Horaire des conférences

May 20 2021

Les conférences seront diffusées sur YouTube. Aucune inscription n'est nécessaire.

(EDT)
Intro (Appsec)
(EDT)
Cryptography Do's and Don't in 2021
  • Mansi Sheth Veracode Inc

(EDT)
Repo Jacking: How Github usernames expose 70,000 open-source projects to remote code injection
  • Indiana Moreau Security Innovation

(EDT)
How to harden your Electron app
  • Mitchell Cohen 1Password

(EDT)
Damn GraphQL - Attacking and Defending APIs
  • Dolev Farhi Wealthsimple

(EDT)
Discussion: Application security
  • Laurent Desaulniers

  • Indiana Moreau Security Innovation

  • Dolev Farhi Wealthsimple

  • Mitchell Cohen 1Password

  • Mansi Sheth Veracode Inc

(EDT)
Intro (Platforms & privacy)
(EDT)
Privacy Without Monopoly: Beyond Feudal Security
  • Cory Doctorow

(EDT)
Social bots: Malicious use of social media
  • Marie-Pier Villeneuve-Dubuc Commissionnaires du Québec - Cybersecurity department (VYGL)

(EDT)
AMITT Countermeasures - A Defensive Framework to Counter Disinformation
  • Roger Johnston Ubisoft

  • Sara-Jayne Terp Bodacea Light Industries

(EDT)
Discussion: Privacy, online platforms & misinformation
  • Cory Doctorow

  • Roger Johnston Ubisoft

  • Sara-Jayne Terp Bodacea Light Industries

  • Marie-Pier Villeneuve-Dubuc Commissionnaires du Québec - Cybersecurity department (VYGL)

  • Lex Gill

(EDT)
Intro (Vulnerability research)
(EDT)
Critical Vulnerabilities in Network Equipment: Past, Present and Future
  • Pedro Ribeiro Agile Information Security

(EDT)
See Something, Say Something? The State of Coordinated Vulnerability Disclosure in Canada’s Federal Government
  • Yuan Stevens Ryerson Leadership Lab and Cybersecure Policy Exchange at Ryerson University; Data & Society Research Institute

  • Stephanie Tran Ryerson Leadership Lab

  • Florian Martin-Bariteau University of Ottawa

(EDT)
dRuby Security Internals
  • Jeff Dileo NCC Group

  • Addison Amiri Shibuya Industries

(EDT)
Bypassing advanced device profiling with DHCP packet manipulation
  • Ivica Stipovic Ward Solutions

(EDT)
Discussion: Vulnerability research
  • Ivica Stipovic Ward Solutions

  • Jeff Dileo NCC Group

  • Addison Amiri Shibuya Industries

  • Yuan Stevens Ryerson Leadership Lab and Cybersecure Policy Exchange at Ryerson University; Data & Society Research Institute

  • Stephanie Tran Ryerson Leadership Lab

  • Florian Martin-Bariteau University of Ottawa

  • Pedro Ribeiro Agile Information Security

  • Rayna Stamboliyska

(EDT)
Intro (Detection engineering)
(EDT)
Data Science way to deal with advanced threats.
  • Igor Kozlov Bell Canada

(EDT)
Full Circle Detection: From Hunting to Actionable Detection
  • Mathieu Saulnier Syntax

(EDT)
Detection Engineering for Windows
  • Olaf Hartong FalconForce

  • Gijs Hollestelle FalconForce

  • Henri Hambartsumyan FalconForce

May 21 2021

Les conférences seront diffusées sur YouTube. Aucune inscription n'est nécessaire.

(EDT)
Intro (Malware)
(EDT)
CrimeOps of the KashmirBlack Botnet
  • Ofir Shaty Imperva

  • Sarit Yerushalmi Imperva

(EDT)
Unmasking the Cameleons of the Criminal Underground: An Analysis From Bot To Illicit Market Level
  • David Décary-Hétu Flare Systems

(EDT)
Hacking K-12 school software in a time of remote learning
  • Sam Quinn McAfee

(EDT)
Blurred lines - The mixing of APTs with Crimeware groups
  • Warren Mercer Cisco Talos

  • Vitor Ventura Cisco Talos

(EDT)
Discussion: Malware & geopolitics
  • Warren Mercer Cisco Talos

  • Marc-Etienne M.Léveillé

  • Vitor Ventura Cisco Talos

  • David Décary-Hétu Flare Systems

  • Ofir Shaty Imperva

  • Sam Quinn McAfee

  • Sarit Yerushalmi Imperva

(EDT)
Intro (Cloud)
(EDT)
Authentication challenges in SaaS integration and Cloud transformation
  • Evelyn Lam Morgan Stanley

(EDT)
Request Smuggling 101
  • Philippe Arteau Gosecure

(EDT)
Forensicating Endpoint Artifacts in the World of Cloud Storage Services
  • Renzon Cruz

(EDT)
Discussion: Cloud security
  • Philippe Arteau Gosecure

  • Renzon Cruz

  • Evelyn Lam Morgan Stanley

  • Max Habra Mouvement Desjardins

  • Magno Logan Trend Micro

(EDT)
Intro (security teams)
(EDT)
You're not an idiot
  • Ange Albertini

(EDT)
Security Metrics That Matter
  • Tanya Janca We Hack Purple

(EDT)
Burnout: Destabilizing Retention Goals and Threatening Organizational Security
  • Chloé Messdaghi Stand Out In Tech

(EDT)
Discussion: Security teams
  • Chloé Messdaghi Stand Out In Tech

  • Tanya Janca We Hack Purple

  • Ange Albertini

  • Joëlle-Alexandra Desmarais

(EDT)
Intro (Hardware)
(EDT)
Building CANtact Pro: An Open Source CAN Bus Tool
  • Eric Evenchick NCC Group

(EDT)
Just Add More LEDs: NSec 2018 and 2019 Badge Mods
  • Ben Gardiner

(EDT)
The 2021 badge and other surprises
(EDT)
Discussion: Hardware
  • Ben Gardiner

  • Marc-andre Labonte Desjardins

  • Eric Evenchick NCC Group

  • Geneviève Lajeunesse (denki)