𝗕é𝗻é𝘃𝗼𝗹𝗮𝘁: 𝗥𝗲𝗷𝗼𝗶𝗻𝘀 𝗹'é𝗾𝘂𝗶𝗽𝗲 𝗱𝗲 𝗯é𝗻é𝘃𝗼𝗹𝗲𝘀 𝗽𝗼𝘂𝗿 𝗹'é𝗱𝗶𝘁𝗶𝗼𝗻 𝟮𝟬𝟮𝟲 • 𝗩𝗼𝗹𝘂𝗻𝘁𝗲𝗲𝗿𝗶𝗻𝗴: 𝗝𝗼𝗶𝗻 𝘁𝗵𝗲 𝗩𝗼𝗹𝘂𝗻𝘁𝗲𝗲𝗿 𝗧𝗲𝗮𝗺 𝗳𝗼𝗿 𝘁𝗵𝗲 𝟮𝟬𝟮𝟲 𝗘𝗱𝗶𝘁𝗶𝗼𝗻!

À la recherche de bénévoles les 11 au 17 mai prochains. Les bénévoles sont au cœur de NorthSec depuis 2013. Toute l'organisation de l'événement est portée par une équipe incroyable de bénévoles.

Équipes qui recherchent des bénévoles: conférences, logistique, formations, inscriptions/accueil, bar et villages.

Ce qui t'attend:

• Accès gratuit à la conférence et à la compétition (avec l'équipe «underdogs» non-compétitive)
• T-shirt bénévole NorthSec
• Nourriture et boissons pendant tes shifts
• Réseautage avec des professionnels de la cybersécurité

Tous les détails à https://nsec.io/fr/volunteer/

Looking for volunteers from May 11 to 17. Volunteers have been at the heart of NorthSec since 2013. The entire event is powered by an incredible team of volunteers.

Teams looking for volunteers: conferences, logistics, training, registration/welcomw, bar and villages.

What awaits you:

• Free access to the conference and competition (with the non-competitive team "underdogs")
• NorthSec volunteer t-shirt
• Food and drinks durieg your shifts
• Networking with cybersecurity professionals

More details at https://nsec.io/volunteer/

#NorthSec

NorthSec 2026 speaker lineup is here ...and it's our best yet!

31 talks & workshops. Two days in Montréal. Tickets going fast (get yours by April 1st to secure a badge and a t-shirts). 👇

𝗧𝗮𝗹𝗸𝘀:
• Guillaume Valadon & Gaetan — Private Key Leaks in the Wild: Insights from Certificate Transparency
• Philippe Pépos Petitclerc — A systematic approach to evading antivirus software
• Émilio Gonzalez — Increasing detection engineering maturity with detection as code
• François Labrèche — A Needle in a Haystack: Identifying an Infostealer Attack Through Trillions of Events in a Large-scale Modern SOC
• Wietze — Trust me, I'm a Shortcut - new LNK abuse methods
• Reza Sharifi — Internet Blackout 2026 in Iran — Next-Level Internet Censorship: A Technical Breakdown of Techniques and Tactics
• Andrew Buchanan, Max CM & Connor Laidlaw — Commit, Push, Compromise: Attacking Modern GitHub Orgs
• Dirk-jan Mollema & Sanne Maasakkers — Researchers vs. Threat Actors in Cloud Attacks
• Jeremy Miller — Measuring AI Ability to Complete Long Cybersecurity Tasks
• Manu Jose — The Merchant of Venice: Trading Latency for Security at Scale
• Joshua Prager & Ben Schroeder — Mapping Deception Solutions with BloodHound OpenGraph
• Christian Paquin — Doxxing-proof authentic digital media: trust the asset, protect the source
• Robbe Van Roey — Hacking Browsers: The Easy Way
• Ron Bowes — Adventures in Process Injection (How I Accidentally Built a Debugger - Again!)
• Xavier Facélina — Le futur s'invente avant-hier
• Charl-Alexandre Le Brun & Simon Lachkar — The OpenGraph diary: Attack path management applied to Ansible
• François Proulx — Living Off The Pipeline: Defensive Research, Weaponized
• Pierre-Nicolas Allard-Coutu — Stolen Laptops: Defeating DMA Countermeasures
• Philippe Marchand — Cybermenaces géopolitiques au Canada: État des lieux et perspectives stratégiques
• Kristine Barbara — From Experts to Everyone: Democratizing Threat Modeling at Ubisoft
• Chirag Savla — When Serverless Becomes a Foothold: Abusing Azure Function Apps in Modern Cloud Environments
• Brad Edwards — APTL: An Open Source Agentic Purple Team Lab
• Maxime Arquilliere & Coline C — Sold to the highest bidder: the escalation of ADINT from geolocation tracking to intrusion vector
• Sébastien Dudek — Hacking 5G: From Radio Security to the APIs

𝗪𝗼𝗿𝗸𝘀𝗵𝗼𝗽𝘀:
• Logan Maclaren & Lewis Moore — Command & Conquer: A hands-on C2 primer for aspiring Red & Blue teamers
• Santiago Abastante — AWS Security - The Purple Team Way
• Faan Rossouw — Agentic AI for Threat Hunting
• Ben Gardiner — Hardware RE: a gentle intro
• Tammy Harper — The Ransomware Negotiation Lab
• Mark El-Khoury — DIY Continuous Security: Practical Security Engineering
• Ashley Manraj & Philippe Dugré (zer0x64) — Breaking and Hardening the Cloud: Advanced Hooking and Shellcoding in a Hardened Environment

