NorthSec 2026

Andrew is a Senior Red Team Operator at Figment, the world’s leading independent staking infrastructure provider. With over six years of Red Team experience, Andrew brings deep expertise across offensive security, adversary simulation, and real-world attack execution.

Prior to joining Figment, Andrew held cybersecurity roles at one of Canada’s largest financial institutions, conducting advanced red team engagements and security assessments across highly complex enterprise environments.

At Figment, Andrew plans and executes red team operations, penetration tests, and targeted security assessments with a focus on initial access, execution, cloud attack surfaces, and social engineering. As an initial access and social engineering specialist, he has designed and delivered numerous successful campaigns that closely mirror real-world threat actors. Andrew’s work helps ensure Figment continuously tests and strengthens its defences ensuring that Figment's institutional customers can trust they're using the most secure staking product on the market.

I’ve built my career at the intersection of security and speed. Today, as AI agents write our code, that intersection has become the most critical frontier in technology. The challenge is no longer creation, but control: how do we secure and maintain the autonomous systems built for us?

Through our work in secure digital transformation at Pvotal, we realized the answer wasn't just better tools, but a new foundation. We needed a control plane designed for this new era.
This was the genesis of Infrastream.

Think of it as the factory floor for modern development. Developers and AI agents declare their "intent," and Infrastream's executors work to build and maintain that intent as a secure, compliant, and observable reality. Our mission is to make security an invisible, scalable, and simple-by-design layer, so teams can finally move at the speed of innovation without one off compromise.

Mr. Gardiner is an independent consultant at Yellow Flag Security, Inc. presently working to secure commercial transportation at the NMFTA and connected transportation with TMNA. With more than ten years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. Prior to YFS Inc., Mr. Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He holds a M.Sc. Eng. in Applied Math & Stats from Queen’s University. He is a DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV) volunteer. He is GIAC GPEN and GICSP certified and a GIAC advisory board member, he is also chair of the SAE TEVEES18A1 Cybersecurity Assurance Testing TF (drafting J3061-2), contributor to several ATA TMC task forces, ISO WG11 committees, and a voting member of the SAE Vehicle Electronic Systems Security Committee. Mr. Gardiner has delivered workshops and presentations at several world cybersecurity events including the Cybertruck Challenge, GENIVI security sessions, Hack in Paris, HackFest and DEF CON main stage.

Charl-Alexandre is a dedicated member of the information security community. With several years of experience as a penetration tester, he is driven by a strong passion for developing innovative tools and techniques that advance the field and contribute to the broader community.

Charles Hamilton is a Red Teamer with over twelve years of experience delivering offensive testing services for various government clients and commercial sectors. In recent years, Charles has specialized in covert Red Team operations targeting complex and highly secured environments. These operations have enabled him to refine his skills in stealthily navigating client networks without detection.

Since 2014, he has been the founder and operator of the RingZer0 Team website, a platform dedicated to teaching hacking fundamentals. The RingZer0 community currently boasts over 50,000 members worldwide. Charles is also a prolific toolsmith and trainer who has delivered this training more than 20 times, both online and onsite. He is a speaker in the InfoSec industry, known under the handle Mr.Un1k0d3r.

Christian is a security specialist in the Microsoft Research Cryptography team with a mission to bridge the gap between academic research and real-world systems. With 25 years of experience, Christian has been involved in many industry-wide initiatives such as the development of privacy enhancing identity technologies (such as anonymous credentials), the ongoing post-quantum cryptographic migration, and the Coalition for Content Provenance and Authenticity (C2PA) to fight online disinformation. Christian shares some of his work results on his blog.

Hacker

Strategic cyber threat analyst, Coline Chavane is part of the Threat Detection & Research Team of Sekoia.io.

Dirk-jan Mollema is a security researcher focusing on Active Directory and Microsoft Entra (Azure AD) security. In 2022 he started his own company, Outsider Security, where he performs penetration tests and reviews of enterprise networks and cloud environments. He blogs at dirkjanm.io, where he publishes his research, and shares updates on the many open source security tools he has written over the years. He presented previously at TROOPERS, DEF CON, Black Hat and BlueHat, is a current Microsoft MVP and has been awarded as one of Microsoft’s Most Valuable Researchers multiple times.

Émilio works at a large Canadian organization doing software development, detection engineering and incident response. He's a co-organizer of MontréHack (a monthly cybersecurity workshop) and NorthSec's VP CTF.

Outside the cybersecurity world, he's passionate about urbanism and the economics of housing. He will gladly explain how exclusionary zoning and parking mandates are the reasons you can't buy a home to anyone who dare ask.

