2025-09-25 –, Stage 1
Administrators are meant to take care of your systems but what happens when they go rogue?
In this gripping incident response case study, we take you behind the scenes of a real-world insider threat that targeted internal systems. What began as suspicious access patterns on the network led to the uncovering of a calculated and deeply damaging betrayal from within.
The threat eventually became victim of his own attack.
Hendrik Noben is the co-founder of Resilix, focusing on cyber incident management and practical security assessments that lead to strategic guidance. As trusted advisor, provinding a pragmatic and people-aware approach to modern security challenges. Hendrik brings a hands-on background as a penetration tester and security architect. He is also the (co-)founder of BSides Limburg, a community-driven security event in Belgium.
I am a cyber architect and incident responder by trade, chaos manager by necessity, and coffee addict by choice. Based in Belgium, he’s one of the co-founders of Resilix, where I help organizations stay cool during digital fires — from ransomware to insider threats and everything in between.
Over the years, I have seen my fair share of breaches, panic rooms, and “uh-oh” moments. I thrive in high-pressure situations where quick thinking, clear communication, and just a touch of black humor go a long way. Whether it’s containing an active attack or helping a team rebuild after the dust settles, I am all about turning messes into meaningful lessons.