Past Events



Sesssions


- Schedule Not Yet Finalized '

Detecting AWS Control Plane Abuse in an Actionable Way Using Det{R}ails

Monitoring events will always be a big challenge for defensive teams. Now, with the increasing adoption of cloud by enterprises, new data sources are needed to monitor these services and detect security incidents. In the AWS Cloud ecosystem, the primary source of visibility of the control plane activities is called CloudTrail. Leveraging CloudTrail allows you […]

Tools
Felipe Espósito
Rodrigo Montoro
- Schedule Not Yet Finalized '

BHPD: BlueHound Path Destroyer

No, this is not a talk about the Beverly Hills Police Department. It is about a new tool that I built based on a methodology I developed for Destroying Active Directory Attack Paths found by BloodHound. This talk will cover the methodology and the various options that the script provides. All the features are aimed […]

Tools
Mathieu Saulnier
- Schedule Not Yet Finalized '

Achieving PyRDP 1.0 – The Remote Desktop Pwnage MITM and Library

Remote Desktop Protocol (RDP) is the de facto protocol to remotely access Windows systems. Two years ago, we released PyRDP, a free and open-source RDP Monster-In-The-Middle (MITM) tool to tangibly demonstrate some of RDP’s common misconfigurations and associated risks. Since then, more RDP servers are exposed online and Microsoft’s RDP implementation has been the target […]

Tools
Alexandre Beaulieu
- Schedule Not Yet Finalized '

Are You Doing It Wrong? Highlights into Cybersecurity Quandaries

Statistics are speaking loudly! There is a disconnection between defenders’ perceptions of the value of the security controls they implement, and the most common attack vectors leveraged by penetration testers acting as potential attackers. This presentation highlights the key results of a two-year-long research study aimed at understanding this disconnection. The perceptions and practices of […]

Management
Masarah Paquet-Clouston
Laurent Desaulniers
- Schedule Not Yet Finalized '

Automating Intuition: Digging for Gold in Network Data with Machine Learning

Intuition, acquired through years of experience, is what sets experts apart from novices. Intuition is the ability to look at a large amount of information, quickly spot interesting items, and dismiss the rest. In the case of security audits, intrusion testers typically face hundreds, or even thousands, of assets early in an engagement. Their ability […]

Tools
Serge-Olivier Paquette
- Schedule Not Yet Finalized '

Recon – The Road Less Traveled

Whether you do Pentesting or Bug Bounty Hunting, Recon is an important phase for expanding your scope. However, not everyone does that as they are busy filling forms with random payloads. Effective Recon can often give you access to assets/boxes that are less commonly found by regular Pentesters or Bug Hunters. More assets mean more […]

Tools
Rohan Aggarwal
- Schedule Not Yet Finalized '

Heroku Abuse Operations: Hunting Wolves in Sheep’s Clothing

Abuse Operations, theft of services, and violation of acceptable usage does not get the spotlight it deserves because ultimately, the systems in question are “working as designed”. It is within these “cracks” that the abusers, the malicious users, and outright criminals operate their tools, campaigns, and other questionable interests. We will highlight how they are […]

Tech
Allan Stojanovic
Spencer Cureton
- Schedule Not Yet Finalized '

Getting Rid of Passwords with FIDO2 and W3C WebAuthn

Most security experts would agree that password-based authentication is dead. The FIDO2 standard aims to replace passwords entirely and there is a good deal of chance that it will succeed. It has gained significant momentum in the past year, as key players like Microsoft, Apple, Google, and Mozilla started to jump on board. This talk […]

Tech
Michael Grafnetter
- Schedule Not Yet Finalized '

A DECEPTICON and AUTOBOT Walk into a Bar: Python for Enhanced OPSEC

When we see the terms Natural Language Processing (NLP) or Machine Learning (ML), often, our guts are correct, and it is vendor marketing material, frequently containing FUD. After tinkering with various libraries in Python and R with the use of some OSINT and SOCMINT techniques, I have found a use for NLP and ML that […]

Tech
Joe Gray
- Schedule Not Yet Finalized '

Active Directory Database Security

How are passwords stored in Microsoft’s Active Directory and how can they be audited? What could an adversary do if they gained access to either a physical or a virtual hard drive of a domain controller? In what ways could one directly modify an Active Directory database file and how can such unauthorized changes be […]

SECurity FUNdamentals
Michael Grafnetter
- Schedule Not Yet Finalized '

Ransomware Attacks: Do’s & Don’ts

Ransomware attacks are prevalent. The actions taken by a company immediately after a ransomware attack can have major implications on their ability to restore operations. This talk will clearly explain which actions should be taken, and which actions might unintentionally cause an organization much more trouble. This talk will go through a series of Do’s […]

SECurity FUNdamentals
Julian Pileggi
- Schedule Not Yet Finalized '