#NorthSec #cfp #infosec #cybersecurity

🟣 𝗥𝗲𝗻𝗱𝗼𝗻𝘀 𝗻𝗼𝘁𝗿𝗲 𝗰𝗼𝗺𝗺𝘂𝗻𝗮𝘂𝘁é 𝗽𝗹𝘂𝘀 𝗶𝗻𝗰𝗹𝘂𝘀𝗶𝘃𝗲! • 𝗟𝗲𝘁'𝘀 𝗺𝗮𝗸𝗲 𝗼𝘂𝗿 𝗰𝗼𝗺𝗺𝘂𝗻𝗶𝘁𝘆 𝗺𝗼𝗿𝗲 𝗶𝗻𝗰𝗹𝘂𝘀𝗶𝘃𝗲!

Tu fais partie d'un groupe sous-représenté et tu rêves de participer à un CTF enivrant? NorthSec te donne ta chance!

Ce que tu peux gagner: 1 billet CTF à gagner (jusqu'à 8 personnes seront sélectionnées)

👉 Date limite: 13 mars

Envoie ta lettre de motivation et ton CV. Partage cette initiative avec toutes les personnes qui pourraient être intéressées! https://nsec.io/fr/diversity/

Are you part of an underrepresented group and dream of participating in an exciting CTF? NorthSec is giving you the chance!

What you can win: 1 CTF ticket (up to 8 people will be chosen)

👉 Deadline: March 13

Send your cover letter and resume. Share this initiative with anyone who might be interested! https://nsec.io/diversity/

#womenintech #cybersecurity #infosec #NorthSec

🏋️ 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟲 𝗙𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻𝘀/𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘀 (12/12): "Adversary Perspectives: Azure" 𝗽𝗮𝗿/𝗯𝘆 Hope Walker (SpecterOps)