Faan Rossouw is a security researcher at Active Countermeasures and instructs at Antisyphon Training, where he teaches courses on threat hunting and offensive security tooling. He's currently building AionSec.ai - courses designed to help security practitioners leverage AI agents in their work. Originally from South Africa, Faan is now based in Val-David, Quebec.

François Labrèche is a Principal Data Scientist at Sophos, who focuses on applying machine learning approaches to research problems related to security alerts and vulnerabilities. He focuses on using machine learning to improve the prioritization of alerts and vulnerabilities, in the context of XDR and vulnerability management. He has a Ph.D. from École Polytechnique de Montréal, and has published research papers on the topics of threat research, spam detection, malware analysis and machine learning applied to cybersecurity. He has presented at ACSAC, CAMLIS, NorthSec, BSides Montreal, University College London and École Polytechnique de Montréal, and has published papers in conferences such as the ACM CCS and eCrime.

François Proulx is the VP of Security Research at BoostSecurity.io and the co-creator of the poutine Open Source CI/CD scanner. He co-founded the "Living Off The Pipeline" (LOTP) project to describe the abuse of build tools for lateral movement. After spending years teaching defenders how to secure their workflows, he is now demonstrating how attackers are dismantling them.

Gaetan is a security researcher with a decade of experience uncovering software vulnerabilities. After establishing himself in offensive security in 2015, he transitioned to security research in 2022, bringing his hands-on expertise in application security. His track record includes uncovering significant vulnerabilities in enterprise-grade systems like Cisco Nexus and Apache HTTPD.
Gaetan loves sharing his knowledge through blog posts, speaking at conferences, or hands-on security training sessions at universities and private organizations.

Guillaume is a Cybersecurity Researcher at GitGuardian. He holds a PhD in networking. He likes looking at data and crafting packets. He co-maintains Scapy. And he still remembers what AT+MS=V34 means!

Jeremy Miller is an offensive security leader and educator, currently focused on how AI automation is reshaping adversarial capability. He spent over a decade at Offensive Security in technical and leadership roles across content development, training, and workforce development programs, bridging hands-on offensive methodology with pedagogy and strategy.

His current research, in collaboration with Sean Peters and Jack Payne, applies the METR AI task time horizon framework to realistic offensive cyber workflows, grounded by complementary human studies to measure autonomy scaling in adversarial domains.

Jeremy’s interests center on offense–defense asymmetry, empirical evaluation of autonomous systems, and translating AI security and safety research into practical implications for decision makers.

Jonathan is an Application Security Consultant that has published on the topic of threat modeling and is involved in NorthSec CTF and OWASP Montreal. He is passionate about Application Security and enjoys architecture analysis, code review, cloud security and debunking security tools. Jonathan holds a bachelor's degree in Software Engineering from ETS Montreal and has 20 years of experience in Information Technology and Security.

Josh Prager has over 13 years’ experience focusing on DoD red team infrastructure, cyber threat emulation and threat hunting. As a former threat hunter in the Federal industry, he provided various cyber threat emulation and threat hunting assessments throughout DOD environments. As a principal consultant at SpecterOps, he guides clients in developing the maturity of their detection and response programs, building their detection engineering capabilities, and ensuring detective and preventive coverage of offensive techniques.

Kristine Barbara is a security transformation leader at Ubisoft, focused on making security part of how software and games are built—not an afterthought. She has led global programs spanning security culture and behavior change at scale, blending change management and community enablement. Known for turning complex risk into actionable practice, Kristine helps teams adopt fundamental security practices across global teams.

Logan is the lead Offensive Security engineer at Huntress where he is responsible for planning and executing red team operations as well as bolstering incident response capability through purple team exercises. He has been a long time enthusiast in the security space, building a career spanning big data analytics, bug bounty, and offensive security.

Outside of his day job, Logan can often be found building and participating in CTF challenges, bug hunting in open source software, or learning new skills at conferences across the continent. He has had the honour of speaking at several DEFCON villages, NorthSec conferences, as well as multiple BSides and OWASP Ottawa events.

Mark started as an offensive security consultant and pentester, then moved to the defensive side, leading cybersecurity in various industries, including: Gaming, fintech, and biometrics. Mark is a conference speaker, holds security certifications, and taught at a bootcamp. Mark is now Director of Security Engineering at Movable Ink.

Martin is president and co-founder of Corsek, a cybersecurity consulting firm specializing in offensive security services. With over ten years of hands-on experience, he has led security engagements across diverse industries and previously served as technical lead and manager at a large organization. Through Corsek, he works to deliver practical security results that combine technical expertise with strategic value.

