Live on Youtube on WosecMontreal Channel
Go to our Discord Channel to submit your questions for each session' Q&A.
No registration needed
Véronique Ménard and Fyscillia Ream, WoSec Montreal Chapter Co-lead
Updates on WoSec Montreal and upcoming activities
Moderator: Jacqueline Waitman
Presentation in English
I will discuss various women in security who have entered the cybersecurity field without technical/computer science backgrounds, beginning with my story on how I entered the field with a non-traditional background and no prior IT experience. I will then compare different aspects of cybersecurity (offense/defense) to other professions where these roles exist and talk about how women already do these other jobs but entering other fields was likely much more difficult than entering cybersecurity today. I will then close by listing a few of the advantages women have today when trying to enter the field and why showing up and supporting other women is so important.
Angela is a program manager at Microsoft on the Office 365 Advanced Threat Protection Customer Experience Engineering Team. She is COO of Women of Security and also acts as a co-organizer of WoSec Seattle, CFO of WeAreHackerz, and a moderator of The Hacker Book Club (on Goodreads). She has two Bachelors’ degrees, one in Fine Arts and another in Legal Assistant Studies. After working in the legal field and trying to decide on whether or not to attend law school, Angela knew what she really wanted to do was have a career focused around technology. After reading an article about cybersecurity, Angela knew this was the career path for her! She immediately began immersing herself in all things cybersecurity and attended a 6 month cybersecurity boot camp. While networking and making connections in the field, she then obtained CompTIA’s Network + and Security + certifications and began her first role as a Vulnerability Assessment Specialist all within half a year's time!
Outside of cybersecurity Angela enjoys reading, photography, boxing, and spending time with her dogs, cat, family, & friends! She is also a HUGE foodie and enjoys traveling and can’t wait to be able to explore new places again (especially Canada)!
From accounting to cybersecurity
Moderator: Gabrielle Ladouceur-Despins
Presentation in French
Marsha will tell us about how she went back to school after a career in accounting to transition in cybersecurity. She will tell us about the tools she has used to juggle family, professional and student life, her interests that bring her to the field of cybersecurity and her current challenges. Marsha's journey will inspire you whether you are thinking about transitioning your career or starting out in the field!
New to the world of cybersecurity, Marsha Bazile is IT Security Advisor at Desjardins. Marsha has a bachelor's degree in accounting and is currently completing her master's degree in IT governance, audit and security at the University of Sherbrooke. After working for a few years at Desjardins in accounting, she made the transition to IT security. Her main interest is the alignment between business sectors and IT. She is also participating in an initiative of Global Shapers Montreal which consists of creating a database that identifies the skills of various non-technical professional profiles transferable to cybersecurity profiles.
Marthe Anaïs Kambou, MSc, MBA, CISSP, CISA
Expert in security, a choice of heart!
Moderator: Jackeline Da Silva
Presentation in French
Marthe will share with us her journey leading to the creation of her company which today fulfills cybersecurity mandates for a wide variety of companies. Although Marthe's studies in cybersecurity led her directly to work in this field, she still had to make a place for herself in the Quebec ecosystem when she arrived in Canada. Marthe's determination will inspire you!
Entrepreneur and Cybersecurity Expert, Madame Kambou is President of CyberSerenIT. She holds a master's degree in information systems security and an MBA in business administration. Marthe Kambou acts as strategic cybersecurity advisor to information security managers of large public and private organizations. She is also involved in various digital projects, as a consultant for the design of security architecture. Ms. Kambou also acts as a lecturer at Laval University in governance and security management, in the Faculty of Administration Sciences. Her main areas of interest in cybersecurity include governance and compliance, risk management, vulnerability management, threat modeling, training and user awareness.
Red, Blue, EQ
Moderator: Manon Gaudet
Presention in English
Cybersecurity is a people-centric discipline. We work in teams, communicate with a broad audience, make decisions during high-pressure events and attackers depend on people’s emotions to initiate compromises. Cybersecurity professionals can enhance cyber defenses as well as advance their careers, becoming stronger leaders and influencers within their organizations by increasing their Emotional Intelligence. This talk will cover the basic framework of strong EQ skills and how these skills will enhance your professional career and overall approach to cyber resiliency.
