{"id":441,"date":"2025-10-03T10:05:18","date_gmt":"2025-10-03T14:05:18","guid":{"rendered":"https:\/\/bsidesmtl.ca\/?page_id=441"},"modified":"2025-10-03T10:45:15","modified_gmt":"2025-10-03T14:45:15","slug":"programme-2025-fr","status":"publish","type":"page","link":"https:\/\/bsidesmtl.ca\/fr\/bsides-montreal-fr\/programme-2025-fr\/","title":{"rendered":"Programme 2025 | FR"},"content":{"rendered":"\t\t
\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

2025 Horaire | 13 septembre | Biblioth\u00e8que et Archives nationales du Qu\u00e9bec<\/h2>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

8:30AM | Doors open
<\/span><\/span><\/span><\/strong><\/p>

\u00a0<\/span><\/span><\/span><\/strong><\/p>

9:00AM \u2013 9:05AM | Mot d’ouverture<\/span><\/span><\/span><\/strong><\/p>

\u00a0<\/b><\/span><\/span><\/span><\/p>

9:05AM \u2013 12:00AM | <\/span><\/span><\/span><\/strong>Workshop \u00ab\u00a0The Bug Hunter’s Methodology\u00a0\u00bb<\/a><\/u><\/b><\/span><\/p>

9:05AM \u2013 9:30AM | <\/b><\/span><\/span><\/span>Reconnaissance furtive : m\u00e9thode, contraintes, et ex\u00e9cution sans bruit<\/b><\/span><\/p>

Jonathan Nomed
<\/span><\/p>

\u00a0<\/span><\/p>

9:30AM – 9:55AM | The Overlooked Playground: An Attacker’s Journey Through GCP
<\/span><\/span><\/span><\/strong><\/p>

Cl\u00e9ment Cruchet<\/span><\/p>

\u00a0<\/b><\/p>

9:55AM \u2013 10:20AM |\u00a0<\/b><\/span><\/span><\/span>Graph All The Things: The Birth of Hound<\/b><\/span><\/p>

Mathieu Saulnier<\/span><\/p>

\u00a0<\/b><\/p>

10:20AM \u2013 10:45AM | PAUSE CAF\u00c9<\/b><\/span><\/span><\/span>
<\/b><\/span><\/span><\/span><\/p>

\u00a0<\/b><\/span><\/span><\/span><\/p>

10:45AM \u2013 11:10AM | <\/b><\/span><\/span><\/span>Emmerdissement, \u00c9rosion de plateforme\u2026 et si on en parlait?<\/b><\/span><\/p>

Samuel B. G.<\/span><\/p>

\u00a0<\/b><\/p>

11:10AM \u2013 11:35AM | Developing Your Own Local LLM (GenAI) for Cybersecurity GRC<\/b><\/span><\/span><\/span>
<\/b><\/span><\/span><\/span><\/p>

Lee Yang Peng
<\/span><\/p>

\u00a0<\/b><\/p>

11:35AM \u2013 12:00PM | Agentic Access: OAuth Gets You In. Zero Trust Keeps You Safe<\/b><\/span><\/span><\/span>
<\/b><\/span><\/span><\/span><\/span><\/p>

NIck Taylor<\/span><\/p>

\u00a0<\/b><\/p>

12:00PM \u2013 1:10PM | LUNCH<\/b><\/span><\/span><\/span><\/span>
<\/b><\/span><\/span><\/span><\/span><\/p>

1:10PM \u2013 4:25PM |\u00a0<\/span><\/span><\/span><\/strong>Workshop \u00ab\u00a0<\/span><\/span>Windows Forensics for Insider Threat<\/span><\/span>\u00ab\u00a0<\/span><\/span><\/a><\/u><\/p>

1:10PM \u2013 1:35PM | Tinker Tailor LLM Spy: Investigate & Respond to Attacks on GenAI Chatbots<\/b><\/span><\/span><\/span><\/span>
<\/b><\/span><\/span><\/span><\/p>

Allyn Stott<\/span><\/p>

\u00a0<\/b><\/p>

1:35PM \u2013 2:00PM | Securing the Generative AI Pipeline from Data Ingestion to Model Inference<\/b><\/span><\/span><\/span>
<\/b><\/span><\/span><\/span><\/p>

Ikhtear Bhuyan<\/span><\/p>

\u00a0<\/b><\/p>

2:00PM \u2013 2:25PM | Proactive Bias Mitigation Against AI’s Unseen Vulnerabilities in Cybersecurity<\/b><\/span><\/span><\/span>
<\/b><\/span><\/span><\/span><\/p>

Mina Movahedi<\/span><\/p>

\u00a0<\/b><\/p>

2:25PM \u2013 2:50PM |\u00a0<\/b><\/span><\/span><\/span>AI in CTFs: How to Use AI Effectively Without Falling Down the Rabbit Hole?<\/b><\/span><\/p>

Jie Wu & Pulkit Garg<\/span><\/p>

\u00a0<\/b><\/p>

2:50PM \u2013 3:20PM | PAUSE CAF\u00c9<\/b><\/span><\/span><\/span>
<\/b><\/span><\/span><\/span><\/span><\/p>

\u00a0<\/b><\/span><\/span><\/span><\/span><\/p>

3:20PM \u2013 3:45PM | <\/b>Attribution of cyber operations: does it really matter?<\/b><\/span><\/span><\/p>

Alexis Dorais-Joncas<\/span><\/span><\/p>

\u00a0<\/b><\/p>

3:45PM \u2013 4:10PM | Tor sous contr\u00f4le : Vers une identification fiable des flux anonyme<\/b><\/span><\/span><\/span><\/p>

Nabil Diab<\/span><\/span><\/p>

\u00a0<\/b><\/span><\/span><\/p>

4:10PM \u2013 4:35PM | <\/b>How Tor Works<\/b><\/span><\/span><\/p>

David Goulet<\/span><\/span><\/p>

\u00a0<\/b><\/span><\/span><\/p>

4:35PM \u2013 4:40PM | Mot de cl\u00f4ture<\/b><\/span><\/span><\/span><\/span><\/p>