📅 Dates: May 10-13, 2026 (4 days)
📊 Difficulty: Medium
🖥️ Mode: Remote

Description:
"𝘖𝘳𝘨𝘢𝘯𝘪𝘻𝘢𝘵𝘪𝘰𝘯𝘴 𝘩𝘢𝘷𝘦 𝘵𝘩𝘦𝘪𝘳 𝘩𝘦𝘢𝘥𝘴 𝘪𝘯 𝘵𝘩𝘦 𝘤𝘭𝘰𝘶𝘥𝘴, 𝘰𝘳 𝘢𝘵 𝘭𝘦𝘢𝘴𝘵 𝘵𝘩𝘦𝘪𝘳 𝘪𝘯𝘧𝘳𝘢𝘴𝘵𝘳𝘶𝘤𝘵𝘶𝘳𝘦. 𝘎𝘰𝘯𝘦 𝘢𝘳𝘦 𝘵𝘩𝘦 𝘥𝘢𝘺𝘴 𝘰𝘧 𝘰𝘯-𝘱𝘳𝘦𝘮 𝘥𝘰𝘮𝘢𝘪𝘯 𝘤𝘰𝘯𝘵𝘳𝘰𝘭𝘭𝘦𝘳𝘴 𝘢𝘯𝘥 𝘌𝘹𝘤𝘩𝘢𝘯𝘨𝘦 𝘴𝘦𝘳𝘷𝘦𝘳𝘴. 𝘔𝘪𝘤𝘳𝘰𝘴𝘰𝘧𝘵’𝘴 𝘈𝘻𝘶𝘳𝘦 𝘱𝘳𝘰𝘷𝘪𝘥𝘦𝘴 𝘰𝘳𝘨𝘢𝘯𝘪𝘻𝘢𝘵𝘪𝘰𝘯𝘴 𝘸𝘪𝘵𝘩 𝘵𝘩𝘦 𝘢𝘣𝘪𝘭𝘪𝘵𝘺 𝘵𝘰 𝘥𝘦𝘱𝘭𝘰𝘺 𝘤𝘭𝘰𝘶𝘥 𝘩𝘰𝘴𝘵𝘴 𝘢𝘯𝘥 𝘴𝘦𝘳𝘷𝘪𝘤𝘦𝘴 𝘵𝘰 𝘢𝘶𝘨𝘮𝘦𝘯𝘵, 𝘰𝘳 𝘪𝘯 𝘴𝘰𝘮𝘦 𝘤𝘢𝘴𝘦𝘴, 𝘳𝘦𝘱𝘭𝘢𝘤𝘦 𝘦𝘹𝘪𝘴𝘵𝘪𝘯𝘨 𝘧𝘶𝘯𝘤𝘵𝘪𝘰𝘯𝘢𝘭𝘪𝘵𝘺 𝘤𝘰𝘮𝘱𝘭𝘦𝘵𝘦𝘭𝘺. 𝘈𝘭𝘭 𝘰𝘧 𝘵𝘩𝘦𝘴𝘦 𝘯𝘦𝘸 𝘤𝘭𝘰𝘶𝘥 𝘢𝘴𝘴𝘦𝘵𝘴 𝘯𝘦𝘦𝘥 𝘱𝘳𝘰𝘵𝘦𝘤𝘵𝘪𝘰𝘯, 𝘣𝘰𝘵𝘩 𝘵𝘩𝘳𝘰𝘶𝘨𝘩 𝘵𝘳𝘢𝘥𝘪𝘵𝘪𝘰𝘯𝘢𝘭 𝘥𝘦𝘧𝘦𝘯𝘴𝘪𝘷𝘦 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘮𝘦𝘢𝘴𝘶𝘳𝘦𝘴, 𝘢𝘯𝘥 𝘰𝘧𝘧𝘦𝘯𝘴𝘪𝘷𝘦 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘢𝘴𝘴𝘦𝘴𝘴𝘮𝘦𝘯𝘵𝘴. 𝘍𝘰𝘳 𝘯𝘦𝘸 𝘢𝘯𝘥 𝘷𝘦𝘵𝘦𝘳𝘢𝘯 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘱𝘳𝘰𝘧𝘦𝘴𝘴𝘪𝘰𝘯𝘢𝘭𝘴 𝘢𝘭𝘪𝘬𝘦, 𝘶𝘯𝘥𝘦𝘳𝘴𝘵𝘢𝘯𝘥𝘪𝘯𝘨 𝘩𝘰𝘸 𝘵𝘩𝘦𝘴𝘦 𝘯𝘦𝘸 𝘵𝘦𝘤𝘩𝘯𝘰𝘭𝘰𝘨𝘪𝘦𝘴 𝘸𝘰𝘳𝘬 𝘢𝘯𝘥 𝘵𝘩𝘦 𝘯𝘶𝘢𝘯𝘤𝘦𝘴 𝘰𝘧 𝘴𝘦𝘤𝘶𝘳𝘪𝘯𝘨 𝘵𝘩𝘦𝘮 𝘤𝘢𝘯 𝘲𝘶𝘪𝘤𝘬𝘭𝘺 𝘣𝘦𝘤𝘰𝘮𝘦 𝘤𝘰𝘮𝘱𝘭𝘪𝘤𝘢𝘵𝘦𝘥. 𝘈𝘥𝘷𝘦𝘳𝘴𝘢𝘳𝘺 𝘗𝘦𝘳𝘴𝘱𝘦𝘤𝘵𝘪𝘷𝘦𝘴: 𝘈𝘻𝘶𝘳𝘦 𝘢𝘪𝘮𝘴 𝘵𝘰 𝘱𝘳𝘰𝘷𝘪𝘥𝘦 𝘱𝘢𝘳𝘵𝘪𝘤𝘪𝘱𝘢𝘯𝘵𝘴 𝘸𝘪𝘵𝘩𝘰𝘶𝘵 𝘱𝘳𝘦𝘷𝘪𝘰𝘶𝘴 𝘈𝘻𝘶𝘳𝘦 𝘦𝘹𝘱𝘦𝘳𝘪𝘦𝘯𝘤𝘦 𝘸𝘪𝘵𝘩 𝘢 𝘴𝘰𝘭𝘪𝘥 𝘶𝘯𝘥𝘦𝘳𝘴𝘵𝘢𝘯𝘥𝘪𝘯𝘨 𝘰𝘧 𝘩𝘰𝘸 𝘢𝘵𝘵𝘢𝘤𝘬𝘦𝘳𝘴 𝘭𝘰𝘰𝘬 𝘢𝘵 𝘔𝘪𝘤𝘳𝘰𝘴𝘰𝘧𝘵 𝘈𝘻𝘶𝘳𝘦, 𝘪𝘵𝘴 𝘢𝘶𝘵𝘩𝘦𝘯𝘵𝘪𝘤𝘢𝘵𝘪𝘰𝘯 𝘮𝘦𝘤𝘩𝘢𝘯𝘪𝘴𝘮𝘴, 𝘢𝘯𝘥 𝘩𝘰𝘸 𝘵𝘩𝘦𝘺 𝘤𝘰𝘮𝘮𝘰𝘯𝘭𝘺 𝘢𝘵𝘵𝘢𝘤𝘬 𝘈𝘻𝘶𝘳𝘦-𝘣𝘢𝘴𝘦𝘥 𝘦𝘯𝘷𝘪𝘳𝘰𝘯𝘮𝘦𝘯𝘵𝘴."

About the trainer:
Hope Walker (@icemoonhsv) is a Principal Consultant at SpecterOps with experience in conducting and leading red team operations. Prior to joining SpecterOps, she conducted research, led red team process improvement efforts, trained new operators, and managed the operations floor for a DoD Red Team. Hope holds four degrees from the University of Alabama in Huntsville including a master’s in cyber security and was a recipient of the National Science Foundation Cyber Corps scholarship.

🔗 Training details: https://nsec.io/training/2026-adversary-perspectives-azure/

#NorthSec #cybersecurity #Azure #cloudsecurity #offensivesecurity

🏋️ 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟲 𝗙𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻𝘀/𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘀 (11/12): "Practical AI Security - Go Beyond Theory: Build, Break, and Defend" 𝗽𝗮𝗿/𝗯𝘆 Harish Ramadoss

📅 Dates: May 11, 12 and 13, 2026 (3 days)
📊 Difficulty: Medium
🖥️ Mode: On-Site

Description: Learn AI security from first principles with a Build, Break, Defend approach. Build production-grade GenAI applications using LLM APIs, embeddings, RAG pipelines, agentic systems, and MCPs. Attack real applications through prompt injection, sensitive data disclosure, and MCP exploitation. Implement guardrails, MCP gateways for observability, and agentic security patterns. Integrate AI security tooling into your SDLC.