Max Courchesne-Mackie is a cyber security professional with over a decade of experience spanning defense, red teaming, and blockchain security. Max currently serves are a Security Architect at Figment, the leading independent staking infrastructure provider globally. He began his career in the defense industry focused on offensive security, a discipline that remains his core passion and informs his pragmatic approach to risk. Today, Max designs and reviews secure systems for the blockchain industry - an environment facing relentless, rapidly evolving threats. He partners with engineering and product teams to harden architectures, pressure-test assumptions, and translate attacker tradecraft into practical controls. Max's recent work centers on threat modeling for decentralized systems, secure key and wallet management, and building detection/response mechanisms that assume breach.

CTI Analyst at French cybersecurity company Sekoia.io

Professional cryptography and assembly aficionado™
I've been in the field of offensive security testing for about 10 years. During that time, I worked primary on cryptography architectures and implementations for end2end password management, application penetration testing and modern cloud/IaC platform security engineering.
I've been a challenge designer at Northsec since 2020. Most returning participants knows me for always using Rust and Webassembly in my challenges along with always coming up with over-the-top and outlandish reversing, pwning and cryptographic attack scenario. That, or they just know me as the emulator guy.

Philippe Marchand est chercheur et coordonnateur à l'observatoire des conflits multidimensionnels de la chaire de recherche Raoul-Dandurand en études stratégiques et diplomatiques. Politologue, il se spécialise sur l'utilisation des téléphones cellulaires par la population civile au sein des confits, mais également sur le caractère géopolitique des cyberattaques sur les États.

Philippe is currently a Ph.D. candidate at UQÀM. He works as President and Security Researcher at Resilience Coop. Most importantly, he is a founding member of Hubert Hackin'

Pierre-Nicolas Allard-Coutu is a senior penetration tester and offensive security R&D lead at Bell Canada's Security Testing and Incident Response team (STIRT). He is a seasoned red team operator with many years of experience specialized in the development of malware payloads and payload delivery systems. More recently, he has spearheaded the creation of physical penetration test methodologies including novel exploitation techniques aimed at compromising UEFI pre-boot environments and enabling Direct Memory Access vectors against modern laptops. He is currently the top public contributor to the Quebec Government Cyber Defense Center's vulnerability disclosure program, and part of the HackFest Challenge design team. The type of person who could never resist placing ">alert(1);<!-- in his bio.

I’m a cybersecurity professional with a background in network security and internet infrastructure research. My focus is on the intersection of technology and civil liberties, particularly how network-layer protocols are used—and misused—by state actors to control access to information.

Hi! I’m Robbe Van Roey 👋

I’m a hacker. I like breaking stuff. I’m a penetration tester at Toreon, I’ve worked for a bug bounty company, and I’ve found 35+ CVEs. I love hacking web apps, mobile applications, AI systems, and Active Directory.
I’m also a teacher. I teach developers about secure coding, I teach beginners about Red Teaming for Hack The Box and I’ve created a bunch of YouTube videos on my channel.

In the online realm, you may know me as PinkDraconian. Come up to me and say hi!

My life motto is “Hacking you so you don’t get hacked“ and I’d like to show you part of that ideology during my talk. See you there!

Ron Bowes is a Principal Security Researcher on the GreyNoise Labs team, which tracks and investigates unusual--typically malicious--internet traffic. His primary role is to understand and track the big vulnerabilities of the day/week/month/year; often, that means parsing vague vendor advisories, diff'ing patches, reconstructing attacks from log files, and--most complex of all--installing and configuring enterprise software. When he's not at work, he runs the BSides San Francisco Capture the Flag contest, is a founder of The Long Con conference in Winnipeg, takes improv classes, and continues his project to finish every game in his Steam library.

Salini Mishra is a Senior Product Security Engineer in Bloomberg’s Chief Information Security
Office, where she focuses on identifying vulnerabilities, strengthening application security, and
building tools to proactively defend against emerging threats. She works closely with the
company’s engineering teams by bridging the gap between high-level defense strategy and
hands-on technical execution, ensuring that security is a core component of the development
lifecycle rather than an afterthought.
With a rigorous background in computer engineering and cybersecurity, Salini brings a
breaker-fixer mindset to the intersection of software integrity and modern innovation. Prior to
Bloomberg, her experience includes advancing security initiatives within research and
development environments, where she contributed to the design of resilient, cloud-native
architectures and microservices intended to sustain enterprise operations for decades. Known
for her analytical mindset and deep curiosity about how systems can be both broken and
secured, Salini is passionate about advancing modern security engineering, particularly as
artificial intelligence reshapes the tools, techniques, and challenges within the cybersecurity
landscape.
Outside of work, Salini’s curiosity refuses to sit still—sometimes literally. Trained in Indian
classical dance, she’s rarely able to keep her feet grounded. She’s an avid escape-room
enthusiast, hosts murder-mystery nights at home, and has a long-standing fascination with
espionage and spycraft. When she’s not decoding puzzles, she stays active by learning boxing,
happily trading keyboards for gloves.