Can’t Stop This Train – Top Cases in Privacy Litigation

One of the core purposes of cybersecurity is to protect data gathered by an organization. Numerous countries around the world have enacted statutes to force organizations to protect their users’ data. Although organizations are making efforts to comply with regulations and implementing revolutionary cybersecurity products into their operations, we continue to see breaches of businesses […]

Management
Stanislav Bodrov
- Schedule Not Yet Finalized '

I Promise It’s Not a Computer: Power Grids, Online Voting, and the Lies We Tell

This talk showcases lessons learned from firsthand experience implementing everything from power transmission systems, smart meters, first responder radio systems, voting and election software to building automation (doors, HVAC, etc). We are increasingly asked to believe “that’s not IT” for a variety of reasons. This talk covers all the reasons, lies and how to deescalate […]

Management
Mark Dillon

Sponsors


Check Point

Diamond

Qualys

Diamond

CrowdStrike

Gold+

ExtraHop Networks, Inc.

Gold+

Blackberry Cylance

Gold

Cisco

Gold

GoSecure

Gold

Optiv

Gold

Rapid7

Gold

Securonix

Gold

AGARI

Silver

Anomali

Silver

Bell

Silver

BeyondTrust

Silver

Calian

Silver

Cofense

Silver

Hackerone

Silver

iSecurity Consulting Inc.

Silver

Kenna Security

Silver

Keyfactor

Silver

ManageEngine

Silver

NETSCOUT

Silver

Netskope

Silver

OneTrust

Silver

Risk IQ

Silver

Security Compass

Silver

Thales

Silver

Trend Micro

Silver

Veracode

Silver

Zscaler

Silver

3M

Bronze

Arctic Wolf

Bronze

Attivo Networks

Bronze

BitSight

Bronze

BSI Group Canada

Bronze

CDW Canada

Bronze

CIRA

Bronze

Compass Security

Bronze

CyberArk Software Inc.

Bronze

Datex Inc.

Bronze

Detectify

Bronze

Devolutions

Bronze

DUO

Bronze

ESET

Bronze

exabeam

Bronze

Forescout

Bronze

Herjavec Group

Bronze

Ingram Micro Inc.

Bronze

Kaspersky Lab

Bronze

McAfee

Bronze

Speakers


Felipe Espósito

Felipe Espósito

Senior Researcher


Felipe "Pr0teus" Espósito graduated in Information Technology at UNICAMP and has a master's degree in Systems and Computing Engineering by COPPE-UFRJ, both among the top technology universities in Brazil. He has over ten years of experience in information security and IT, with an emphasis on security monitoring, networking, data visualization, and threat hunting. He is a founder of the HackerMakerSpace in Rio de Janeiro and has presented at respected conferences such as Hackers 2 Hackers Conference, BHACK, BSides (Las Vegas and São Paulo), FISL, Latinoware, and SANS SIEM Summit.

Rodrigo Montoro

Rodrigo Montoro

Security Researcher


Rodrigo Montoro has over eighteen years of experience in the information security and technology markets. Currently he is Senior Security Research at Tenchi Security. Most of his work has been focused on endpoint security monitoring and hardening, network security monitoring and threat detection. He is the inventor of two patents related to techniques for the detection of malicious documents and traffic. He co-founded and coordinated the rules writing activities of the Brazilian community for Snort, a widely used open-source tool for networking intrusion detection. Montoro is also an accomplished international [...]

Mathieu Saulnier

Mathieu Saulnier

Adversary Detection Team Lead, Bell Canada


Mathieu Saulnier is a “Security Enthusiast” ©@h3xstream. He has held numerous positions as a consultant within several of Quebec’s largest institutions. For the last 6 years he has been focused on setting up SOC and has specialized in detection (Blue Team), content creation and mentorship. He currently holds the title of Senior Security Architect and acts as Adversary Detection Team Lead and Threat Hunting Team Lead for Bell Canada, one of Canada’s largest carriers. He loves to give talks and has had the honour of doing so at GoSec, BSidesCharm, [...]

Alexandre Beaulieu

Alexandre Beaulieu

Security Researcher


Alexandre is a Security Researcher working for GoSecure. His area of expertise is reverse engineering, binary exploitation, and tool development. His previous experience as a software developer covers a broad spectrum of topics ranging from low-level systems and binary protocols to web applications. Prior to joining the research team, Alexandre spent time as an Ethical Hacker honing his offensive security skills. His areas of interest include binary analysis, compiler theory and systems programming. Alexandre gives back to the Montréal infosec community by volunteering his time, contributing workshops, and designing application [...]

