In 2017 we introduced a track of workshops running along the conference.
NorthSec gathered around 600 infosec professionals, students and enthusiasts that year.
The theme was Rao’s Rigged Elections.
Top 3 were:
- KEYNOTE: Playing Through the Pain: The Impact of Dark Knowledge and Secrets on Security and Intelligence Professionals by Richard Thieme
- Hack Microsoft Using Microsoft Signed Binaries by Pierre-Alexandre Braeken
- Attacking Linux/Moose Unraveled an Ego Market by Masarah Paquet-Clouston & Olivier Bilodeau
- BearSSL: SSL For all Things by Thomas Pornin
- Hacking POS PoS Systems by Jackson Thuraisamy & Jason Tran
- Backslash Powered Scanning: Implementing Human Intuition by James Kettle
- Don’t Kill My Cat by Charles F. Hamilton
- Stupid RedTeamer Tricks by Laurent Desaulniers
- Murder Mystery – How Vulnerability Intelligence is Poisoning your Information Security Program by Gordon MacKay
- Introduction to Assembly Language and Shellcoding by Charles F. Hamilton & Peter Heppenstall
- Automating Detection, Investigation and Mitigation with LimaCharlie by Maxime Lamothe-Brassard
- Script Engine Hacking For Fun And Profit by Jean-Marc Le Blanc & Israël Hallé
- Cracking Custom Encryption – An Intuitive Approach to Uncovering Malware’s Protected Data by Pavel Asinovsky & Magal Baz
In 2016 we introduced training sessions before the conference growing NorthSec into a whole week event. The NorthSec security festival was born. We also gave a badge to every conference and competition attendee.
In 2016, NorthSec gathered around 500 infosec professionals, students and enthusiasts.
The theme was the leaks around Marcus Madison’s Bakery.
Top 3 were:
- KEYNOTE: How Anonymous (narrowly) Evaded the Cyberterrorism Rhetorical Machine by Gabriella Coleman
- The New Wave of Deserialization Bugs by Philippe Arteau
- Applying DevOps Principles for Better Malware Analysis by Olivier Bilodeau & Hugo Genesse
- Practical Uses of Program Analysis: Automatic Exploit Generation by Sophia D’Antoine
- CANtact: An Open Tool for Automotive Exploitation by Eric Evenchick
- Bypassing Application Whitelisting in Critical Infrastructures by René Freingruber
- Inter-VM Data Exfiltration: The Art of Cache Timing Covert Channel on x86 Multi-Core by Etienne Martineau
- Analysis of High-level Intermediate Representation in a Distributed Environment for Large Scale Malware Processing by Eugene Rodionov & Alexander Matrosov
- Real Solutions From Real Incidents: Save Money and Your Job! by Guillaume Ross & Jordan Rogers
- Security Problems of an Eleven Year Old and How to Solve Them by Jake Sethi-Reiner
- Android – Practical Introduction into the (In)Security by Miroslav Stampar
- Hide Yo’ Kids: Hacking Your Family’s Connected Things by Mark Stanislav
- Law, Metaphor and the Encrypted Machine by Lex Gill
- Stupid Pentester Tricks by Laurent Desaulniers
- Not Safe For Organizing: The state of targeted attacks against civil society by Masashi Crete-Nishihata & John Scott-Railton
In 2015 we added a two-day conference to the event and gave a hardware badge per CTF team.
NorthSec gathered around 400 infosec professionals, students and enthusiasts that year.
The theme was the revolution against Rao’s intricate Kingdom.
- KEYNOTE: Privacy, Surveillance & Oversight by Chris Prince - Office of the Privacy Commissioner of Canada
- Breaking PRNGs: A predictable talk on Pseudo Random Number Generators by Philippe Arteau
- 2 years of Montréhack: the local CTF training initiative by Olivier Bilodeau
- The Sednit Group: “Cyber” Espionage in Eastern Europe by Joan Calvet
- CHEKS, Complexity Science in Encryption Key Management by Jean-François Cloutier & François Gagnon
- Hopping on the CAN Bus by Eric Evenchick
- EMET 5.2 - armor or curtain? by René Freingruber
- Bitcoin: Putting the “pseudo” back in pseudonymous by Mathieu Lavoie
- DDoS: Barbarians At The Gate by Dave Lewis
- TextSecure: Present and Future by Trevor Perrin
- The Uroburos case: analysis of the tools used by this actor by Paul Rascagnères
- Object Oriented Code RE with HexraysCodeXplorer by Eugene Rodionov
- CTF or WTF? by Guillaume Ross
- Threat Modeling for the Gaming Industry by Robert Wood
- Why You Should (But Don’t) Care About Mainframe Security by Phil “Soldier of Fortran” Young
- Philippe Arteau: Rosetta Flash And Why Flash Is Still Vulnerable…
- Joan Calvet & Paul Rascagnères: Totally Spies!
- Guillaume Ross: iOS App Analytics And Your Privacy
In 2014, NorthSec gathered around 300 infosec professionals, students and enthusiasts.
The theme was the Associated Nation Organization (ANO)
For the first year of NorthSec, we were hosted at ÉTS University in Montreal
NorthSec gathered around 150 infosec professionals, students and enthusiasts that year.
The theme was Onionotar, a parody of a Certificate Authority
NorthSec is the spiritual child of the HackUS competition hosted at Université de Sherbrooke in 2010 and 2011. The first Hacker Jeopardy — in the format you are familiar with at NorthSec — happened at HackUS in 2011 from a desire to have a break and a social event during the CTF.