About the trainer:
Harish Ramadoss has several years of expertise in Product Security, Red Teaming, and Security Research. Previously, he was a Principal at Trustwave Spiderlabs, where he led their Application Security efforts. He joined Rippling as a founding member of the Security Engineering team and leads their AI Security and Appsec efforts. Harish built DejaVu, an open-source deception platform. He has presented at Black Hat, DEFCON, HITB, and other conferences globally.

🔗 Training details: https://nsec.io/training/2026-practical-ai-security-go-beyond-theory-build-break-and-defend/

#NorthSec #cybersecurity #AI #aisecurity #generativeai

🏋️ 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟲 𝗙𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻𝘀/𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘀 (10/12): "Offensive GCP Operations & Tactics Certification (OGOTC)" 𝗽𝗮𝗿/𝗯𝘆 Chirag Savla & Jay Pandya

📅 Dates: May 11, 12 and 13, 2026 (3 days)
📊 Difficulty: Medium
🖥️ Mode: Hybrid (on-site & remote)

Description: "𝘖𝘧𝘧𝘦𝘯𝘴𝘪𝘷𝘦 𝘎𝘊𝘗 𝘖𝘱𝘦𝘳𝘢𝘵𝘪𝘰𝘯𝘴 & 𝘛𝘢𝘤𝘵𝘪𝘤𝘴 𝘊𝘦𝘳𝘵𝘪𝘧𝘪𝘤𝘢𝘵𝘪𝘰𝘯 (𝘖𝘎𝘖𝘛𝘊) 𝘪𝘴 𝘢𝘯 𝘩𝘢𝘯𝘥𝘴-𝘰𝘯 𝘤𝘰𝘶𝘳𝘴𝘦 𝘥𝘦𝘴𝘪𝘨𝘯𝘦𝘥 𝘵𝘰 𝘦𝘲𝘶𝘪𝘱 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘱𝘳𝘰𝘧𝘦𝘴𝘴𝘪𝘰𝘯𝘢𝘭𝘴 𝘸𝘪𝘵𝘩 𝘵𝘩𝘦 𝘴𝘬𝘪𝘭𝘭𝘴 𝘵𝘰 𝘢𝘴𝘴𝘦𝘴𝘴 𝘢𝘯𝘥 𝘦𝘹𝘱𝘭𝘰𝘪𝘵 𝘷𝘶𝘭𝘯𝘦𝘳𝘢𝘣𝘪𝘭𝘪𝘵𝘪𝘦𝘴 𝘪𝘯 𝘎𝘰𝘰𝘨𝘭𝘦 𝘊𝘭𝘰𝘶𝘥 𝘗𝘭𝘢𝘵𝘧𝘰𝘳𝘮 (𝘎𝘊𝘗) 𝘦𝘯𝘷𝘪𝘳𝘰𝘯𝘮𝘦𝘯𝘵𝘴. 𝘛𝘩𝘪𝘴 𝘤𝘰𝘶𝘳𝘴𝘦 𝘤𝘰𝘷𝘦𝘳𝘴 𝘵𝘩𝘦 𝘧𝘶𝘭𝘭 𝘢𝘵𝘵𝘢𝘤𝘬 𝘭𝘪𝘧𝘦𝘤𝘺𝘤𝘭𝘦, 𝘧𝘳𝘰𝘮 𝘪𝘯𝘪𝘵𝘪𝘢𝘭 𝘢𝘤𝘤𝘦𝘴𝘴 𝘢𝘯𝘥 𝘦𝘯𝘶𝘮𝘦𝘳𝘢𝘵𝘪𝘰𝘯 𝘵𝘰 𝘱𝘳𝘪𝘷𝘪𝘭𝘦𝘨𝘦 𝘦𝘴𝘤𝘢𝘭𝘢𝘵𝘪𝘰𝘯, 𝘭𝘢𝘵𝘦𝘳𝘢𝘭 𝘮𝘰𝘷𝘦𝘮𝘦𝘯𝘵, 𝘢𝘯𝘥 𝘱𝘰𝘴𝘵-𝘦𝘹𝘱𝘭𝘰𝘪𝘵𝘢𝘵𝘪𝘰𝘯 𝘵𝘦𝘤𝘩𝘯𝘪𝘲𝘶𝘦𝘴. 𝘗𝘢𝘳𝘵𝘪𝘤𝘪𝘱𝘢𝘯𝘵𝘴 𝘸𝘪𝘭𝘭 𝘭𝘦𝘢𝘳𝘯 𝘵𝘰 𝘢𝘣𝘶𝘴𝘦 𝘮𝘪𝘴𝘤𝘰𝘯𝘧𝘪𝘨𝘶𝘳𝘦𝘥 𝘐𝘈𝘔 𝘳𝘰𝘭𝘦𝘴, 𝘦𝘹𝘱𝘰𝘴𝘦𝘥 𝘈𝘗𝘐𝘴, 𝘢𝘯𝘥 𝘮𝘦𝘵𝘢𝘥𝘢𝘵𝘢 𝘴𝘦𝘳𝘷𝘪𝘤𝘦𝘴, 𝘢𝘴 𝘸𝘦𝘭𝘭 𝘢𝘴 𝘦𝘹𝘱𝘭𝘰𝘪𝘵 𝘸𝘦𝘢𝘬 𝘱𝘦𝘳𝘮𝘪𝘴𝘴𝘪𝘰𝘯𝘴 𝘢𝘯𝘥 𝘥𝘦𝘧𝘢𝘶𝘭𝘵 𝘤𝘰𝘯𝘧𝘪𝘨𝘶𝘳𝘢𝘵𝘪𝘰𝘯𝘴. 𝘛𝘩𝘦 𝘤𝘰𝘶𝘳𝘴𝘦 𝘢𝘭𝘴𝘰 𝘪𝘯𝘤𝘭𝘶𝘥𝘦𝘴 𝘢 𝘥𝘦𝘦𝘱 𝘥𝘪𝘷𝘦 𝘪𝘯𝘵𝘰 𝘒𝘶𝘣𝘦𝘳𝘯𝘦𝘵𝘦𝘴 𝘢𝘵𝘵𝘢𝘤𝘬𝘴, 𝘩𝘪𝘨𝘩𝘭𝘪𝘨𝘩𝘵𝘪𝘯𝘨 𝘩𝘰𝘸 𝘵𝘰 𝘤𝘰𝘮𝘱𝘳𝘰𝘮𝘪𝘴𝘦 𝘢𝘯𝘥 𝘮𝘰𝘷𝘦 𝘸𝘪𝘵𝘩𝘪𝘯 𝘒𝘶𝘣𝘦𝘳𝘯𝘦𝘵𝘦𝘴 𝘤𝘭𝘶𝘴𝘵𝘦𝘳𝘴. 𝘙𝘦𝘢𝘭-𝘸𝘰𝘳𝘭𝘥 𝘴𝘤𝘦𝘯𝘢𝘳𝘪𝘰𝘴, 𝘪𝘯𝘤𝘭𝘶𝘥𝘪𝘯𝘨 𝘤𝘳𝘦𝘥𝘦𝘯𝘵𝘪𝘢𝘭 𝘵𝘩𝘦𝘧𝘵, 𝘱𝘩𝘪𝘴𝘩𝘪𝘯𝘨, 𝘢𝘯𝘥 𝘴𝘦𝘳𝘷𝘪𝘤𝘦 𝘢𝘤𝘤𝘰𝘶𝘯𝘵 𝘩𝘪𝘫𝘢𝘤𝘬𝘪𝘯𝘨, 𝘸𝘪𝘭𝘭 𝘣𝘦 𝘦𝘹𝘱𝘭𝘰𝘳𝘦𝘥. 𝘋𝘦𝘧𝘦𝘯𝘴𝘪𝘷𝘦 𝘴𝘵𝘳𝘢𝘵𝘦𝘨𝘪𝘦𝘴 𝘢𝘯𝘥 𝘮𝘪𝘵𝘪𝘨𝘢𝘵𝘪𝘰𝘯 𝘵𝘦𝘤𝘩𝘯𝘪𝘲𝘶𝘦𝘴 𝘸𝘪𝘭𝘭 𝘣𝘦 𝘱𝘳𝘰𝘷𝘪𝘥𝘦𝘥 𝘵𝘰 𝘩𝘦𝘭𝘱 𝘴𝘦𝘤𝘶𝘳𝘦 𝘎𝘊𝘗 𝘦𝘯𝘷𝘪𝘳𝘰𝘯𝘮𝘦𝘯𝘵𝘴 𝘢𝘨𝘢𝘪𝘯𝘴𝘵 𝘵𝘩𝘦𝘴𝘦 𝘵𝘩𝘳𝘦𝘢𝘵𝘴."