\u00a0<\/b><\/span><\/span><\/span><\/span><\/p>

4:40PM \u2013 8:00PM | Cocktail & hommage \u00e0 Michel Cusin<\/b><\/span><\/span><\/span><\/span><\/b><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

\n\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

2025 Horaire \u2015 Programme pr\u00e9liminaire d\u00e9taill\u00e9<\/h2>\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"samuelbg.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Samuel B. G.<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Emmerdissement, \u00c9rosion de plateforme\u2026 et si on en parlait?<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Cette conf\u00e9rence propose une exploration critique du ph\u00e9nom\u00e8ne d\u2019\u00e9rosion de plateforme, cette d\u00e9gradation progressive et syst\u00e9mique des services, logiciels et environnements technologiques que nous utilisons au quotidien. S\u2019inspirant des dynamiques observ\u00e9es dans l\u2019univers de la cybers\u00e9curit\u00e9, la pr\u00e9sentation \u00e9tablit un parall\u00e8le entre les comportements des fournisseurs de services technologiques et ceux des maliciels : \u00e9tablissement de la persistance, mouvements lat\u00e9raux, cloisonnement progressif des environnements, et logique extractive des donn\u00e9es. Le mod\u00e8le \u00e9conomique, la gestion interne, les d\u00e9cisions op\u00e9rationnelles ou encore les imp\u00e9ratifs de cybers\u00e9curit\u00e9 sont autant de facteurs qui justifient – ou masquent – cette transformation des plateformes en \u00e9cosyst\u00e8mes ferm\u00e9s.

\u00c0 travers des exemples concrets du domaine, la conf\u00e9rence affine les r\u00e9flexes de l\u2019auditoire pour reconna\u00eetre les signes pr\u00e9curseurs d\u2019une \u00e9rosion en cours ou \u00e0 venir. Elle questionne aussi notre propre responsabilit\u00e9 : nous investissons, consommons, et parfois, cliquons. L’utilisateur devient \u00e0 la fois victime et moteur de cette dynamique.\u00a0Mais au-del\u00e0 du constat, la conf\u00e9rence ouvre un espace de discussion autour des solutions viables, accessibles et humaines : cr\u00e9ation de regroupements, promotion de services r\u00e9parables et durables, mod\u00e8les de consommation \u00e9thiques et souverainet\u00e9 des donn\u00e9es. Une hypoth\u00e8se est avanc\u00e9e : celle d\u2019une coexistence harmonieuse entre usagers et fournisseurs, fond\u00e9e sur la transparence, la coop\u00e9ration, et la r\u00e9silience collective.

Enfin, cette session est une invitation \u00e0 la participation active, au d\u00e9bat, \u00e0 la remise en question. Car si l\u2019\u00e9rosion est persistante, les m\u00e9canismes de rem\u00e9diation existent; encore faut-il vouloir, collectivement, les activer. Ceci peut mener jusqu’\u00e0 la cr\u00e9ation d’un Village DEF CON!<\/i><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t

Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Samuel est le fondateur de Syst\u00e8mes Securitech, du groupe DCG514 de Montr\u00e9al et a r\u00e9cemment lanc\u00e9 une osbl qui a pour but de rassembler des passion\u00e9s de cybers\u00e9curit\u00e9 et de technologies derri\u00e8re une lentille d’accessibilit\u00e9 universelle; s’engageant contre des ph\u00e9nom\u00e8nes tels que l’\u00e9rosion de plateforme.\u00a0<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\t
\n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"allyn.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Allyn Stott<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Tinker Tailor LLM Spy: Investigate & Respond to Attacks on GenAI Chatbots<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

It\u2019s coming, and you aren\u2019t ready\u2014your first generative AI chatbot incident. GenAI chatbots, leveraging LLMs, are revolutionizing customer engagement by providing real-time, automated 24\/7 chat support. But when your company\u2019s virtual agent starts responding inappropriately to requests and handing out customer PII to anyone that asks nicely, who are they going to call? You.<\/p>

You\u2019ve seen the cool prompt injection attack demos and may even be vaguely aware of preventions like LLM guardrails; but are you ready to investigate and respond when those preventions inevitably fail? Would you even know where to start? It\u2019s time to connect traditional investigation and response procedures with the exciting new world of GenAI chatbots.<\/p>

In this talk, you\u2019ll learn how to investigate and respond to the unique threats targeting these systems. You\u2019ll discover new methods for isolating attacks, gathering information, and getting to the root cause of an incident using AI defense tooling and LLM guardrails. You\u2019ll come away from this talk with a playbook for investigating and responding to this new class of GenAI incidents and the preparation steps you\u2019ll need to take before your company\u2019s chatbot responses start going viral\u2014for the wrong reasons.<\/p>

Why this talk?<\/strong>
You will learn a brand-new approach to investigating and responding to generative artificial intelligence (GenAI) chatbot incidents. There has been lots of content from the community extensively discussing attacks and protections surrounding GenAI and Large Language Models (LLMs). But there is a lack of research and content that approaches this new technology from the incident response point-of-view.<\/p>

Key Takeaways:<\/strong>
1. A crash course specifically tailored for incident responders in GenAI-powered LLM chatbots, the threat landscape, and defenses.
2. Practical methods to investigate and respond to GenAI chatbot anomalies, suspicious activities, and incidents.
3. Ready-to-implement incident response playbooks and preparation steps tailored for GenAI systems.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t

Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Allyn Stott<\/strong> is a senior staff engineer at Airbnb where he works on the InfoSec Technology Leadership team. He spends most of his time working on enterprise security, threat detection, and incident response. Over the past decade, he has built and led detection and response programs at companies including Delta Dental of California, MZ, and Palantir. He received his Master\u2019s in High Tech Crime Investigation from The George Washington University as part of the Department of Defense Information Assurance Scholarship Program. Red team tears are his testimonials.\u00a0Allyn has previously presented at Black Hat (Europe, Asia, MEA), Kernelcon, The Diana Initiative, Blue Team Con, Swiss Cyber Storm, SecretCon, Texas Cyber Summit, and over 20 different BSides around the world. His most recent talks are The Fault in Our Metrics: Rethinking How We Measure Detection & Response<\/em> and How I Learned to Stop Worrying and Build a Modern Detection & Response Program<\/em>.\u00a0In the late evenings, after his toddler ceases all antics for the day, Allyn writes a semi-regular, exclusive security newsletter that you can subscribe to at meoward.co.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\t
\n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"nabil.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Nabil Diab<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Tor sous contr\u00f4le : Vers une identification fiable des flux anonyme<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Le r\u00e9seau Tor, synonyme d’anonymat en ligne, introduit des d\u00e9fis majeurs en mati\u00e8re de s\u00e9curit\u00e9 op\u00e9rationnelle. Lors de la gestion de plusieurs incidents de s\u00e9curit\u00e9, nous avons constat\u00e9 l’usage malveillant de Tor pour exfiltrer des donn\u00e9es, contacter des serveurs C&C ou n\u00e9gocier des ran\u00e7ons, ce qui entra\u00eene souvent une perte de temps critique pour les \u00e9quipes de r\u00e9ponse en traquant des circuits \u00e9ph\u00e9m\u00e8res impossibles \u00e0 identifier. Cette technique d’\u00e9vasion de la d\u00e9fense n’est pas nouvelle et est bien connue des \u00e9quipes de cyberd\u00e9fense et des \u00e9diteurs de logiciels de s\u00e9curit\u00e9. Des cas d’usage existent, des r\u00e8gles de d\u00e9tection \u00e9galement, mais globalement, leur fiabilit\u00e9 est souvent trop faible pour \u00eatre exploit\u00e9es activement.
L’objectif de cette pr\u00e9sentation est de rentrer dans le sujet de l’am\u00e9lioration de la fiabilit\u00e9 de l’identification de ces flux dans un r\u00e9seau d’entreprise, pour mettre en place une strat\u00e9gie de supervision efficace, voire de pr\u00e9vention.<\/p>

La pr\u00e9sentation sera structur\u00e9e en quatre parties principales :<\/p>

## 1 \u2013 Contexte et besoins op\u00e9rationnels
Nous pr\u00e9senterons d’abord les origines de notre \u00e9tude: un besoin client, celui de bloquer compl\u00e8tement l’acc\u00e8s au r\u00e9seau Tor. L’\u00e9tude de faisabilit\u00e9 r\u00e9alis\u00e9e a rapidement r\u00e9v\u00e9l\u00e9 que les outils classiques disponibles g\u00e9n\u00e9raient d’importants effets ind\u00e9sirables.<\/p>

## 2 \u2013 Comprendre les limites des solutions actuelles
Nous introduirons les concepts fondamentaux du r\u00e9seau Tor afin de mieux comprendre pourquoi les solutions existantes et les flux CTI disponibles ne parviennent pas \u00e0 identifier correctement les flux Tor sortants. Nous pr\u00e9senterons \u00e9galement les outils cl\u00e9s, en particulier les Tor Metrics, indispensables \u00e0 notre approche.<\/p>

## 3 \u2013 M\u00e9thode d’identification \u00e0 haute fiabilit\u00e9
Nous exposerons notre solution technique consistant \u00e0 extraire des listes pr\u00e9cises de n\u0153uds Tor en fonction de crit\u00e8res sp\u00e9cifiques, ce qui permet de r\u00e9pondre efficacement aux besoins op\u00e9rationnels en r\u00e9duisant consid\u00e9rablement les faux positifs et effets de bord.<\/p>


## 4 \u2013 D\u00e9ploiement et utilisation pratique
Enfin, nous expliquerons comment exploiter concr\u00e8tement les ressources que nous diffusons publiquement sur GitHub, en particulier des listes de n\u0153uds Tor filtr\u00e9es, afin de d\u00e9ployer des strat\u00e9gies de d\u00e9tection et de pr\u00e9vention fines et efficaces.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t

Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Nabil Diab<\/strong> wears two hats at Alter Solutions. As Head of the CERT, he oversees the group\u2019s SOC operations, incident response, vulnerability management, and cyber threat intelligence activities. Simultaneously, he serves as Managing Director of Alter Solutions Canada, leading the Montreal-based entity\u2019s strategic growth and delivery.\u00a0With eight years of cybersecurity experience, Nabil began his career in embedded security before moving into cyber threat intelligence, pentesting and then incident response for a global bank. Today, he combines that offensive-security background with a deep passion for the \u201cblue\u201d side of the eternal cat-and-mouse game between attackers and defenders. He thrives on the challenge of detecting adversaries, countering their evasion techniques, and continually raising the bar on defensive measures.\u00a0Driven by the belief that there is always another way to outsmart an attacker, and another way for the attacker to adapt, Nabil is committed to spending many more years tracking the mouse and fortifying organizations against ever-evolving threats.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\t
\n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"jonathan222-3\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Jonathan Nomed<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Reconnaissance furtive : m\u00e9thode, contraintes, et ex\u00e9cution sans bruit<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

