating Sleeper Threats With MTTD

6 min read - During the SolarWinds Orion supply chain compromise, threat actors lurked in the victim’s network for more than a year. Discovered by FireEye in December 2020, the earliest traces of a modified SolarWinds Orion go back as early as October 2019.…

Government February 18, 2021

Cyber Resilience Strategy Changes You Should Know in the EU’s Digital Decade

5 min read - For enterprises operating in Europe, the European Commission’s December 2020 EU Cybersecurity Strategy may dictate how you go about improving cyber resilience. The 2020 EU Cybersecurity Strategy underlines the important role of cybersecurity for a growing EU economy and reinforcing…

Intelligence & Analytics January 8, 2021

Cybersecurity Ethics: Establishing a Code for Your SOC

4 min read - Since security intersects so much with privacy, cybersecurity ethics decisions should be on your mind at work. Being part of a high-performing computer security incident response team (CSIRT) or security operations center (SOC) involves making big, intentional decisions. Increasing the maturity…

Threat Hunting September 4, 2020

Incident Response: 5 Steps to Prevent False Positives

4 min read - False positive alerts in your threat intel platform can leave your team scrambling. It’s like driving to the wrong address. You reach a place, but also waste time you could have used at your intended destination. For security teams, knowing…

CISO January 22, 2020

Which Incident Response Investments Are You Prioritizing in 2020?

6 min read - Developing, testing and improving incident response plans should be the number one priority for future investment by organizations, but there are more areas to look into in 2020.

Intelligence & Analytics November 19, 2019

Improve Your Detection Capabilities With Cyber Simulation Datasets

4 min read - Every organization must develop methods of testing and improving existing detection capabilities, from on-paper assessments to a full-blown cyber simulation.

Incident Response November 6, 2019

Measure and Improve the Maturity of Your Incident Response Team

5 min read - Incident response and management requires continual growth. Your team will not become proficient overnight.

Incident Response October 30, 2019

How PR Teams Can Prepare for Data Breach Risks With Incident Response Planning

5 min read - Like your incident response team, the PR team needs to understand data breach risks, prepare with communication templates, processes, and tooling and be part of your incident response plan.

Endpoint June 14, 2019

How to Patch BlueKeep and Get to Know Your Company’s Critical Assets

5 min read - In theory, dealing with BlueKeep should be no different from dealing with other vulnerabilities. Unfortunately, many organizations are lagging in their patch management efforts.

Failed to load data

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.

Subscribe today

Analysis and insights from hundreds of the brightest minds in the cybersecurity industry to help you prove compliance, grow business and stop threats.

Cybersecurity News By Topic By Industry Exclusive Series X-Force Podcast Events Contact About Us

Security Intelligence

{{title}}

{{title}}

{{title}}

{{title}}

Topics

Koen Van Impe

How Attackers Exploit the Remote Desktop Protocol

When Is an Attack not an Attack? The Story of Red Team Versus Blue Team

Health Care Ransomware Strains Have Hospitals in the Crosshairs

Combating Sleeper Threats With MTTD

Cyber Resilience Strategy Changes You Should Know in the EU’s Digital Decade

Cybersecurity Ethics: Establishing a Code for Your SOC

Incident Response: 5 Steps to Prevent False Positives

Which Incident Response Investments Are You Prioritizing in 2020?

Improve Your Detection Capabilities With Cyber Simulation Datasets

Measure and Improve the Maturity of Your Incident Response Team

How PR Teams Can Prepare for Data Breach Risks With Incident Response Planning

How to Patch BlueKeep and Get to Know Your Company’s Critical Assets

{{{title}}}

Topic updates