NorthSec 2022

Abhay Bhargav

bhay Bhargav is the Founder of we45 and Chief Research Officer at AppSecEngineer, a focused Application Security Company. Abhay is a builder and breaker of applications.

He is the Chief Architect of "Orchestron", a leading Application Vulnerability Correlation and Orchestration Framework.

He has created some pioneering works in the area of DevSecOps and AppSec Automation, including the world’s first hands-on training program on DevSecOps, focused on Application Security Automation. In addition to this, Abhay is active in his research of new technologies and their impact on Application Security, namely Containers, Orchestration and Serverless Architectures. Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His trainings have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA, SHACK and so on.

  • AppSec Block
  • Hook, Line and Sinker - Pillaging API Webhooks
Alexis Dorais-Joncas

Hired by ESET in 2010, Alexis Dorais-Joncas worked as a Malware Researcher, then as Security Intelligence Team Lead. In 2015, Alexis Dorais-Joncas was appointed head of ESET’s R&D branch office located in Montreal. He and his team focus on cutting edge malware research, network security and targeted attacks tracking in order to shed light on the latest trends and developments in the malware ecosystem and implement efficient and innovative countermeasures to allow ESET customers to be safer online.

  • Malware Block
  • Jumping the air gap: 15 years of nation-state efforts
Andreanne Bergeron

Andréanne Bergeron is a cybersecurity researcher at GoSecure. She is also a Ph.D. candidate at the School of Criminology of the Université de Montréal and recipient of the prestigious Vanier scholarship. She also specialized in other types of cybercrime as she worked as the coordinator of the Darkweb and Anonymity Research Center.

  • Tell me where you live and I will tell your P@ssw0rd: Understanding the macrosocial factors influencing password’s strength
  • Privacy Block
Asheer Malhotra

Asheer Malhotra is a threat researcher specializing in malware analysis, reversing, detection technologies and threat disclosures within Talos. He has been researching malware threats for about a decade now at FireEye, Intel, McAfee and now at Talos. His key focus is tracking nation state attacks (APTs) across the world. Asheer holds an M.S in Computer Science with a focus on Cyber Security.

  • Malware Block
  • MuddyWater: From Canaries to Turkeys
Caspian Kilkelly

Caspian Kilkelly is a senior consultant with CrowdStrike's Canadian services team. Caspian's career highlights include a variety of roles over 20 years that usually end in the word "security" or the word "consultant". Caspian has worked with the security teams of a variety of different companies across North America and Europe as an incident responder, advisor and exercise lead. In his spare time, Caspian helps organize cybersecurity conferences you've probably never heard of.

  • 10 Things I wish I knew before my first incident
  • Detection & Response Block
Christian Paquin

Christian is a Principal Program Manager in Microsoft Research’s Security and Cryptography team. For the last 20 years, Christian has been living at the edge of academic research and industry, with a focus on privacy-preserving identity technologies (notably, U-Prove). Christian joined the COVID response effort, and helped with the design of the SMART Health Card framework; he contributed to the specification, and co-implemented the developer tools to validate SHC implementations. Post-quantum cryptography and zero-knowledge proofs otherwise keep him busy. Based in DC, Christian is always happy to visit his native Montreal.

  • Privacy-friendly QR codes for identity
  • Cryptography Block
Émilio Gonzalez

Émilio works in a blue team at a large Canadian organization. He loves to participate in CTFs and create challenges to introduce people to some defensive aspects of CyberSecurity. He's a co-organizer for MontréHack, a monthly CTF workshop in Montréal (duh). If you see him in a bar someday, do not approach him or he'll probably start a rant about tabs being the superior indentation character or about how cars ruin cities.

  • Detection & Response Block
Eric Chiang

Eric is an Engineer on Google’s Enterprise Infrastructure Protection team, where he builds systems to scale internal security processes. He’s previously worked on Linux fleet security at Google, upstream Kubernetes, and Cloud authentication systems.

  • The road to BeyondCorp is paved with good intentions
  • Detection & Response Block
Facundo Munoz

Malware researcher at ESET.

  • Jumping the air gap: 15 years of nation-state efforts
Georges-Bastien Michel

Georges-B Michel is the founder and principal security researcher at Reversense. He worked on many security topics including deobfuscation, DBI, Android RASPs bypass, TEE/TA reversing, web application security, and secure coding. Since 2018, he develops several public OSS and private projects such as Interruptor (a Frida library to improve syscall hooking) and Dexcalibur (a mobile reverse engineering and instrumentation automation software). He talked at several security conferences including Insomni'hack, SSTIC, THC, and PassTheSalt.

