BSides Toronto 2020

Over the last 20 years, I have been integrating technology solutions into customer environments solving business problems. I have worked with many customers from small to national to international; from coding shops to healthcare to manufacturing.

Ali Abdollahi a cyber security expert with over 8 years of experience working in a variety of security fields. Ali is a full-time consultant helping clients with product security testing, reverse engineering, penetration testing, exploit developing, red-teaming, secure coding, and more, giving him ample opportunity to use his skills in a diversity of ways. In addition, He is an instructor, author and board of review at Hakin9 company. Ali is a self-confessed bug hunter, publisher of many vulnerabilities and CVEs. He is a regular speaker and trainer at industry conferences like: BSides Budapest, BSides Dublin (Cancelled due to Covid-19), c0c0nXII, TyphoonCon (SSD), Cyber Junegle, Confidence, ISACA Euro CACS 2020, OWASP Appsecdays, DefCon

Anitha A is a Senior Information Security Analyst with the Cyber Security and Incident Response Team (CSIRT) at Target. Before joining Target Corporation, she worked with Cognizant SOC, she has over 5 years of work experience, primarily in Incident Response and SOC environments. Her strong suit includes Windows host-based analysis with a special interest in Bad USB Forensics.

Apurv Singh Gautam is pursuing his Master's in Cybersecurity from Georgia Tech. He commenced work in Threat Intel/Hunting 2 years ago. Throughout his professional career, he worked on hunting threats from both clear web and dark web and is also involved in performing HUMINT on the d2web. He is very passionate about giving back to the community and has already conducted several talks and seminars in local security meetups, schools, and colleges. He loves volunteering with Cybrary and Station X to help students make their way in Cybersecurity. He looks forward to the end of the day to play and stream one of the AAA games Rainbow Six Siege.

Ben is an experienced hacker & developer, with years of experience in endpoint security, behavioral analytics, application security and data security. Ben filled roles such as the CTO of Cynet, as well as leading the threat research group at Imperva. Ben is now leading research in building secure data access for data warehouses and data lakes as part of Satori.

Catalin is a security generalist specialized into Infrastructure and Product Security areas with a strong knowledge of Security Operations.
He works at Visma as a Product Security Engineer, enjoying his time into the Product Security Operations team providing technical leadership in various security services through the Visma Application Security Program.
Catalin is the OWASP Timisoara Chapter Leader where he aims to create a strong local security community focused on improving the application security world. Has also several recognized certifications in the security field like: MCSA, MCSE, Security+, CASP, CEH.

Chad is currently an Infrastructure Security Engineer at Palantir.

Prior to Palantir he worked on Active Directory and Security at Microsoft & was lucky enough to be in the right place at the right time to become a Microsoft Certified Master (MCM) for Directory Services (Active Directory) as part of the gig. He also spent some time in the Windows Engineering team working on Kernel Security & the Registry.

During the work day, most of his time is spent helping to build secure systems and infrastructure. Any free nerd hours outside of the office are spent on offensive security and exploit development.

I am a father and a SOC analyst. The investigative process and how analysts ask and answer questions are some of my greatest passions in the field. I began as a SOC analyst over 4 years ago and early in my career I learned how important questions are to an effective investigation. I hope to share tips that could helps others become awesome investigators and writers.

Dolev Farhi is the Principal Security Engineer at Wealthsimple. Previously, he was the security engineering lead at Paytm, the world’s fastest-growing mobile payment and commerce ecosystem.

Dolev has worked for several security firms, such as CyberArk and F5 Networks, and provided training for official Linux certification tracks. He specializes in Linux/UNIX security, web application security, and offensive security automation. He is the founder of DEFCON Toronto, a popular Toronto-based hacker group and enjoys researching weird IoT devices.

Etizaz Mohsin is an information security researcher and enthusiast. His core interest lies in low level software exploitation both in user and kernel mode, vulnerability research, reverse engineering. He holds a Bachelors in Software Engineering and started his career in Penetration Testing. He is an active speaker at international security conferences. He has achieved industry certifications, the prominent of which are OSCP, OSCE, OSWP, OSWE, OSEE, CREST CRT, CPSA, EWPTX, CEH.

Cyber Threat Hunter & Researcher with a proven history of working in the Cyber Security, Information Technology, Financial industry and Military industry.

