# Koen Van Impe

::::{grid} 2 2 2 2

:::{grid-item}
:columns: 4

```{image} ../images/speakers/KoenVanImpe.png
:class: m-auto circular
:height: 300px
:width: 300px
```

:::

:::{grid-item}
:columns: 7
:child-align: center
Koen Van Impe is a freelancer in threat intelligence, incident response and security operations. Koen has more than 20 years of experience in security (https://www.linkedin.com/in/cudeso/), has contributed to many open source projects and is the maintainer of the OSINT feed botvrij.eu. Koen shares his work via GitHub (https://github.com/cudeso), X (@cudeso) or his blog https://www.vanimpe.eu/
:::

::::

## Talks (Eastern Timezone)

| Title | Abstract | Date | Time |
| ----- | -------- | ---- | ---- |
| MISP playbooks, common use-cases to interact with the MISP threat intelligence platform | This talk is about the MISP playbooks. These playbooks address common use-cases encountered by SOCs, CSIRTs or CTI teams to detect, react and analyse specific intelligence received by MISP. They are published on https://github.com/MISP/misp-playbooks. The MISP playbooks combine PyMISP (Python library) with Jupyter notebooks and MISP. This talk will have these sections - 6' Introduction. Introduction to MISP, PyMISP, MISP modules and how MISP playbooks glue this together. Overview of what's available on the GitHub repository (playbooks and documentation). - 3' Getting started. What do you need? Structure/format/skeleton of a playbook. - 6' Demo of using MISP playbooks. How to query for data in MISP. Create a MISP threat event via a notebook. Update data in MISP. Use the MISP extension modules in a notebook. The demo is done against a local MISP instance filled with OSINT threat data. | 2024-02-16 | 12:45 |