About the trainers:
Chirag Savla is a cyber security professional with 10+ years of experience. His areas of interest include penetration testing, red teaming, azure and active directory security, and post-exploitation research. For fun, he enjoys creating open-source tools and exploring new attack methodologies in his leisure. Chirag has worked extensively on Azure, Active Directory attacks and defense, and bypassing detection mechanisms. He is the author of multiple open source tools such as Process Injection, Callidus, and others. He has presented at many conferences and local meetups and has trained people in international conferences like Blackhat, BSides Milano, Wild West Hackin’ Fest, HackSpaceCon, VulnCon and NorthSec.

🔗 Training details: https://nsec.io/training/2026-offensive-gcp-operations--tactics-certification-ogotc/

#NorthSec #cybersecurity #cloudsecurity #GCP #pentest

🏋️ 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟲 𝗙𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻𝘀/𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘀 (9/12): "Advanced Detection Engineering in the Enterprise" 𝗽𝗮𝗿/𝗯𝘆 Olaf Hartong & Rogier Boon (FalconForce)

📅 Dates: May 11, 12 and 13, 2026 (3 days)
📊 Difficulty: Medium
🖥️ Mode: On-Site

Description: "𝘍𝘢𝘭𝘤𝘰𝘯𝘍𝘰𝘳𝘤𝘦 𝘥𝘦𝘷𝘦𝘭𝘰𝘱𝘦𝘥 𝘢 𝘴𝘱𝘦𝘤𝘪𝘢𝘭𝘪𝘴𝘵 𝘸𝘰𝘳𝘬𝘴𝘩𝘰𝘱 𝘧𝘰𝘳 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘱𝘳𝘰𝘧𝘦𝘴𝘴𝘪𝘰𝘯𝘢𝘭𝘴 𝘵𝘰 𝘩𝘦𝘭𝘱 𝘵𝘢𝘬𝘪𝘯𝘨 𝘵𝘩𝘦𝘪𝘳 𝘥𝘦𝘵𝘦𝘤𝘵𝘪𝘰𝘯 𝘦𝘯𝘨𝘪𝘯𝘦𝘦𝘳𝘪𝘯𝘨 𝘤𝘢𝘱𝘢𝘣𝘪𝘭𝘪𝘵𝘪𝘦𝘴 𝘵𝘰 𝘵𝘩𝘦 𝘯𝘦𝘹𝘵 𝘭𝘦𝘷𝘦𝘭. 𝘈𝘯 𝘶𝘭𝘵𝘪𝘮𝘢𝘵𝘦 𝘥𝘦𝘵𝘦𝘤𝘵𝘪𝘰𝘯 𝘦𝘯𝘨𝘪𝘯𝘦𝘦𝘳𝘪𝘯𝘨 𝘭𝘦𝘢𝘳𝘯𝘪𝘯𝘨 𝘦𝘹𝘱𝘦𝘳𝘪𝘦𝘯𝘤𝘦 𝘸𝘪𝘵𝘩 𝘵𝘩𝘦 𝘰𝘱𝘱𝘰𝘳𝘵𝘶𝘯𝘪𝘵𝘺 𝘵𝘰 𝘨𝘰 𝘢𝘭𝘭-𝘪𝘯 𝘸𝘪𝘵𝘩 𝘳𝘦𝘢𝘭-𝘭𝘪𝘧𝘦, 𝘩𝘢𝘯𝘥𝘴-𝘰𝘯 𝘭𝘢𝘣 𝘦𝘹𝘦𝘳𝘤𝘪𝘴𝘦𝘴. 𝘛𝘩𝘦 𝘵𝘳𝘢𝘪𝘯𝘪𝘯𝘨 𝘤𝘰𝘷𝘦𝘳𝘴 𝘢 𝘧𝘶𝘭𝘭, 𝘳𝘦𝘢𝘭𝘪𝘴𝘵𝘪𝘤 𝘢𝘵𝘵𝘢𝘤𝘬𝘦𝘳 𝘴𝘤𝘦𝘯𝘢𝘳𝘪𝘰 𝘪𝘯 𝘢𝘯 𝘦𝘯𝘵𝘦𝘳𝘱𝘳𝘪𝘴𝘦 𝘦𝘯𝘷𝘪𝘳𝘰𝘯𝘮𝘦𝘯𝘵: 𝘧𝘳𝘰𝘮 𝘵𝘩𝘦 𝘦𝘯𝘥𝘱𝘰𝘪𝘯𝘵, 𝘵𝘩𝘳𝘰𝘶𝘨𝘩 𝘵𝘩𝘦 𝘈𝘤𝘵𝘪𝘷𝘦 𝘋𝘪𝘳𝘦𝘤𝘵𝘰𝘳𝘺 𝘢𝘯𝘥 𝘪𝘯𝘵𝘰 𝘵𝘩𝘦 𝘤𝘭𝘰𝘶𝘥 𝘦𝘯𝘷𝘪𝘳𝘰𝘯𝘮𝘦𝘯𝘵.

𝘛𝘩𝘪𝘴 𝘵𝘳𝘢𝘪𝘯𝘪𝘯𝘨 𝘪𝘴 𝘭𝘦𝘥 𝘣𝘺 𝘦𝘹𝘱𝘦𝘳𝘪𝘦𝘯𝘤𝘦𝘥 𝘪𝘯𝘴𝘵𝘳𝘶𝘤𝘵𝘰𝘳𝘴 𝘵𝘩𝘢𝘵 𝘵𝘦𝘢𝘤𝘩 𝘴𝘵𝘶𝘥𝘦𝘯𝘵𝘴 𝘵𝘰:
𝘜𝘯𝘥𝘦𝘳𝘴𝘵𝘢𝘯𝘥 𝘩𝘰𝘸 𝘵𝘰 𝘳𝘦𝘴𝘦𝘢𝘳𝘤𝘩 𝘢𝘯 𝘢𝘵𝘵𝘢𝘤𝘬𝘦𝘳 𝘵𝘦𝘤𝘩𝘯𝘪𝘲𝘶𝘦 𝘶𝘴𝘦𝘥 𝘪𝘯 𝘤𝘰𝘳𝘱𝘰𝘳𝘢𝘵𝘦 𝘦𝘯𝘷𝘪𝘳𝘰𝘯𝘮𝘦𝘯𝘵𝘴. 𝘉𝘶𝘪𝘭𝘥 𝘳𝘦𝘴𝘪𝘭𝘪𝘦𝘯𝘵 𝘥𝘦𝘵𝘦𝘤𝘵𝘪𝘰𝘯𝘴 𝘵𝘩𝘢𝘵 𝘢𝘳𝘦 𝘩𝘢𝘳𝘥𝘦𝘳 𝘵𝘰 𝘦𝘷𝘢𝘥𝘦 𝘣𝘺 𝘢𝘯 𝘢𝘵𝘵𝘢𝘤𝘬𝘦𝘳. 𝘝𝘢𝘭𝘪𝘥𝘢𝘵𝘦 𝘵𝘩𝘦𝘪𝘳 𝘥𝘦𝘵𝘦𝘤𝘵𝘪𝘰𝘯𝘴 𝘵𝘰 𝘮𝘢𝘬𝘦 𝘴𝘶𝘳𝘦 𝘵𝘩𝘦𝘺 𝘬𝘦𝘦𝘱 𝘧𝘶𝘯𝘤𝘵𝘪𝘰𝘯𝘪𝘯𝘨 𝘢𝘴 𝘪𝘯𝘵𝘦𝘯𝘥𝘦𝘥. 𝘛𝘩𝘦 𝘵𝘳𝘢𝘪𝘯𝘪𝘯𝘨 𝘧𝘰𝘤𝘶𝘴𝘦𝘴 𝘰𝘯 𝘔𝘪𝘤𝘳𝘰𝘴𝘰𝘧𝘵 𝘚𝘦𝘯𝘵𝘪𝘯𝘦𝘭 𝘢𝘯𝘥 𝘋𝘦𝘧𝘦𝘯𝘥𝘦𝘳 𝘟𝘋𝘙, 𝘣𝘶𝘵 𝘤𝘰𝘯𝘤𝘦𝘱𝘵𝘴 𝘤𝘢𝘯 𝘣𝘦 𝘢𝘱𝘱𝘭𝘪𝘦𝘥 𝘵𝘰 𝘰𝘵𝘩𝘦𝘳 𝘴𝘵𝘢𝘤𝘬𝘴 𝘢𝘴 𝘸𝘦𝘭𝘭."