Former Police Officer from Argentina, now a Cloud Incident Responder and Security Engineer with over 10 years of IT experience. A Digital Nomad and international speaker, I've presented on Cloud Security and Incident Response at Ekoparty, FIRST, Virus Bulletin (three times), Hack.Lu, and various BSides events worldwide. I hold a Bachelor's degree in Information Security and an MBA (Master in Business Administration).

Sébastien Dudek is the founder of Penthertz, a French company specializing in wireless and hardware security. With over 15 years of experience in telecommunications security, he has published research on 5G security, Open RAN, baseband fuzzing, mobile network interception, and power-line communication vulnerabilities. He is the creator of RF Swift, an open-source SDR toolkit, V2G Injector/HomeplugPWN, 5GC API Pentest, and LoRa Craft among other security tools.

His clients major defense and (aero)space companies, include automotive, and his work spans from 2G through 5G security, OT/IoT device security, and critical infrastructure protection.

Simon leads the full-scope penetration testing team at Desjardins Group, one of Canada's largest financial institutions. Previously, he worked as a technical team leader and penetration tester in Canada and France. Simon has recently been involved in developing the AnsibleHound project.

Tammy Harper is a Senior Threat Intelligence Researcher at Flare focused on ransomware groups, extortion strategy, and leak site operations. Her work analyzes how threat actors construct leverage and weaponize uncertainty during negotiations. She speaks regularly on the operational and psychological mechanics of modern cybercrime.

Tanu Jain is a Security Engineer at Meta with more than sixteen years of experience in software engineering and cybersecurity.

Tim Medin (@TimMedin) is the CEO of Red Siege Information Security. Red Siege is one of the most trusted information security consulting firms in the industry that concentrates on the latest threats to organizations, as well as providing resources and education to the industry on how to stay ahead with an active offensive discord, the weekly Wednesday Offensive, and monthly live-streamed SiegeCasts.
Tim is also a Senior Instructor and course author of the flagship penetration testing course (SEC560 Enterprise Penetration testing) at SANS, the largest source for information security training and security certification in the world. Throughout the course of his career, Tim has performed penetration tests on the entire range of organizations and technologies. Tim has gained information security experience in a variety of industries including previous positions in control systems, higher education, financial services, and manufacturing. Tim is the creator of Kerberoasting, a widely utilized Red Team penetration test technique to extract kerberos tickets in order to offline attack the password of enterprise service accounts. Tim earned his MBA through the University of Texas and recently completed an eMBA equivalent through Harvard.

Varsha Dwarakanathan is a Senior Product Security Engineer at Bloomberg. She excels at
navigating the often “impossible” middle ground between rapid innovation and rigorous defense,
specializing in security by design and embedding resilience directly into the development
lifecycle. Through hands-on technical engagement — including architecture and design reviews,
threat modeling, and code reviews — she focuses on identifying and mitigating vulnerabilities
early and at scale.
With a bachelor’s degree in computer science and a master’s degree in cybersecurity, Varsha
brings pragmatic, technical security expertise to Bloomberg, where she develops ways to help
multi-disciplinary teams with competing priorities find collectively-optimal solutions.
Outside of work, Varsha is an enthusiastic tennis player and a regular on the competitive circuit,
driven by equal parts discipline and the delusion that going pro is still on the table. An animal
lover at heart, she channels that energy into her growing plushie collection – at least until she
can retire to her own animal sanctuary.

Wietze has been hacking around with computers for years. Originally from the Netherlands, he currently works as a Lead Threat Detection & Response Engineer in London. As a cyber security enthusiast and threat researcher, he has presented his findings on topics including attacker emulation, PowerShell obfuscation, DLL Hijacking and command-line shenanigans at a variety of security conferences. By sharing his research, publishing related tools and his involvement in the open-source projects such as LOLBAS, HijackLibs and ArgFuscator, he aims to give back to the community he learnt so much from.

Xavier Facélina a co-fondé SECLAB en 2011, une entreprise française spécialisée dans la cybersécurité des infrastructures critiques. Autodidacte, il a quitté l'école avant le bac pour se former seul à l'informatique et n'a jamais cessé depuis. En 20 ans, il a accompagné des opérateurs d'importance vitale dans les secteurs de l'énergie, de la défense et de l'industrie. Il possède encore un Minitel en état de marche. Il préfère les questions aux réponses et croit que la meilleure façon de prédire le futur, c'est de l'inventer.