Koen Van Impe is a seasoned freelance CSIRT and security consultant with 13+ years of hands-on experience in incident response, threat intelligence, vulnerability management and secure deployment across Linux and BSD environments. He combines practical offensive skills (GPEN, GWAPT) and deep defensive experience from roles at CERT.be, NVISO and Fluxys, advising on ICS and enterprise security perimeters. Koen is an active open-source contributor to the widely used MISP threat-intelligence project, implementing backend, DevOps and integration features such as netflow exports, SNMP statistics and VMRay/MWDB modules. His background spans network and web application forensics, IDS/IPS tuning, netflow analysis and automation via scripting, which he leverages for coordinated incident handling. Based in Ypres, Belgium, he also contributes to ENISA working groups on cyber threat landscapes, bringing practitioner insight into policy-level threat assessment. An underrated strength is his long track record of tooling improvements that bridge operational security and intelligence sharing in production environments.
13 years of coding experience
6 years of employment as a software developer
Computer Security Incident Handling
SECURITY 504: Hacker Techniques, Exploits & Incident Handling, SECURITY 504: Hacker Techniques, Exploits & Incident Handling at SANS Technology Institute
Modules for expansion services, enrichment, import and export in MISP and other tools.
Role in this project:
Back-end Developer & Integration Engineer
Contributions:20 commits, 22 PRs, 21 comments in 5 years 2 months
Contributions summary:Koen primarily focused on developing and integrating VMRay modules within the MISP platform. Their work involved importing and submitting samples to VMRay, and enhancing the integration with features like malware sample submission and handling various VTI detections. Code changes include modifications to existing import and expansion modules, along with bug fixes and improvements to the VMRay API interaction. They also worked on integrating Malware information with the MWDB module.
Contributions:27 commits, 15 PRs, 11 comments in 5 years 4 months
Contributions summary:Koen primarily focused on developing and improving the `examples/get_network_activity.py` script, a Python program designed to extract network activity information from a MISP database. They introduced new features like netflow output functionality and incorporated command-line arguments to enhance the script's usability. Further contributions included bug fixes and code refinements, adding checks to prevent failures in the event of missing object types. These changes indicate a focus on enhancing the functionality and robustness of the provided Python tool.
api-clientapipython-librarypythonmisp
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.