  • Reverse and bypass of modern Android runtime protections [FR]
Guillaume Ross

Guillaume is Head of Security at Fleet Device Management, the company behind the open source Fleet management platform for managing and using osquery. While he prefers working in startups, he’s been working in security forever in organizations of all types, and prefers looking at the bright side of things and things that WORK instead of repeating 30 year old « best practices » that never have!

  • Fleet and osquery - open source device visibility
  • Detection & Response Block
Joëlle-Alexandra Desmarais

Joëlle-Alexandra Desmarais-Lauzon is a graduate of HEC Montreal in business administration and holds a master's degree in software engineering from the Université de Sherbrooke.

Formerly with Deloitte, she has made her mark by holding numerous positions as an IT security consultant for several large Canadian institutions. She worked for Ubisoft as a security manager and led many topics such as IAM, business continuity, disaster recovery and security awareness. Joëlle now works as a Security Director, implementing security practices from the ground up, for a Montreal-based fin-tech disrupting the mortgage market.

Alongside her professional career, she is involved in various initiatives to promote women's leadership in IT.

She is also the co-founder of a small balcony optimization company, Demain Dimanche, whose products are proudly made in Montreal.

  • AppSec Block
Léanne Dutil

Léanne is a security engineer at Google focusing on reverse engineering and threat intelligence. Recently graduated from ÉTS, she participated in multiple CTF and security related events with the DCIÉTS group. She has experimented with tooling, pentesting and threat hunting during her years as a student. Now focusing on reverse engineering, she is always happy to share her expertise and insight.

  • A snapshot of Doplik: Unwanted Software using serialized JavaScript bytecode as an anti-analysis technique
  • Malware Block
Lex Gill

Lex Gill is a lawyer at a groundbreaking Montreal firm known for class actions and public interest litigation in areas like human rights, environmental law, and corporate accountability. She is also an affiliate at the Citizen Lab, where she supports the organization’s work on issues like freedom of expression, equality, and surveillance. Lex teaches part-time at McGill University’s Faculty of Law, and has worked for organizations that include the Supreme Court of Canada (as clerk to the Chief Justice), the Canadian Civil Liberties Association, and the Canadian Internet Policy and Public Interest Clinic.

  • Privacy Block
Lisandro Ubiedo

Lisandro Ubiedo is part of the Cybersecurity Research team at GoSecure. Passionate about all things malware – from reverse-engineering to catching them on-the-go – and doing DevOps to keep attackers entertained. Lisandro also works on programming tools to aid malware analysis and cybersecurity research. He was part of the Aposemat team at Stratosphere Labs doing IoT malware research and as a DevSecOps engineer in multiple companies, while also enjoying CTF challenge solving.

  • The Risks of RDP and How to Mitigate Them
  • Red Team Block
Marc-Etienne M.Léveillé

Marc-Etienne is a malware researcher at ESET since 2012. He specializes in malware attacking unusual platforms, whether it’s fruity hardware or software from south pole birds. Marc-Etienne focused his research on the reverse engineering of server-side malware to discover their inner working and operation strategy. His research led to the publication of the Operation Windigo white paper that won Virus Bulletin’s Peter Szor Award for best research paper in 2014. He presented at multiple conferences including RSAC, FIRST, 44con, CARO, SecTor and Linuxcon Europe. When he’s not one of the organizers, he loves participating in CTF competitions like a partying gentleman. Outside the cyberspace, Marc-Etienne plays the clarinet and read comics. He tweets randomly from @marc_etienne_.

  • Malware Block
Martin Dubé

Passionate about hacking for 15 years, Martin has developed a strong interest in technical challenges: development of malware, evasion of defense controls and process automation. For seven years he was involved as a designer of capture the flag challenges for Hackfest and for one year for the NorthSec (Remember Neurosoft Windows track?). During the day, Martin lead a large team of ethical hackers, one meeting at a time. His goal? Follow the innovation path so that offensive security talents are better used in businesses.

  • Red Team Block
Maya Kaczorowski

Maya is a Product Manager at Tailscale, providing secure networking for the long tail. She was previously at GitHub in software supply chain security, and before that at Google working on container security and encryption key management. Prior to Google, Maya worked at McKinsey, and studied mathematics at McGill University.

