22 Posts

Koen Van Impe

Security Analyst

Koen Van Impe is a security analyst who worked at the Belgian national CSIRT and is now an independent security researcher. He has a twitter feed (@cudeso) and a personal blog (www.vanimpe.eu). Koen is passionate about computer security, incident handling, network analysis, honeypots, Linux, log management and web technologies. He is responsible for the follow-up and coordination of computer security incidents and gives security advice to customers.

Written By Koen Van Impe

How to Choose the Right Malware Classification Scheme to Improve Incident Response

Analysts can improve and automate their incident response processes by adopting the right malware classification scheme according to specific threat management goals.

Reducing Dwell Time With Automated Incident Response

As the threat landscape evolves, it is increasingly important for organizations large and small to invest in automated incident response solutions to reduce dwell time and eliminate alert fatigue.

Basic Security Tools You Cannot Afford to Miss in Your Risk Management Program

Security professionals can leverage freely available, open source security tools to protect their environments from threats.

Raise the Red Flag: Guidelines for Consuming and Verifying Indicators of Compromise

Before sharing indicators of compromise, analysts must consider the sensitivity of the data and verify the identities of the senders and receivers.

Using a Free Online Malware Analysis Sandbox to Dig Into Malicious Code

A public malware sandbox can be a great substitute for an in-house malware analysis solution — as long as you understand its limitations.

The Apache Struts 2 Vulnerability and the Importance of Patch Management

The disclosure of an Apache Struts 2 vulnerability made the framework a lucrative target and highlighted the importance of patch management.

Simplifying Risk Management

To properly manage risk, security analysts must understand the threats and vulnerabilities that exist on their networks and assess their consequences.

Don’t Let Remote Management Software Contribute to Building Botnets

IT leaders must be vigilant when using remote management software. Attackers can exploit these tools to infect devices with malware and build botnets.

Data Breaches and the Importance of Account Protection and Incident Response

Data breaches can be devastating to an organization. Defense against data breaches starts and ends with account protection and incident response.

Understanding the SPF and DKIM Spam Filtering Mechanisms

Sender Policy Framework and DomainKeys Identified Mail are two techniques that can be used to limit the amount of spam in inboxes.