About the trainers:
Olaf Hartong has a vast experience in digital security, specialized in security operations, detection engineering and threat hunting. Olaf has extensive knowledge of different monitoring platforms, in particular the Microsoft Defender XDR and Sentinel stack. He presents on well-known security conferences, such as BlackHat, Defcon, WWHF, BRUcon, SOcon, NorthSec, Insomni'hack and MITRE ATT&CKcon. Olaf is the author of ThreatHunting for Splunk, ATTACK datamap, FalconHound, and Sysmon-modular tools.

Rogier Boon has over 20 years experience as both a security consultant and in-house technical specialist. Throughout his career, Rogier had roles as offensive specialist and blue teamer (TIER2/3 SOC, incident response, detection engineer). Rogier brings extensive experience working in various high-tech environments and researching a multitude of technologies. Rogier facilitated at Black Hat US and various private trainings sessions for in-house SOC teams.

🔗 Save Your Spot: https://nsec.io/training/2026-advanced-detection-engineering-in-the-enterprise/

#NorthSec #cybersecurity #detectionengineering #infosec #blueeteam

🏋️ 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟲 Formations/Trainings (8/12): "Attacking & Securing CI/CD Pipeline Certification (ASCPC)" 𝗽𝗮𝗿/𝗯𝘆 Raunak Parmar & Robert (Bobby) Schwass (White Knight Labs)

📅 Dates: May 11, 12 and 13, 2026 (3 days)
📊 Difficulty: Medium
🖥️ Mode: Hybrid (on-site & remote)

Description: Master CI/CD security through practical offense and defense. Explore GitHub Actions context injection, CircleCI misconfigurations, AWS CodeBuild exploitation, Docker registry attacks, Kubernetes risks, and Azure DevOps abuse. Learn to identify and exploit real vulnerabilities while gaining hands-on defensive engineering techniques. Work directly with modern tools including GitHub Actions, CircleCI, Docker, Kubernetes, and AWS CodeBuild.

About the trainers:
Raunak Parmar and Bobby Schwass are DevSecOps specialists with extensive experience securing CI/CD pipelines and understanding the threat landscape across modern development infrastructure.

🔗 Training details: https://nsec.io/training/2026-attacking--securing-cicd-pipeline-certification-ascpc/

#NorthSec #cybersecurity #devsecops #cicd #cloudsecurity

🏋️ 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟲 𝗙𝗼𝗿𝗺𝗮𝘵𝗶𝗼𝗻𝘴/𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴 (7/12): "Offensive Development Practitioner Certification (ODPC)" 𝗽𝗮𝗿/𝗯𝘆 Munaf Shariff (White Knight Labs)

📅 Dates: May 11, 12 and 13, 2026 (3 days)
📊 Difficulty: Medium
🖥️ Mode: Hybrid (on-site & remote)

