Day 2 (Friday) - Main Track

As a former member of the Canadian Forces, I learned how to define security by conducting aggressive security testing. Transitioning these skills to cybersecurity testing of the corporate world has identified consistent mistakes – on the part of the target networks, and by the red team itself. Using real world “war stories”, the talk will review the set-up and operation of red team tests against Canadian-specific targets. What works in setting up a successful team? How do you manage test up-front with the target organization? Most importantly, what are the mistakes we have seen over and over in the past? (And it’s not just a lack of patching!). And when it comes to the testers, are they making mistakes that contribute to poor or ineffective testing? The goal of the talk is to understand how to effectively test a network’s security and make the most of this type of testing. There has been a reluctance to do red team testing in Canadian networks, but now it’s time to move beyond “scans and pokes”, and treat a network the way the hackers do!

Breaking into cybersecurity can feel overwhelming. Threats and technologies are constantly evolving, so it’s easy to feel like you’re always behind. However, we don’t have to navigate this journey alone. This talk explores how AI can be a powerful, accessible tool for learning cybersecurity, helping newcomers get hands-on experience and enabling others to accelerate their growth and stay current in a fast-moving industry. Drawing from our diverse backgrounds, we’ll share how AI supported our growth and how it can help others do the same. Whether you’re new to the field, expanding your skillset, or mentoring others, this talk will give you actionable ways to integrate AI into your cybersecurity journey.

For everyone who’s idly thought about hanging out their own shingle as a “lone wolf cybersecurity consultant” or getting together with a few friends to start a startup to be your own boss, this is a session for you. In addition to founding eSentire, a Canadian Managed Detection and Response (MDR) company that achieved a unicorn valuation in 2022, Eldon Sprickerhoff has mentored dozens of cybersecurity startups through the Rogers Cybersecurity Catalyst programs over the last five years and released a book titled “Committed: Startup Survival Tips and Uncommon Sense for First-Time Tech Founders” that achieved bestseller status in two formats on Amazon in October 2024 (Hardcover #1, Kindle #3) in the “Starting a Business” category. He’ll walk through the realities of starting a cybersecurity company in 2025: the pros and cons, what it takes to differentiate yourself, what mistakes are commonly made, and how to improve your odds of survival in an increasingly chaotic world.

The presentation examines how different OS architectures, particularly Linux and BSD, shape the techniques used in binary exploitation. It begins by highlighting the foundational systems and standards—System V, POSIX, BSD, UNIX, and Linux—that influence an OS’s behavior and security mechanisms like memory management, calling conventions, and stack management.

Key topics include the System V application binary interface (ABI), which governs function calls and stack management, and POSIX standards, which ensure cross-platform exploit portability. The presentation explores UNIX philosophy’s emphasis on simplicity and modularity, showing how patterns can help us think about vulnerabilities. The section about BSD’s influence focuses on advanced memory management techniques that impact exploit strategies.

The presentation also covers OS security features (e.g., ASLR, Write XOR Execute (W^X), and stack canaries), and how to bypass them. It delves into exploiting system calls for privilege escalation, using a case study surrounding Shellshock (CVE-2014-6271) and how it relates to recent memory corruption issues. A comparison of SysV and BSD mechanics shows differences in calling conventions, stack management, and system calls—all of which affect exploit development.

In conclusion, the presentation displays why an OS’s architecture can make or break successful binary exploitation, even if techniques themselves are theoretically viable.

Spotlight Panel: “Resilience Through Community”
Presented by Women in Defence and Security (WiDS)

In cybersecurity, resilience depends on connection and on the strength of our communities to share knowledge, support one another, and adapt together.

Join us on for this special WiDS-produced Spotlight Panel at BSides Ottawa 2025, bringing together leaders from across Canada’s defence and security ecosystem to explore how collaboration, mentorship, and diverse voices strengthen resilience across our industry.

Expect real stories, practical insights, and candid conversation about how strong networks, allyship, and inclusive leadership help individuals and organizations adapt, recover, and thrive in the face of today’s complex challenges.

Moderator:
Amy Yee, Chief Digital Transformation Officer, C3SA Cyber Security & Audit

Panelists:
Kelly Bradshaw, Senior Manager, Policing and Public Safety, @Accenture and VP, Industry Relations, WiDS Executive Committee
Amélie Degagné, Team Lead, Enterprise Security Monitoring, Shared Services Canada
Ulrike Bahr-Gedalia, Strategic, Global Technology, Business & Public Policy Executive
Dan Doran, Vice President, Business Development & Marketing, @ADGA Group

With opening comments provided by:
Erika Coghill, Director, Marketing & Communications, ADGA Group and VP, Community Relations, WiDS Executive Committee

Feeling overwhelmed by alerts? Ever want to “hack back” the Hackers, but don’t want to break laws? Well here’s a revolutionary new strategy that will get you going! Defend by deceiving, and overwhelm anyone persistent enough to keep looking.

Based on nearly a decade of R&D and fieldwork, we are ready to premier a revolutionary new strategy for network defence. This talk will take a few moments to understand the current state of affairs, how it came to be, and turn it all upside down. We will discuss increasing your security posture by overwhelming your adversaries with everything they think they want and more. Join us, while we present a revolutionary new network defence strategy that will leave your adversaries confused, overwhelmed, and unmotivated to come back for more.

What had started as a funny joke-turned-side-project, has taken on a whole new meaning when the long-term results were analyzed. Surprising results lead to deeper research and more in-depth analysis on strategies of both the Blue and Read Team perspectives. Exploratory Purple Team research at it’s finest!

If you’re looking for something unique, something that laughs at the idea of existing within a box, then this is it. Presented with the beginners in mind, but an enticing enough of an idea that even long-time veterans will be interested. Sprinkled with just enough memes and shenanigans, this is a presentation sure to keep a wide audience on the edge of their seats with intrigue.

“All warfare is based on deception.”
-Sun Tzu

While events like FIFA and the Olympics bring together our global community in a celebration of sport and national pride, they also attract threat actors who target every aspect of the games. FIFA 2026 will be the first games to host forty-eight national teams across three countries and have the additional challenge of defending against an unprecedented hybrid landscape. This session will explore layered security considerations and how to coordinate our efforts to combat evolving threats.