Curriculum Vitae (EN)


Clicking Print in your browser renders a printable CV without the headers and menus.

Personal Details

Koen Van Impe

Koen Van Impe

Sulferbergstraat 43, 8000 Brugge, Belgium
+32 476 98 12 10
koen . vanimpe @ cudeso . be

GWAPT
GPEN
GWEB

born in Antwerp, Belgium on February 14th, 1974

Objectives

to work in a motivating environment with room for innovation and research

Education

Professional Bachelor ICT

from 1997 to 2000, graduate informatics
C.V.O., Materiaalstraat 67, 1070 Anderlecht

thesis : Petrarca, a knowledge database (written in Visual Foxpro 6)

University

from 1992 to 1994, Bachelor Applied Computer Sciences (studies stopped because of family reasons)
Vrije Universiteit Brussel

High School

from 1986 to 1992
Sint-Niklaasinstituut, Bergensesteenweg, 1070 Anderlecht

Trainings and conferences

Computer security

TF-CSIRT / FIRST conferences since 2004
GWEB GIAC Certified Web Application Defender since August 2014
GPEN GIAC Penetration Tester since September 2013
GWAPT GIAC Web Application Penetration Tester since September 2012
Sans FOR610, Reverse-Engineering Malware (Sans Institute – Copenhagen October 2017)
Sans FOR578, Cyber Threat Intelligence (Sans Institute – Prague October 2015)
Sans DEV522, Defending Web Applications Security Essentials (Sans Institute – Orlando April 2014)
Sans SEC560, Network Penetration Testing and Ethical Hacking (Sans Institute – Amsterdam April 2013)
Sans SEC542, Web App Penetration Testing and Ethical Hacking (Sans Institute – Amsterdam May 2012)
Sans SEC503, Intrusion Detection In-Depth (Sans Institute – Amsterdam November 2005)

Computer Security Incident Handling (Terena – Paris Februari 2005)
Sans SEC504, Hacker Techniques, Exploits and Incident Handling (Sans Institute – Amsterdam September 2004)
Checkpoint NG (Ubizen – (IWT internal training 17 and 18 November 2003)

Software development

UML (Guidance – Brussels March 2002)
JavaScript (Guidance – Brussels November 2001)

Java2 (Guidance – Brussels April 2001)
MS-1013 – VB 6.0 development (U2U – Zellik June 30th 2000)
MS-1303 – VB 6.0 fundamentals (Cronos – Brussels May 2000)

System- and network administration

TCP/IP and firewalls (O.F.O. – Brussels May 2006)
TCP/IP (V.D.A.B. – Wevelgem February 2001)
Microsoft Internet Information Server 4.0 (Cronos – Brussels January 2001)
Microsoft Windows 2000 Server (V.D.A.B. – November and December 2000)
Microsoft SQL-Server 7.0 (POSA – Brussels March 2000)
Microsoft NT-server 4.0 (V.D.A.B. October and November 1999)

Languages

Dutch : native language
French : fluent
English : fluent
German : basic understanding

Professional Records

Freelance Security – CSIRT / CERT

from April 2000 until present
cudeso.be – https://www.cudeso.be
Freelancer for security services related to CSIRT / CERT work. Incident response, incident coordination, threat intelligence, vulnerability management and security best practices.

ICT Security Consultant

from September 2016 until present
Fluxys

Threat Management Security Consultant

from September 2016 until end of December 2016
Belfius Bank

Security Analyst

from July 1st 2004 until June 30th 2016
Belnet-CERT / CERT.be, Louizalaan 231, 1050 Brussel
Belnet is the Belgian national research network that provides high-bandwidth Internet connection to Belgian universities, colleges, schools, research centers and government departments.
CERT.be is the national Computer Emergency Response Team for Belgium.

I worked for Belnet as a Security Analyst for the national Computer Emergency Response Team (CERT.be) and the CERT for the Belnet network (Belnet-CERT). I did incident response, triage, security awareness, threat monitoring, threat intelligence and vulnerability assessments. I was involved with network forensics, log analysis and provided recommendations and best practices for improving the security of the Belgian constituency. I developed scripts in PHP/Mysql and Python for the improvement of the CERT.be and Belnet-CERT processes. I managed security projects at CERT.be.

Developer / Security contact / System Engineer

from April 1st 2000 until June 30th 2004
IWT-Vlaanderen, Bischoffsheimlaan 25, 1000 Brussel
The “Instituut voor Innovatie door Wetenschap en Technologie (IWT)” is a government agency founded in 1991 by the Flemish Government and supports projects for technological innovation in Flanders.
As a member of a team, I was responsible for the management of servers in a mixed Windows / Linux environment with different end user services. Additionally we managed and supported the local network with approx. 120 workstations. My primary responsibilities consisted of the management of the different internet services (webserver, firewall, proxy, dns) and the computer security.
I also developed web applications in ASP and acted as a backup for user-support.

System and User support / Developer

from July 1st 1998 until end of March 2000

TML BVBA, Bosstraat 103, 1742 Sint-Katharina-Lombeek (Ternat)
TML is a company that develops accountancy software (written in Foxpro) and that provides computer infrastructure for small and medium sized companies.
I was responsible for the user support and the installation of (mainly Windows) systems. Occasionally I developed small customer utilities in Foxpro.

Skills

Systems

Linux (Gentoo, Red Hat, Ubuntu, Debian), OpenBSD and basic knowledge of Solaris
Apple OSX
Microsoft Windows

Servers & daemons

Apache and Microsoft Internet Information Server webservers
MySQL, Postgresql and Microsoft SQL-Server databaseservers
Mailservices with Postfix, Courier-IMAP, Spamassassin, MS Exchange Server (5.5) and Ironport
Other services like Samba, Cups, OpenLDAP, Squid, Socks, DHCP, FTP-servers, SSH, NTP, Bind, djbdns, Snort, Tcpdump, Nessus, Cacti
Firewalls (general concepts and implementations with Linux, OpenBSD, JunOS and Checkpoint)
VPN-systems with OpenVPN and IPSEC

Software development

PHP, Python and Bash scripting, AJAX, Zend Framework, SQL, ASP (1.0), HTML, Javascript, CSS

General

Securing networks, services and web applications
Analyzing and summarizing open source intelligence and threat information
Defining recommendations for dealing with active threats (basic IDS rules, netflow detection filters, log analysis)
Vulnerability management (Qualys, Nessus) and vulnerability scanning
Basic knowledge of forensic investigations (mainly networks and Linux)
Analysis and coordination of computer security incidents, security awareness building
Management and configuration of security software and hardware
Management and analysis of netflow data (with nfdump and Arbor)
Management of honeypots, log-auditing, firewall-analysis, intrusion-detection

Internet, good working knowledge on TCP/IP, SSH, DNS, FTP, HTTP and SMTP
Development of web applications (php) and e-government-applications
Knowledge on WordPress, Drupal and Joomla

Other

Publications

Contributor to IBM Security Intelligence and Ipswitch
https://securityintelligence.com/author/koen-van-impe/
https://blog.ipswitch.com/author/koenvanimpe

Various blog posts on security topics https://www.vanimpe.eu/blog/

Membership

Liaison member with FIRST, the Forum of Incident Response and Security Teams.

Open Source projects

Contributed to open source projects via github.com/cudeso (PyMISP, MISP modules, Spiderfoot, …) and maintainer of OSINT feed https://www.botvrij.eu, integrated in MISP.

Hobbies

Literature (primarily science fiction), music, movies, travelling and modern art
Testing and evaluating new operating systems, security tools and software

Drivers licence

B