La reconnaissance r\u00e9seau est l\u2019une des phases les plus sous-estim\u00e9es d\u2019un engagement Red Team interne. Lorsqu\u2019elle est ex\u00e9cut\u00e9e avec impr\u00e9cision ou automatis\u00e9e sans discernement, elle devient plus facilement d\u00e9tectable. Dans un environnement surveill\u00e9 qu\u2019il s\u2019agisse d\u2019un r\u00e9seau cloisonn\u00e9, partiellement filtr\u00e9, ou monitor\u00e9 par un SIEM chaque paquet \u00e9mis a un co\u00fbt. L\u2019objectif n\u2019est plus de \u00ab scanner \u00bb, mais d\u2019observer, d\u00e9duire et agir avec intention.
Cette conf\u00e9rence pr\u00e9sente une m\u00e9thodologie compl\u00e8te de reconnaissance furtive, pens\u00e9e pour s\u2019adapter aux environnements contraints . Elle ne s\u2019appuie pas sur une attaque technique, mais sur une logique rigoureuse : n\u2019\u00e9mettre que lorsqu\u2019un besoin est \u00e9tabli, ne rien pr\u00e9sumer, et construire la cartographie du r\u00e9seau par observation, \u00e9limination et corr\u00e9lation progressive.
Le pipeline est divis\u00e9 en cinq \u00e9tapes strictes, reproductibles sur le terrain :
1. Capture passive: \u00e9coute directe des trames r\u00e9seau pr\u00e9sente sur le r\u00e9seau. Aucun filtrage, aucune modification, aucune \u00e9mission. L\u2019outil capte ce qui est visible sans se signaler.
2. Analyse locale et classification : construction dynamique des h\u00f4tes en m\u00e9moire, d\u00e9tection d\u2019anomalies (MAC\/IP multiples, h\u00f4tes fant\u00f4mes), inf\u00e9rence du r\u00f4le r\u00e9seau (client, serveur, routeur), et rep\u00e9rage de sous-r\u00e9seaux actifs.
3. Scan ARP furtif : envoi contr\u00f4l\u00e9, unicast uniquement, sans r\u00e9p\u00e9tition. Les bursts sont espac\u00e9s et configurables pour se fondre dans le trafic l\u00e9gitime.
4. Scan SYN conditionnel : (activable ou non) Ports restreints, cadence al\u00e9atoire, sans \u00e9tablissement de session. Objectif : affiner la classification, pas interagir.
5. Export structur\u00e9 et minimaliste R\u00e9sultats nettoy\u00e9s, structur\u00e9s et export\u00e9s en formats JSON, CSV et HTML, incluant un r\u00e9capitulatif complet des \u00e9l\u00e9ments d\u00e9couverts (actifs, protocoles, syst\u00e8mes). Aucun champ superflu, aucune donn\u00e9e parasite : chaque information export\u00e9e est imm\u00e9diatement exploitable pour alimenter une phase de pivot ou d\u2019\u00e9l\u00e9vation.
6. Cette m\u00e9thode est impl\u00e9ment\u00e9e dans Zandoli, un outil d\u00e9velopp\u00e9 en Go, sans d\u00e9pendance externe, sans interface graphique, sans comportement implicite. Il peut \u00eatre pilot\u00e9 par un fichier YAML unique, ex\u00e9cutable en live ou sur fichier PCAP, et structur\u00e9 selon une architecture modulaire : sniffer, analyseur, scanner, exporteur.
Contrairement aux approches classiques qui lancent des requ\u00eates avant d\u2019analyser les r\u00e9ponses, Zandoli fonctionne \u00e0 l\u2019inverse : il commence par \u00e9couter, filtre ce qui a \u00e9t\u00e9 vu, puis d\u00e9cide s\u2019il est n\u00e9cessaire de questionner.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t

Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Jonathan Nomed<\/strong> est un pentester sp\u00e9cialis\u00e9 en reconnaissance r\u00e9seau furtive, avec un double parcours en cybers\u00e9curit\u00e9 offensive et d\u00e9fensive. Deux ann\u00e9es d\u2019exp\u00e9rience en Blue Team dans un environnement SOC ont permis de d\u00e9velopper une compr\u00e9hension fine des m\u00e9canismes de d\u00e9tection, de la corr\u00e9lation d\u2019alertes et des cha\u00eenes de r\u00e9ponse \u00e0 incident. Cette expertise d\u00e9fensive a \u00e9t\u00e9 suivie de deux ann\u00e9es en offensive, avec un focus op\u00e9rationnel sur les phases internes d\u2019engagement Red Team, en particulier la cartographie r\u00e9seau sous contrainte. Auteur de Zandoli, un scanner r\u00e9seau passif\/actif enti\u00e8rement \u00e9crit en Go, pens\u00e9 pour \u00eatre souverain, modulaire, reproductible et pilot\u00e9 via YAML. L\u2019outil est con\u00e7u pour fonctionner sans d\u00e9pendance externe, en environnement cloisonn\u00e9 ou surveill\u00e9, et permet une ex\u00e9cution discr\u00e8te de la reconnaissance, avec export structur\u00e9 exploitable imm\u00e9diatement. A d\u00e9j\u00e0 pr\u00e9sent\u00e9 un talk \u00e0 BSides Montr\u00e9al en 2024. D\u00e9veloppe et maintient ses outils en open source, avec une attention particuli\u00e8re port\u00e9e \u00e0 la documentation, \u00e0 l\u2019architecture logicielle et \u00e0 la d\u00e9monstration sur fichiers PCAP ou r\u00e9seaux simul\u00e9s.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\t
\n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"clement.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Cl\u00e9ment Cruchet<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

The Overlooked Playground: An Attacker's Journey Through GCP<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

This talk will present offensive operations within Google Cloud Platform (GCP) environments following the MITRE Framework and will offer a comprehensive exploration from an attacker’s perspective. Drawing upon past experiences, research, and an analysis of the latest techniques employed by threat actors within the GCP ecosystem, attendees will gain valuable insights into understanding GCP attack surface and securing their cloud infrastructure.<\/p>

\u00a0<\/p>

Throughout this presentation, we will start by presenting GCP structure\/hierarchy and better understand specific IAM model within GCP, permissions, roles.<\/p>

\u00a0<\/p>

We will delve into aspects of reconnaissance and initial access methods specifically tailored for GCP environments. We will explore a spectrum of techniques, ranging from OAuth2-based phishing attacks and targeted spear phishing campaigns facilitated through external communication applications to the exploitation of service accounts and cloud components, all designed to procure an initial foothold within the GCP infrastructure.<\/p>