  • The road to BeyondCorp is paved with good intentions
  • Detection & Response Block
Michael Geist

Dr. Michael Geist is a law professor at the University of Ottawa where he holds the Canada Research Chair in Internet and E-commerce Law and is a member of the Centre for Law, Technology and Society. He regularly appears in the Globe and Mail, is the editor of several monthly technology law publications, and the author of a popular blog on Internet and intellectual property law issues. Dr. Geist serves on many boards, including Ingenium, Internet Archive Canada, and the EFF Advisory Board. He was appointed to the Order of Ontario in 2018 and has received numerous awards for his work including the Kroeger Award for Policy Leadership and the Public Knowledge IP3 Award in 2010, the Les Fowlie Award for Intellectual Freedom from the Ontario Library Association in 2009, the EFF’s Pioneer Award in 2008, and Canarie’s IWAY Public Leadership Award for his contribution to the development of the Internet in Canada.

  • What Lies Behind Canada’s Internet Regulation Reversal?
  • Privacy Block
Nate Warfield

Nate has been a hacker since he first laid hands on a 2400 baud modem. After his first hack of a dial-up BBS at 12, he was hooked and over the following 25 years he sharpened his skills through jobs in network engineering, vulnerability response, endpoint research and side projects - hacking phones & researching network attack surface. After a record-setting 4.5 years shipping Windows patches for the Microsoft Security Response Center and a brief stint in Windows Defender ATP, he is currently the Chief Technology Officer of Prevailion. He was featured in WIRED magazines’ “25 people doing good in 2020” for his role in starting CTI League, a volunteer group of InfoSec professions who provided threat intelligence to hospitals during COVID-19.

  • I am become loadbalancer, owner of your network
  • AppSec Block
Olivier Bilodeau

Olivier Bilodeau is leading the Cybersecurity Research team at GoSecure. With more than 10 years of infosec experience, he enjoys luring malware operators into his traps, writing tools for malware research and vulnerability research. Olivier is a passionate communicator having spoken at several conferences including BlackHat, Defcon, Botconf, NorthSec, Derbycon, and HackFest. Invested in his community, he co-organizes MontréHack, a monthly workshop focused on hands-on CTF problem solving, and NorthSec, a large non-profit conference and CTF based in Montreal.

  • Capture-The-Flag 101
  • The Risks of RDP and How to Mitigate Them
  • Red Team Block
Philippe Arteau

Philippe is a security researcher working for GoSecure. His research is focused on Web application security. His past work experience includes pentesting, secure code review and software development. He is the author of the widely used Java static analysis tool OWASP Find Security Bugs (FSB). He is also a contributor to the static analysis tool for .NET called Security Code Scan. He built many plugins for Burp and ZAP proxy tools: Retire.js, Reissue Request Scripter, CSP Auditor and many others. Philippe has presented at several conferences including Black Hat Arsenal, SecTor, AppSec USA, ATLSecCon, NorthSec, and 44CON.

  • Web Application Firewall Workshop
Philippe Lamontagne

Philippe Lamontagne is a research officer in the cyber security team of the
National Research Council. He received his PhD from Université de Montréal in
2018. His areas of expertise are cryptography and quantum information. He
studies the use of quantum information for cryptographic tasks from lesser
assumptions and the provable security of cryptographic protocols against quantum
adversaries. He also has interest in the security of classical cryptography
against quantum adversaries, also known as post-quantum cryptography, and in
cryptographic solutions to privacy.

  • Formalizing the right to be forgotten: law meets crypto
  • Privacy Block
Pierre-David Oriol

Pierre-David has more than 15 years of experience in cybersecurity, with a strong technical background in software engineering for security products, payment, smart cards and cryptographic key management systems.

He is also known as one of the key original NorthSec members, where he created the infamous Smart Card track for three consecutive years, including some very unique cryptographic challenges. He is also the founder of the conference part of the event and acted as a VP Conference until he assumed the presidency of NorthSec in 2018 and 2019.

In his professional life, after multiple years of working in security architecture, he joined a local security product startup in 2016 named Delve where he led the product management effort, and today continues to work at the intersection of product, vision and cybersecurity, at SecureWorks on the Taegis platform.

  • Cryptography Block
Rolland Winters

Rolland Winters is an army reservist and team lead for the cyber protection team at 34 Signal Regiment in Montreal. He is also a full-time SOC analyst for the Commissionnaires du Québec in their cyber security department (VYGL). He has a diverse background, with professional experience in military radio and satellite systems, IOT, smart home automation, CCT/security systems, web application development, and information security. He is currently working on his OSCP and GCIA certifications.

