Presented by Xanthus Security
Hello Internet sleuths… A brutal murder has sent shockwaves through the community, and the trail is cold – but not for long. Your mission: hack into secure systems, break through encrypted files, capture communications over the air, and sift through layers of digital evidence to reveal the truth. You’ll uncover alibis, expose lies and determine if DNA evidence has been tampered with. This isn’t your average murder – it’s a race against time. With each flag you capture, you’ll get one step closer to unmasking the killer. But can you piece it all together before the case slips away forever?
CTF is open from 9:00am – 5:30pm both days.
Presented by TOOOL Ottawa
Giving keyless entry a different meaning…
New or experienced, come learn how lock picking works, and try it yourself on a variety of practice locks leading to progressively more challenging locks. TOOOL Ottawa reminds everyone to never pick a lock you do not have permission to open, and never pick a lock you depend on. This village has plenty of locks, cuffs and challenges to satisfy your curiosity so you need not be tempted to practice on your own door locks, with friendly people nearby to help and encourage you.
Lock picking is a rewarding experience and in under and hour many people are able to master the techniques and get the thrill of opening some of the most common padlocks available. Other hands on training will include lock pinning, handcuffs and bypass tools.
Presented by Loudmouth Security
Embedded systems exist at the intersection of hardware and software, built to accomplish a specific task. Often these disciplines are dealt with individually, but understanding the custom relationships between hardware and software is key to performing security research on these devices.
Embedded Systems Village advances the security of embedded systems by hosting hands-on hacking workshops, showcasing new security research demos, and organizing exciting hacking contests to educate attendees and manufacturers on the approach hackers use to attack these devices. Attendees will leave the village with an understanding of how to reduce complex, exotic devices to their underlying embedded components and to extract the information required to use the tools and techniques taught at other villages where embedded systems are on display. What we will bring:
Labs: We have a lab platform that brings everyone from every skill level to the same playing field with step by step instructions that aim to teach individuals specific techniques and skills in a hands-on manner.
Interactive Hacking Content: We want to showcase the weird and cool embedded devices that aren’t highlighted in other villages, and provide an opportunity for hackers to get hands-on experience hacking them.
Contests: This is what our team is best known for. We build crazy CTFs, and this year will be no different. We are working on a brand new CTF contest that will support everyone from the casual player (i.e. someone that only wants to drop in for a few minutes) all the way to the hardcore teams.
Expect unique devices, new challenge formats and that WOW factor that our CTFs have had in the past. Building on our lessons learned and experience over the years, we are confident that this track will not disappoint!
Step into the world of cyber resilience at the Blue Team Village, where your expertise in detection, investigation, and response is key. This immersive experience is designed to challenge your ability to uncover hidden threats, analyze complex incidents, and piece together the story behind cyber intrusions. You’ll work alongside like-minded professionals, applying cutting-edge techniques in digital forensics and incident response to real-world scenarios. Whether you’re experienced in blue teaming or eager to enhance your skills, the Blue Team Village offers a hands-on environment where your investigative instincts and analytical prowess will shine.
Policy Village is not about corporate policies such as Acceptable Use Policy… Nor is it about implementing technical controls or anything like that. Rather, it’s about understanding the ways that policies at the government level affect the world of cybersecurity, and what we can do to get involved in policy-making. Whether you’re a cybersecurity professional, casual hacker, or enthusiast of politics, this track offers a lot to think about, and some ideas to take home.
The BSides Ottawa Career Fair is an expo-style event where potential employers and employees to get to know each other in person, to ask questions, and—in some cases—even to start the application process. Whether you’re just getting your feet wet or are a battle-hardened cybersec ninja, come to the fair either or both days and see what shakes out
Presented by siberX
Step into the Breach!
Put your wits to the test in our immersive Cybersecurity Escape Room challenge! This high-stakes experience transports you to the heart of a live cyber crisis. Work against the clock to crack codes, outsmart threat actors, and unravel security puzzles designed to push your critical thinking, teamwork, and problem-solving skills to the limit. With every clue unlocked and every challenge conquered, you’ll come closer to securing your organization’s virtual perimeter and escaping to victory. Are you ready to face the threats and emerge as a hero? Can you beat the hack?
The escape room will be open 9:00am – 5:30pm both days.
Presented by siberX
Test your resilience and strategic thinking with our immersive tabletop exercises, designed to challenge both technical and leadership skills in real-world cyber crisis scenarios.
Code Crackdown: The CVE Challenge
Session 1 (Technical)
November 21 | 1:00 PM
Dive deep into a live technical challenge designed for cybersecurity professionals. In Code Crackdown: The CVE Challenge, participants will analyze, decode, and exploit real-world vulnerabilities. This session tests your technical expertise as you race to identify critical weaknesses and develop solutions to mitigate threats in a controlled, high-stakes environment. Are you ready to prove your mettle and emerge as a top-tier defender?
Ransomware Rampage: A Crisis Control Challenge
Session 2 (Non-Technical)
November 22 | 1:00 PM
Step into a crisis control scenario where quick thinking, strategic communication, and effective leadership are key to surviving a simulated ransomware attack. Ransomware Rampage challenges participants to navigate the complexities of incident response, make high-impact decisions, and safeguard critical assets in real-time. Test your crisis management capabilities and emerge as a true leader in this immersive, high-pressure exercise.