\u00a0<\/p>

Focusing on exploitation path and attack lifecycle within GCP Environment we will then present lateral movement techniques within GCP cloud components and resources, uncovering at the same time multiple persistence techniques and procedures, alongside opportunities for privileges escalation. This part of the talk will also present some IAM roles and permissions abuses using overprivileged primitives and predefined roles.<\/p>

\u00a0<\/p>

Following the presentation, the talk will delve into specific credential access techniques within GCP Environments, shedding light on the capabilities an attacker would be able to obtain within GCP.\u00a0<\/p>

\u00a0<\/p>

The offensive demonstration will conclude with high-impact techniques like GCP Domain-Wide Delegation and the abuse of Google Workspace integrations. We will then pivot to the defender’s view, bringing the entire narrative together. The complete attack chain, from the first foothold to the final exfiltration, will be presented through attack path view, enabling defender to hilight and remediate quickly key steps of the attack, misconfigurations or cloud resources vulnerabilities. From this visualization, we will derive actionable best practices to secure, detect, and defend.<\/p>

\u00a0<\/p>

This talk will introduce TTP tailored for red team operators, penetration testers but also for security operation team to assess and monitor their GCP environments and identify misconfigurations within it.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t

Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

As a Cybersecurity Solution Consultant at Palo Alto Networks, Cl\u00e9ment Cruchet<\/strong> helps organizations navigate the modern threat landscape. His focus is on shifting security from a reactive posture to a proactive one, providing the visibility and context needed to secure complex cloud and network environments against sophisticated threats.\u00a0This approach is directly informed by his deep, hands-on experience across three critical security domains. His work in offensive security provides the crucial attacker’s mindset, understanding how adversaries exploit vulnerabilities. This is complemented by a strong foundation in network security, knowing how systems are architected and defended. Finally, his experience in incident response brings the invaluable perspective of handling a breach’s aftermath and understanding its true impact.\u00a0This combination of red team, blue team, and architectural knowledge creates the holistic view needed to see the bigger picture. In this talk, Cl\u00e9ment will apply this multi-faceted expertise to the GCP environment, demonstrating the full lifecycle of an attack and, more importantly, how to build a resilient, modern defense against it.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\t
\n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"jie.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"pulkit.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Jie Wu & Pulkit Garg<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

AI in CTFs: How to Use AI Effectively Without Falling Down the Rabbit Hole?<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

AI has become a game-changer in the security industry, reshaping our approach to solving challenges. For aspiring security professionals, participating in the Capture The Flag (CTF) competition is a great way to put your skills to the test and gain hands-on experience. In today\u2019s AI-driven era, it’s increasingly common to rely on AI tools for problem-solving. However, it is crucial to remember that AI is not a substitute for critical thinking. We will discuss practical approaches for using AI effectively, whether you’re an experienced professional looking to level up or an aspiring professional learning security fundamentals.<\/p>

In this talk, we will explore the dual nature of AI’s role in solving CTF challenges. We will discuss various scenarios where AI shines, while also discussing its limitations and pitfalls, particularly those that might lead you down a rabbit hole or create confusion. While AI has many use cases, it is essential to recognize when reliance on AI becomes counterproductive and where critical thinking takes the lead to conquer tougher challenges. We will share advice and tips drawn from our experience on how to use AI effectively, including strategies for evaluating AI-generated solutions and exploring alternative approaches to challenges. Our talk aims to share methods for using AI to elevate your skills further rather than substitute them.<\/p>

By the end of this talk, you’ll gain practical techniques to help you navigate the complexities of AI when tackling CTF challenges. AI can act as your supportive co-pilot to level up your experience by helping you learn security concepts and provide guidance on where to start. While AI has tons of use cases, at the end of the day, it\u2019s important to remember that it is just one tool in your toolkit that strengthens your problem-solving abilities. By finding the right balance when using AI, you\u2019ll be better equipped with the necessary skills to help you excel in your next CTF competition and to support your cybersecurity journey.\u00a0<\/p><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t

Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Jie Wu<\/strong> is a Senior Security Engineer on the Infrastructure Security team at Shopify, where she focuses on security automation, IAM, threat detection, and compliance. She works closely with teams across the company to design scalable security solutions that enable secure development without slowing down innovation. Prior to joining Shopify, she worked at Bank of America, contributing to global cyber defense initiatives and vulnerability management. Jie brings a strong foundation in blue team operations and DevSecOps to solve security challenges at scale. Outside of her day-to-day role, Jie enjoys tackling CTF challenges and listening to podcasts to stay current with emerging security trends. She\u2019s also deeply committed to mentoring and helping others launch successful careers in cybersecurity. She has spoken at BrainStation about building a career in security, sharing practical advice and insights with aspiring security professionals. Outside of security, Jie enjoys staying active through running, hiking, rowing, and playing soccer.<\/p>