Masarah Paquet-Clouston

Masarah Paquet-Clouston

Security Researcher


Masarah Paquet-Clouston is a PhD student in criminology, a security researcher at GoSecure and a collaborator of the Stratosphere IPS project. She is also part of the outreach committee for the NorthSec organization. With her background in economics, criminology, and now cybersecurity, she specializes in the study of crime and technology. She has presented at various international conferences including Black Hat USA, DefCon, RSA, Sector, CERT-EU, HackFest, and Virus Bulletin.

Laurent Desaulniers

Laurent Desaulniers

Director of Penetration Testing, GoSecure


Laurent is the Director of Penetration Testing for GoSecure. He has conducted over 400 pentesting and red team engagements over the span of 10 years and is still enthusiastic about it. Laurent is also a challenge designer for Northsec and has given talks to RSA, CQSI, NCFTA, HackFest, RSI, Montrehack, Owasp Montreal and Northsec. Besides security, Laurent is interested in Lockpicking, magic and pickpocketing.

Serge-Olivier Paquette

Serge-Olivier Paquette

Research Lead, Delve


Serge-Olivier Paquette is Lead Researcher in Artificial Intelligence and Cybersecurity at Delve. His research focuses on the ability to infer, through machine learning, the context of security events from incomplete information. He also serves as Executive VP for Northsec, a non-profit organization that hosts a series of world-class technical cyber security events, held annually in Montreal.

Rohan Aggarwal

Rohan Aggarwal

Security Researcher


Rohan Aggarwal is a full-time Bug Bounty hunter (HackerOne and Synack). He has found security vulnerabilities in big companies like Yahoo, Twitter, Goldman Sachs, Matomo, BrickFTP, and Pixiv. He has attended various live hacking events such as HackerOne h1-2004 and BountyBash. Rohan previously worked as an Offensive Security Analyst at TCS where he did Web/Mobile Pentesting, IOT and Automotive Security. He presented at SecTor 2019 (Car Hacking on Simulation) and at Microsoft’s Azure Bootcamp and has delivered training on IOT, Web Application and Cloud Hacking.

Allan Stojanovic

Allan Stojanovic

Lead Security Engineer, Heroku


Allan has survived IT for over 25 years. He has worked in nearly every vertical doing many different roles, mostly in the Information Security field. A jack of all trades, he tries to know a little bit about everything, and is a self-proclaimed expert at nothing.

Spencer Cureton

Spencer Cureton

Abuse Operations, Heroku


Spencer has a background in electrical engineering and started his career working in industrial control systems, providing services from support to live plant migrations. He managed to get into Information Security in 2016 and enjoys life as an Internet Mall Cop working on the Abuse Operations team at Heroku.

Michael Grafnetter

Michael Grafnetter

IT Security Researcher and Trainer


Michael Grafnetter is an expert on Active Directory security who works as a consultant, trainer, and researcher. He is best known as the author of the open-source Directory Services Internals (DSInternals) PowerShell module and Thycotic Weak Password Finder, tools used by security auditors and penetration testers worldwide. He holds a master’s degree in Software Engineering and is a former Microsoft MVP. Michael has spoken at many conferences, including Black Hat Europe, HipConf New York, and BSides Lisbon.

Joe Gray

Joe Gray

Senior OSINT Specialist


Joe Gray is currently a Senior OSINT Specialist at Qomplx, Inc. He previously maintained his own blog and podcast called Advanced Persistent Security. Joe is currently finishing a social engineering and OSINT book with NoStarch press, due for publication in Fall 2020. Joe is the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. As a member of the Password Inspection Agency, he placed 2nd in the HackFest Quebec Missing Persons CTF powered by TraceLabs, 2nd in the BSides Atlanta OSINT [...]

Julian Pileggi

Julian Pileggi

Technical Manager, Mandiant


Julian Pileggi is a Technical Manager at Mandiant, based in Toronto, Canada. His areas of expertise include enterprise incident response, digital forensics, threat hunting and security operations centre team development. Prior to his employment at Mandiant, Julian worked at a large financial institution within the security operations and incident response team.

Stanislav Bodrov

Stanislav Bodrov

Civil Litigator


Stas is a civil litigator focusing on insurance-related disputes. He has a broad range of experience including commercial disputes, subrogation, cyber liability, and privacy law. Stas assists companies with their risk management efforts, advises them on their cyber security and privacy policies and procedures, and assists with managing data breaches and subsequent litigation.

Mark Dillon

Mark Dillon

VP of IT, Waterloo North Hydro


Mark Dillon is the Vice President of IT for Waterloo North Hydro, a power distribution company in the Waterloo Region with approximately 57k customers. Over the past ten years, Mark has been working with intelligent communities, next generation wireless, such as fibre networks, as well as IoT across utility, critical infrastructure, first responders and municipalities. By playing a role in critical infrastructure (private, public, education and utility sectors), Mark has gained a unique perspective of how communications technology, urban planning and artificial intelligence present an opportunity for substantial change. He [...]