Emmett Koen

Research Engineer

Research & Efficacy Team

A United States Army Veteran, Emmett’s focus is on Threat Intelligence and Reverse Engineering. Emmett is a member of the Reverse Engineering and Research Team for the Cisco AMP Threatgrid product line.

Prior to Cisco, Emmett worked as a contractor operating unmanned aircraft systems for the US Army. He worked in various capacities as a Security Engineer and Threat Intelligence Analyst in higher education and secure cloud-computing space.

Emmett holds the CEHv8 and GREM certifications. He has his associates in applied science in Unmanned Aircraft Systems Operation and Intelligence Operations.


February 10, 2017


Indicators of Compromise and where to find them

Indicators of Compromise (“IOC”) are used to suggest a system has been affected by some form of malware. An Indicator of Compromise can be anything from a file name to the behavior observed while malware is actively running on an infected system. Where do they look? Social media, new feeds, industry reports, Threat Grid sample […]

September 15, 2016


Protecting against the latest variant of H1N1

This is the third and final installment in our technical analysis of the H1N1 loader. In case you missed it, my colleague Josh Reynolds peeled apart the latest variant of H1N1 and analyzed its obfuscation tactics and techniques in the first blog, and in the second blog provides deep technical analysis of its execution. While […]