\u00a0<\/p>

Pulkit Garg<\/strong> is a Security Engineer on the Infrastructure Security team at Shopify, specializing in cloud security, compliance, and supply chain security. He focuses on implementing security controls for multi-cloud environments and compliance initiatives. Previously, Pulkit worked on 5G network software solutions at a startup, gaining expertise in distributed systems and network architecture. He transitioned to cybersecurity through a security internship at Shopify, where he immersed himself in security fundamentals while contributing to projects. His dedication led to a recent transition to a full-time role. As someone new to security, Pulkit is committed to building his expertise day by day. He actively reads about current security landscapes, stays informed about emerging threats, and leverages his engineering background to suggest innovative solutions that bridge development and security practices. His journey demonstrates that career transitions into cybersecurity are achievable with dedication and the right opportunities. Outside work, Pulkit maintains balance through exercising, dancing, and exploring hiking trails across Canada.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\t
\n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"lee.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Lee Yang Peng<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Developing Your Own Local LLM (GenAI) for Cybersecurity GRC<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
Public generative AI tools like OpenAI\u2019s models provide significant advantages in processing and generating human-like text, but when it comes to cybersecurity Governance, Risk, and Compliance (GRC), they pose critical security and privacy risks. Transmitting sensitive or proprietary information to external cloud-based AI services can result in data leakage, non-compliance with regulatory requirements, and increased attack surfaces. As a result, many organizations are reluctant or outright prohibited from using these public AI platforms for their cybersecurity operations.<\/div>
\u00a0<\/div>
Building a local large language model (LLM) tailored to cybersecurity GRC needs offers a secure and compliant alternative, but this path is fraught with challenges. Many practitioners attempting to set up their own local models face technical frustrations such as model compilation errors, dependency conflicts, and the steep learning curve involved in training or fine-tuning large models on domain-specific data. Furthermore, integrating continuously evolving local context, such as organizational policies, compliance documents, and threat intelligence, into a static AI model is often complicated and resource-intensive.<\/div>
\u00a0<\/div>
In this session, I will present a practical, hands-on approach to overcoming these challenges through Retrieval-Augmented Generation (RAG). This approach enables you to augment a pretrained local LLM with dynamically retrieved local data without the need for costly retraining or deep technical expertise. Using this method, you can seamlessly incorporate relevant, up-to-date information into the AI\u2019s responses, ensuring that your generative AI system remains contextually accurate and compliant.<\/div>
\u00a0<\/div>
This workshop-style talk will walk attendees through a proven tool and workflow I discovered that simplifies local LLM deployment for cybersecurity GRC use cases. Attendees will learn how to navigate common technical pitfalls, such as compilation problems, and how to easily add their own data to enrich the model\u2019s knowledge base. This practical guide empowers cybersecurity professionals to harness generative AI technology securely and effectively within their own environments, maintaining control over sensitive data and improving GRC workflows with AI-driven insights.<\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Lee Yang Peng<\/strong> (CISA, CISM, CRISC, OSCP) is a Senior Consultant at DACTA Global specialising in Governance, Risk, Compliance (GRC) services and VAPT services. He graduated from the National University of Singapore with a Bachelor of Computing (Information Security) with Honours (Distinction). Yang Peng has a very broad range of expertise with experience in Risk Assessments, Threat Modelling, Gap Assessments, Vulnerability Assessment, Penetration Testing, and Purple Teaming. His work has been presented to clients that range from senior managers and executives of large organisations.<\/p>

Past Talks:
– Python Conference Asia-Pacific (PyCon APAC) 2015 (https:\/\/tw.pycon.org\/2015apac\/en\/lightning_en\/index.html<\/a>)
– Python Conference Singapore (PyCon SG) 2015 (https:\/\/pycon.sg\/archive\/2015\/speaker\/profile\/60\/<\/a>)<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\t
\n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"Ikhtear.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Ikhtear Bhuyan<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Securing the Generative AI Pipeline from Data Ingestion to Model Inference<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

As generative AI systems mature from proof-of-concept to production-scale deployments, the security surface area expands dramatically across the entire AI\/ML stack. This session provides a deep technical walkthrough of securing generative AI workloads\u2014focusing on the integrity, confidentiality, and compliance of data pipelines and model operations in distributed environments.<\/p>

We begin with securing data lineage and governance across heterogeneous storage backends, including Db2, NoSQL (e.g., MongoDB, Cassandra), vector databases (e.g., FAISS, Pinecone), and large-scale data lakes. We\u2019ll explore schema tracking, data classification, and integration with data security posture management (DSPM) tools to map data provenance, enforce tokenization\/encryption, and apply access policies at source and transformation layers.<\/p>

Next, we examine data security mechanisms across the AI lifecycle\u2014addressing risks in data preprocessing, feature engineering pipelines, and multi-tenant model training environments. This includes static and runtime Data Activity Monitoring (DAM) for structured, semi-structured, and unstructured data, as well as implementation of secure enclaves or confidential computing for privacy-preserving computation.<\/p>

We\u2019ll analyze how to secure model usage and API inference against sensitive data exfiltration and regulatory violations. This involves integrating AI firewalling, usage policy enforcement, context-aware rate limiting, and runtime inspection of model outputs for leakage of training data or proprietary knowledge.<\/p>

The session will also cover continuous compliance monitoring aligned with ISO 42001, EU AI Act and emerging AI-specific standards. Topics include embedding telemetry hooks, integrity attestation, evidence collection, and audit log streamlining across model registries, CI\/CD pipelines, and serving layers.<\/p>

Finally, we address GenAI-specific threat vectors including prompt injection, model inversion, fine-tuning poisoning, and adversarial inference. Countermeasures such as differential privacy, output filtering, embedding space anomaly detection, and secure model release practices will be discussed in detail.<\/p>

Participants will leave with prescriptive, architecture-driven approaches to building secure-by-design GenAI platforms\u2014bridging the gap between MLOps and SecOps in modern AI deployments.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t

Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Ikhtear Bhuyan<\/strong> brings over 16 years of experience in the IT industry, with deep expertise in cybersecurity governance, risk management, and compliance. He has successfully developed and implemented security frameworks, policies, and procedures across multiple sectors, aligning with globally recognized standards and regulatory requirements such as ISO 27001, CIS Controls, PCI-DSS, HIPAA, and NERC-CIP. Ikhtear collaborates directly with clients across Canada to assess their security posture and deliver tailored solutions that strengthen cyber resilience. His work spans the full lifecycle of cybersecurity initiatives\u2014from strategic planning and architectural design to implementation and operationalization. His core focus areas include Security Information and Event Management (SIEM), Security Operations Centers (SOC), data protection, AI Security, Quantum safe, and identity and access management (IAM). Ikhtear holds a Master of Science degree in Computer Science from the University of New Brunswick. He is also a certified IBM Security Specialist and has earned the Certified Cloud Security Professional (CCSP) designation from ISC\u00b2. His practical experience and academic background make him a trusted advisor in building secure, scalable, and compliant IT environments.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t\t\t
\n\t\t\t\n\t\t\t\t\t\t\t
\n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"nicktaylor2.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