Experienced in Malware/APT Research, Threat Hunting, Red/Blue Team, Cyber Threat Intelligence, Digital Forensics, Malware Analysis and Reverse Engineering.

Been on both Offensive and Defensive sides, bringing a Holistic point of view and mainly love to solve complex technological problems.

Hardik Parekh is recognized thought leader and executive in security/privacy domain with hands-on contributions to SANS CWE Top 25, OWASP SAMM, BSIMM 1.0 to BSIMM 9; and SAFECode. Hardik is part of the core team which developed OWASP SAMM 2.0.

Hardik has 16+ years of hands-on security experience with a track record of developing and maturing security programs in consumer and enterprise companies RSA/EMC, Intuit, Amazon, and Splunk. Hardik has built security programs in dynamic, fast-paced environments while partnering effectively across the company. Hardik has transformed DevOps organization to DevSecOps by integrating security engineering tools in CICD pipeline and delivered security at scale and speed in the Cloud.

Hardik also serves on several advisory boards including non-profit Security and IT Certification leader CompTIA.

Haydn lives local to Toronto and contributes to the community via blogging and talks. Haydn has over 7 years of information security experience, including network/web penetration testing, vulnerability assessments and Cyber Threat Intelligence. He was on the 2019 SANS Purple Team CFP review board and currently holds the OSCP, GXPN and eCIR certifications. @haydnjohnson has gained both red and blue team experience.

Ilya Kolmanovich -
Ilya is a security researcher who specializes in malware analysis and threat intelligence combining a decade of experience from both Israeli and Canadian InfoSec communities. Recently, he has been working on building Digital & Cyber Threat Hunting Programs for RBC. In his previous life, Ilya lead threat and malware research for top security vendors like RSA, Trusteer & IBM Security, detecting and eliminating threats for millions of customers and their private networks.
Passionate about hunting and automation.

Felix Kurmish -
Cyber Threat Hunter & Researcher with a proven history of working in the Cyber Security, Information Technology, Financial industry and Military industry. Experienced in Malware/APT Research, Threat Hunting, Red/Blue Team, Cyber Threat Intelligence, Digital Forensics, Malware Analysis and Reverse Engineering. Been on both Offensive and Defensive sides, bringing a Holistic point of view and mainly love to solve complex technological problems.

Jon Rohrich is a Security & Compliance Technical Specialist at Microsoft Canada with a focus primarily on Identity, Device, Threat, and Information Management. Jon has 8 years’ experience advising IT & Information Security executives from a strategic capacity, at customers across a breadth of industries such as financial services, healthcare, legal, government and more. Jon helps businesses keep pace with the rapidly changing security and threat landscape. Jon holds an array of technical and Security certifications including the Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH). Jon is a Canadian Forces Veteran having served 5 years as an Infantry Soldier and LAV III Gunner in the 1st Battalion, Royal Canadian Regiment prior to pursuing a career in Information Security.

Matthew Marji is a Senior Product Security engineer for Auth0, an identity platform for application builders. He possesses the natural ability to simplify difficult security concepts; empowering the engineering teams he works with to build secure applications. In his free time, he lifts weights, enjoys espresso, and reads the OAuth2 RFC.

BSides Staff

Payal R K is a Lead Information Security Analyst in Target's Cyber Security Incident Response Team (CSIRT). She joined Target Corporation in 2018 and currently leads the CSIRT India team as an Incident Handler. Payal has a strong skill set which includes conducting host-based and network-based analysis. Before joining Target, she was a Security Analyst at VMware India. During her time at VMware she had an opportunity to speak at Grace Hopper Conference India, 2016 on the topic "Sniffing using Dsniff”.

Pietro Oliva is a security researcher holding a degree in IT security from Università degli Studi di Milano.
He has several years of professional experience in the security field, where he has worked with many global leading companies in a variety of service offerings which mainly include penetration testing, red teaming, and security/vulnerability research.
His main areas of interests involve vulnerability research, reverse engineering, and exploit development. Some of his personal research has been made public through responsible vulnerability disclosures.

Tim has more than 20 years of experience in information security, with his duties ranging from C-suite briefings to red team engagements abroad. As a member of Canada's mirror committee to ISO/IEC JTC 1/SC 27 and the Cloud Security Alliance OCF WG, Tim also works to advance security standards for industry and the public sector. He has previously spoken at events including InnovationTO, GovSym, the MISA Ontario Security Conference, and the Chief Security Officer Summit.