  • Passive recon & intelligence collection using cyber-squatted domains
  • Red Team Block
Suweera De Souza

Suweera is an enthusiast when it comes to reversing malware and enjoys diving as deep as the hex bytes allow her to. Currently she works as a Senior Security Researcher at CrowdStrike, where she continues to hack away at code.

  • Blackhoodie at NorthSec 2022 - Getting cosy with Malware Static Analysis
  • Malware Block
  • Blackhoodie at NorthSec 2022 - Getting cosy with Malware Static Analysis - Day 2
Vickie Li

Vickie Li is an experienced web developer with an avid interest in security research. She is also the author of Bug Bounty Bootcamp. She can be found on, where she blogs about security news, techniques, and her latest bug bounty findings. She also hosts “Security Simplified”, a developer education series focusing on web security:

  • I thought writing a technical book was supposed to be fun?!!
  • AppSec Block
Vitor Ventura

Vitor Ventura is a Cisco Talos security researcher and manager of the EMEA and Asia Outreach team. As a researcher, he investigated and published various articles on emerging threats. Most of the day Vitor is hunting for threats, reversing code but also looking for the geopolitical and/or economic context that better suits them. Vitor has been a speaker in conferences, like VirusBulletin, NorthSec, Recon, Defcon’s Crypto and Privacy Village, among others.
Prior to that he was IBM X-Force IRIS European manager where he was lead responder on several high profile organizations affected by the WannaCry and NotPetya infections. Before that he did penetration testing at IBM X-Force Red, where Vitor led flagship projects like Connected Car assessments and ICS security assessments, custom mobile devices among other IoT security projects. Vitor holds a Bsc in Computer Science and multiple security related certifications like GREM (GIAC Reverse Engineer Malware), CISM (Certified Information Security Manager).

  • MuddyWater: From Canaries to Turkeys
Yash Bharadwaj

Yash Bharadwaj, CTO and Senior Security Researcher at CyberWarFare Labs [Incubated by IIT Kanpur]. With his expertise of 4+ years in Red Teaming, he is highly attentive towards finding, learning and discovering new TTP’s used during offensive engagements, he is a Subject Matter Expert on Active Directory Attacks. His area of interest includes (but not limited to) evading AVs, EDRs, Active Directory infrastructure and Advance Windows & cloud-based attacks. He has done various on-site / remote Red Team engagements in MNCs, government agencies etc. Previously he has delivered hands-on red team trainings at BSIDES Ahmedabad, OWASP Seasides 19, Red & Blue Team Training at BSIDES Delhi and BSIDES Connecticut (USA), OWASP APPSEC Indonesia 20, CISO Platform 21. He has delivered Cyber Security Trainings in Asia’s largest Information Security Conference Nullcon 21. You can reach out to him on Twitter @flopyash

  • Advanced Process Injection Techniques
Yolan Romailler

Yolan is an applied cryptographer delving into (and dwelling on) cryptography, secure coding, blockchains technologies and other fun things such as self-sovereign identities or digital currencies. He has previously spoken at Black Hat USA, BSidesLV, Cryptovillage, NorthSec, GopherConEU and DEF CON on topics including automation in cryptography, public keys vulnerabilities, elliptic curves, post-quantum cryptography, functional encryption, open source security, and more! He notably presented at FDTC the first known practical fault attack against the EdDSA signature scheme.
Yolan tweets as @anomalroil.

  • Public, verifiable, and unbiasable randomness: wassat?
  • Cryptography Block
Yossi Weizman

Yossi Weizman is a Senior Security Researcher in the Cloud Security Research team at Microsoft. He has 10 years of experience in the security research field, starting in the Israeli military. In his current role, Yossi’s main focus is container security. Yossi holds a B.Sc. in Computer Science from Bar-Ilan University.

  • From the cluster to the cloud and back to the cluster: Lateral movements in Kubernetes
  • AppSec Block
Yuriy Arbitman

As a data scientist in Imperva, I develop machine learning solutions for various cyber security projects.
I'm fascinated by the wonders that data science and machine learning bring to the world. The wealth of open-source frameworks enable us to build systems today at scale and ease unthinkable just several years ago.
In the last 20+ years I've been working in the hi-tech industry in Israel. I am lucky to have worked for several great companies in engineering, management and research positions.
I hold an M.Sc. in Computer Science from the Weizmann Institute in Israel.

  • Obfuscation classification via Machine Learning
  • Detection & Response Block