NIck Taylor<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t

Agentic Access: OAuth Gets You In. Zero Trust Keeps You Safe<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

AI agents are no longer experimental. Developers are already using them to query APIs, modify content, and chain services using emerging protocols like MCP (Model Context Protocol). The latest MCP specification introduces modern OAuth 2.1 authentication and support for Resource Indicators (RFC 8707), strengthening identity in agent-based systems.<\/p>

But authentication alone does not guarantee control. Once an agent is logged in, how do you govern what it is allowed to do? Without proper authorization controls, agents can access far more resources than they need, creating significant security risks.<\/p>

This talk explores how to apply Zero Trust principles to agent workflows by combining open identity protocols with policy-aware infrastructure. You will see a demo of an MCP client interacting with a secured MCP server behind Pomerium, an open source identity-aware proxy that brings fine-grained access control to agent interactions. Beyond basic authentication, Pomerium evaluates per-request policies based on identity, route, and context, and can audit and block specific tool calls within the MCP protocol. It can even manage OAuth flows to upstream tools like Notion or Reddit, so agents never handle raw access tokens.<\/p>

What you will learn:<\/p>

  • Why OAuth is necessary but not sufficient for agent security<\/li>
  • How to apply Zero Trust to developer tools and AI workflows<\/li>
  • A practical example of securing MCP servers with open source infrastructure<\/li><\/ul>

    As AI agents become part of real-world developer workflows, open standards and secure defaults are key to building trust without adding friction. These security patterns apply beyond just AI systems to any automated tooling that needs controlled access to APIs and services.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t

    Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Nick Taylor<\/strong> is a developer advocate at Pomerium, a zero trust, identity-aware proxy that secures access to internal apps and services without the need for a corporate VPN. He focuses on developer experience and community education around modern infrastructure, open source security, and Zero Trust principles.\u00a0With over 20 years in web development and more than a decade of open source contributions, Nick has spent the last five years working professionally in open source at companies like OpenSauced, DEV (dev.to), and Netlify. Whether it\u2019s through writing, code, or community building, his goal is always to help developers level up and ship faster\u2014securely.\u00a0Nick is also a seasoned content creator, often found live streaming tech topics ranging from full-stack development to AI tooling and Kubernetes security. He\u2019s passionate about helping others get started and stay curious in tech.\u00a0For more about Nick, here’s all the places you can find him online, https:\/\/nickyt.online.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t\t\t
    \n\t\t\t\n\t\t\t\t\t\t\t
    \n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"mina2.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t

    Mina Movahedi<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t

    Proactive Bias Mitigation Against AI's Unseen Vulnerabilities in Cybersecurity<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Artificial Intelligence (AI) has revolutionized cybersecurity by enhancing threat detection and response capabilities. However, the presence of bias in AI systems poses significant challenges, potentially undermining the accuracy and fairness of cybersecurity measures. This presentation explores comprehensive initiatives aimed at mitigating AI bias in cybersecurity.<\/p>

    We examine the root causes of bias, including biased training data and algorithmic design flaws, and discuss the implications of biased threat detection, such as false positives and negatives, through real-world examples. Additionally, we address the issues of targeted surveillance, where certain user groups might be disproportionately monitored, and data-driven vulnerabilities that can result from biased training data.<\/p>

    This research proposal addresses the critical imperative of mitigating bias in AI detections and mitigation techniques within cybersecurity. We contend that AI bias, acknowledged by 62% of surveyed organizations as influenced by cultural context, stems from unrepresentative data.<\/p>

    35% of businesses\u2014and inherent human biases, leading to issues like higher error rates for minorities in facial analysis technologies. Crucially, AI’s ability to interpret emotions across cultures degrades significantly when models are transferred, a vulnerability cybercriminals exploit given diverse emotional expressions (e.g., direct English vs. metaphorical Arabic, exaggerated Western vs. subtle East Asian facial cues).<\/p>

    Additionally, this work highlights the interplay between AI bias and adversarial exploitation, illustrating how cyber attackers can manipulate biased security models to create vulnerabilities. To address these risks, the study underscores the importance of human oversight and continuous monitoring, ensuring AI-driven threat detection remains transparent, fair, and resistant to bias-based manipulations. By providing actionable solutions for AI bias mitigation, this research contributes to the broader effort of developing trustworthy, equitable, and effective cybersecurity technologies.<\/p>

    Join us to gain insights into the importance of AI bias, learn from practical examples, and discover how you can contribute to mitigate and address biases in your incident response processes.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t

    Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Mina Movahedi Shakib<\/strong> is a seasoned cybersecurity professional with over a decade of experience in the tech industry. Her foundation in wireless networking and cybersecurity, combined with her current role as a cyber threat investigator at Bell Canada’s Security Operations Center, makes her a vital asset in safeguarding digital landscapes. Mina thrives in the fast-paced world of threat detection, incident response, and security operations, always seeking innovative ways to advance security measures.\u00a0Mina is not just about technical expertise; she is a dynamic speaker at numerous in-person and virtual cybersecurity conferences, including HackFest2024, LCL2025,CIS 2025, the Annual Cybersecurity Summit, and the WIT Global Summit. She is also deeply committed to mentorship, actively empowering women in technology and fostering the next generation of innovators.\u00a0Passionate about exploring the intersection of cybersecurity and artificial intelligence, Mina believes in the transformative potential of AI-driven solutions to tackle real-world challenges, especially in enhancing security and efficiency.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t\t\t
    \n\t\t\t\n\t\t\t\t\t\t\t
    \n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"ADJ-headshot-top-square222.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t