Deidre Diamond has combined her 25 years of experience working in technology and staffing with her love for the cybersecurity community to create CyberSN, a company transforming the way cybersecurity professionals approach job searches. Deidre is also the Founder of Secure Diversity, a 501(c)3 non-profit organization dedicated to addressing the cybersecurity talent shortage.
12 pm-1 pm
Workshop: Vulnerability Assessment with Nessus
Workshop in English
Web application vulnerabilities are one of the biggest attack vectors in todays threat landscape. Many of these applications are exposed to public internet and are essential to conduct business. Therefore, addressing vulnerabilities before attacker can exploit them is a high priority. I will discuss about what is the Vulnerability Assessment, how important is it in the present world and How to assess vulnerabilities with Nessus to maintain Security.
Snehitha Kavuri is an Information Systems Security Engineering professional with a master’s degree from Concordia University. She is one of the Top 10% of high achieving graduate students awarded with Golden Key Membership. She holds work experience in Information Technology at Accenture, India.
Snehitha has conducted several events as an Orientation manager during her Masters. During her free time, she loves learning ethical hacking by solving CTF (Capture the Flag) and OWASP WebGoat challenges and enjoys watching Sci-Fi movies. Currently working on CEH Certification.
1 pm-3 pm
Lisandre Cadotte and Gabrielle Botbol
Workshop: SQL Injections and Cross Site Scripting
Workshop in English
Vulnerabilities caused by bad input validation of untrusted data are everywhere. In this workshop, we will explore two of them: SQL injections (SQLi) and Cross-Site Scripting (XSS). Injection flaws - like SQLi - and Cross-site Scripting are both so common that they are part of the OWASP Top 10 Web Application Security Risks.
This session will introduce some database concepts and methods to successfully discover and exploit SQL injections in applications. It will also cover different types of Cross-Site Scripting attacks and show you common payloads to try out.
You will then be able to practice your new skills on vulnerable targets set up just for this purpose!
Register at http://root-me.org/ prior to the workshop to practice during the presentation
Lisandre Cadotte is a cyber security professional with work experience in the insurance, banking and telecommunication industry. She holds a bachelor’s degree in Computer Science and the CISSP certification from ISC2. Her previous experience covers a broad spectrum of topics ranging from database administration to cyber-risk management. She currently works as a penetration tester for Videotron - finding vulnerabilities in web applications, database infrastructures and cloud services. During her free time, Lisandre enjoys playing the flute in an orchestra, watching sci-fi and practicing ethical hacking in Capture the Flag (CTF) challenges and bug bounty programs.
Gabrielle Botbol is a pentester, cyber security blogger, and podcaster ( How to become an ethical hacker ? ). She works at OKIOK, a Laval-based firm that is a world pioneer and Canadian leader in information security.
Gabrielle Botbol focuses her efforts on democratizing information security for all, especially women, by introducing them to cybersecurity. She is also the leader of the Paris chapter of Women of security, which won the first prize in the spying challenge at the 2019 Le Hack Paris convention.
She joined WoSEC Montreal where she leads introductory workshops on pentest and is a member of the NorthSec outreach committee. She was recently honoured for her career and contribution to the cyber community by being named one of the top 20 women in cyber security in Canada.
3 pm-5 pm
Workshop: Crypto 101
Workshop in English
Created for Cyber Security Professionals with an interest in expanding their knowledge base, Cryptography 101 is an introductory level presentation and workshop covering a brief history of cryptography, basics of encryption/decryption, and early and modern algorithms.
Applied cryptography exercises will be intermingled throughout the presentation to highlight real life situations which Cyber Security Professionals may encounter.
By the end of the presentation, the audience will have a beginner's understanding of the elements of cryptography, various common algorithms and practical knowledge regarding cryptography applications.
Nadine Halfyard, B.Eng, CySA+, graduated Electrical Engineering at Memorial University of Newfoundland in 2017. She has been working in the Cyber Security field since graduation, starting out in a payment assurance laboratory and is now employed in the defence sector securing military networks. Her interest in cryptography ignited while working in the laboratory, where part of her job was to attempt to extract cryptographic keys through Side Channel Analysis. In the defence sector, she is working on PKI systems.
Pre-pandemic times, Nadine enjoyed street dancing and spending time with her CTF crew, Hacker Knights. Post-pandemic, she enjoys reading Sci Fi novels and is slowly merging with her laptop to become the first Hu-Puter (Human Computer Hybrid). Nadine is currently working on her Professional Engineering designation and PenTest+ certification.