    Alexis Dorais-Joncas<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t

    Attribution of cyber operations: does it really matter?<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Attribution of cyber operations: does it really matter? It depends on who\u2019s asking. Based on real APT attack investigations made by Proofpoint researchers and attributed to Russia, Iran, North Korea and regions, we\u2019ll demonstrate what details go into attribution work from the perspective of an email security vendor, why attribution can be useful for defenders and how Blue Teams can use it to better inform threat modeling and risk.\u00a0We’ll define attribution, compare the concepts of attribution and Attribution and discuss how softer attribution elements should be paired with harder, more technical ones to get the best results.\u00a0In closing, we will discuss potential pitfalls we\u2019ve seen with attribution and even dare bring up the controversial topic of threat actor naming, Marketing gimmick, necessary evil, a little bit of both? Let\u2019s find out.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t

    Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Alexis Dorais-Joncas<\/strong> dirige l\u2019\u00e9quipe responsable de la recherche sur les attaques cibl\u00e9es (APT) chez Proofpoint. Leur but : identifier et comprendre ces attaques pour prot\u00e9ger leurs clients contre ces attaquants d\u00e9di\u00e9s et persistants.\u00a0Avant de se joindre \u00e0 Proofpoint, Alexis a \u00e9t\u00e9 durant plus de 10 ans le directeur du centre de R&D montr\u00e9alais de la firme ESET, dont le mandat \u00e9tait d\u2019\u00e9tudier les logiciels malveillants utilis\u00e9s dans le cadre d\u2019attaques ciblant ses clients.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t\t\t
    \n\t\t\t\n\t\t\t\t\t\t\t
    \n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"dgoulet.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t

    David Goulet<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t

    How Tor Works<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    \u00a0This talk will begin with an overview of how Tor works \u2014perfect for newcomers and a useful refresher for everyone else. We’ll then showcase the latest technology and development progress the Tor network has seen in recent\u00a0 years. Special attention will be given to the motivations behind, and current state of, our new Rust implementation. Finally, we\u2019ll talk about our newest software: a mobile VPN app for Android and iOS. This app lets you choose which applications use the Tor network \u2014 no device rooting required. All in all, expect a mostly technical deep dive into our technology. No fancy logos, no marketing nor any pie charts so please leave your buzzword bingo card at home.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t

    Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    David Goulet<\/strong> has been with the Tor Project for almost 15 years. He is part of the network team, which maintains the Tor network and its core software, such as the C implementation (tor) and the new Rust-based work in progress (Arti). He loves onions, gives garlic a chance, and sprinkles it all with scallions.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t\t\t
    \n\t\t\t\n\t\t\t\t\t\t\t
    \n\t\t\t\t\t<\/path><\/svg><\/div>\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"mathieu-saulnier222.png\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t

    Mathieu Saulnier<\/h3>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t

    Graph All The Things: The Birth of *Hound<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    BloodHound Community Edition V8 was dropped right before BlackHat and it learned new tricks! The most significant of them is OpenGraph which allows you to expand the Graph to map any Attack Path you come across in your Offensive Engagements or that you need to Defend internally. In this session we’ll see how to leverage OpenGraph to craft and customize your own Attack Graphs and the elements to include in a great submission to this Open Source Project. SalesForceHound, OktaHound, why not SAPHound? The only limit is your imagination (and maybe your coffee\/Red Bull budget).<\/p><\/div><\/div><\/div><\/div><\/div>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t

    \n\t\t\t\t\t

    Bio<\/h4>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t

    Mathieu Saulnier<\/strong> is a cybersecurity leader with 20+ years in Threat Research, Detection Engineering, Threat Hunting, and Incident Response. He has led diverse, global teams to success and shared his expertise on stages at Derbycon, SANS Summits, RSAC, SecTor, and BSides worldwide. A dedicated community mentor with DEF CON\u2019s Blue Team Village and co-organizer of NorthSec, DEATHcon and SkiCon, Mathieu now serves as Product Manager for BloodHound Community Edition, empowering attackers and defenders to audit and secure complex environments.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t

    \n\t\t\t\t\t
    \n\t\t\t\t
    \n\t\t\t\t\t

    Comit\u00e9 scientifique\u200b<\/h2>\t\t\t\t<\/div>\n\t\t\t\t
    \n\t\t\t\t\t\t\t\t\t
    Axelle Apvrille | Fortinet
    Charles Hamilton | CYPFER
    Dave Lewis | 1Password<\/b><\/span><\/span><\/span>\nJulien Richard | Lastwall Networks
    <\/b><\/span><\/span><\/span>Masarah Paquet-Clouston | Universit\u00e9 de Montr\u00e9al<\/b><\/span><\/span><\/span>\nMatthieu Faou | ESET
    Mathilde Gay | BDC<\/b><\/span><\/span><\/span>\nPierre-Marc Bureau | Google Canada<\/b><\/span><\/span><\/span>\n<\/pre>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"
    2025 Horaire | 13 septembre | Biblioth\u00e8que et Archives nationales du Qu\u00e9bec 8:30AM | Doors open \u00a0 9:00AM \u2013 9:05AM | Mot d’ouverture \u00a0 9:05AM \u2013 12:00AM | Workshop \u00ab\u00a0The Bug Hunter’s Methodology\u00a0\u00bb 9:05AM \u2013 9:30AM | Reconnaissance furtive : m\u00e9thode, contraintes, et ex\u00e9cution sans bruit Jonathan Nomed 9:30AM – 9:55AM | The Overlooked Playground: […]<\/p>\n","protected":false},"author":1,"featured_media":452,"parent":392,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","footnotes":""},"class_list":["post-441","page","type-page","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/pages\/441","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/comments?post=441"}],"version-history":[{"count":5,"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/pages\/441\/revisions"}],"predecessor-version":[{"id":474,"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/pages\/441\/revisions\/474"}],"up":[{"embeddable":true,"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/pages\/392"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/media\/452"}],"wp:attachment":[{"href":"https:\/\/bsidesmtl.ca\/fr\/wp-json\/wp\/v2\/media?parent=441"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}