Description: "𝘛𝘩𝘦 𝘖𝘧𝘧𝘦𝘯𝘴𝘪𝘷𝘦 𝘋𝘦𝘷𝘦𝘭𝘰𝘱𝘮𝘦𝘯𝘵 𝘗𝘳𝘢𝘤𝘵𝘪𝘵𝘪𝘰𝘯𝘦𝘳 𝘊𝘦𝘳𝘵𝘪𝘧𝘪𝘤𝘢𝘵𝘪𝘰𝘯 (𝘖𝘋𝘗𝘊) 𝘪𝘴 𝘥𝘦𝘴𝘪𝘨𝘯𝘦𝘥 𝘵𝘰 𝘵𝘢𝘬𝘦 𝘺𝘰𝘶 𝘥𝘦𝘦𝘱 𝘪𝘯𝘵𝘰 𝘵𝘩𝘦 𝘳𝘦𝘢𝘭𝘪𝘵𝘪𝘦𝘴 𝘰𝘧 𝘮𝘰𝘥𝘦𝘳𝘯 𝘥𝘦𝘧𝘦𝘯𝘴𝘦 𝘦𝘷𝘢𝘴𝘪𝘰𝘯 𝘢𝘯𝘥 𝘰𝘧𝘧𝘦𝘯𝘴𝘪𝘷𝘦 𝘵𝘰𝘰𝘭𝘪𝘯𝘨, 𝘱𝘳𝘰𝘷𝘪𝘥𝘪𝘯𝘨 𝘵𝘩𝘦 𝘩𝘢𝘯𝘥𝘴-𝘰𝘯 𝘦𝘹𝘱𝘦𝘳𝘪𝘦𝘯𝘤𝘦 𝘯𝘦𝘦𝘥𝘦𝘥 𝘵𝘰 𝘰𝘱𝘦𝘳𝘢𝘵𝘦 𝘢𝘵 𝘢𝘯 𝘢𝘥𝘷𝘢𝘯𝘤𝘦𝘥 𝘭𝘦𝘷𝘦𝘭. 𝘛𝘩𝘳𝘰𝘶𝘨𝘩 𝘭𝘪𝘷𝘦, 𝘪𝘯𝘴𝘵𝘳𝘶𝘤𝘵𝘰𝘳-𝘴𝘶𝘱𝘱𝘰𝘳𝘵𝘦𝘥 𝘭𝘢𝘣𝘴, 𝘺𝘰𝘶’𝘭𝘭 𝘭𝘦𝘢𝘳𝘯 𝘩𝘰𝘸 𝘵𝘰 𝘰𝘷𝘦𝘳𝘤𝘰𝘮𝘦 𝘳𝘦𝘢𝘭-𝘸𝘰𝘳𝘭𝘥 𝘴𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘮𝘦𝘤𝘩𝘢𝘯𝘪𝘴𝘮𝘴 𝘣𝘺 𝘸𝘰𝘳𝘬𝘪𝘯𝘨 𝘥𝘪𝘳𝘦𝘤𝘵𝘭𝘺 𝘸𝘪𝘵𝘩 𝘛𝘦𝘳𝘳𝘢𝘧𝘰𝘳𝘮-𝘥𝘦𝘱𝘭𝘰𝘺𝘦𝘥 𝘦𝘯𝘷𝘪𝘳𝘰𝘯𝘮𝘦𝘯𝘵𝘴, 𝘱𝘦𝘳𝘧𝘰𝘳𝘮𝘪𝘯𝘨 𝘗𝘌 𝘧𝘪𝘭𝘦 𝘤𝘰𝘯𝘷𝘦𝘳𝘴𝘪𝘰𝘯𝘴, 𝘢𝘯𝘥 𝘦𝘹𝘦𝘤𝘶𝘵𝘪𝘯𝘨 𝘢𝘥𝘷𝘢𝘯𝘤𝘦𝘥 𝘱𝘳𝘰𝘤𝘦𝘴𝘴-𝘪𝘯𝘫𝘦𝘤𝘵𝘪𝘰𝘯 𝘴𝘵𝘳𝘢𝘵𝘦𝘨𝘪𝘦𝘴.

𝘛𝘩𝘦 𝘤𝘰𝘶𝘳𝘴𝘦 𝘵𝘩𝘦𝘯 𝘦𝘹𝘱𝘢𝘯𝘥𝘴 𝘪𝘯𝘵𝘰 𝘦𝘹𝘱𝘦𝘳𝘵-𝘭𝘦𝘷𝘦𝘭 𝘰𝘧𝘧𝘦𝘯𝘴𝘪𝘷𝘦 𝘥𝘦𝘷𝘦𝘭𝘰𝘱𝘮𝘦𝘯𝘵, 𝘪𝘯𝘤𝘭𝘶𝘥𝘪𝘯𝘨 𝘪𝘯-𝘥𝘦𝘱𝘵𝘩 𝘦𝘹𝘱𝘭𝘰𝘳𝘢𝘵𝘪𝘰𝘯 𝘰𝘧 𝘊𝘰𝘣𝘢𝘭𝘵 𝘚𝘵𝘳𝘪𝘬𝘦 𝘤𝘰𝘮𝘮𝘢𝘯𝘥-𝘢𝘯𝘥-𝘤𝘰𝘯𝘵𝘳𝘰𝘭 𝘧𝘳𝘢𝘮𝘦𝘸𝘰𝘳𝘬𝘴, 𝘴𝘢𝘯𝘥𝘣𝘰𝘹 𝘥𝘦𝘵𝘦𝘤𝘵𝘪𝘰𝘯 𝘦𝘷𝘢𝘴𝘪𝘰𝘯, 𝘢𝘯𝘥 𝘴𝘰𝘱𝘩𝘪𝘴𝘵𝘪𝘤𝘢𝘵𝘦𝘥 𝘌𝘋𝘙 𝘣𝘺𝘱𝘢𝘴𝘴 𝘵𝘦𝘤𝘩𝘯𝘪𝘲𝘶𝘦𝘴. 𝘠𝘰𝘶’𝘭𝘭 𝘢𝘭𝘴𝘰 𝘥𝘦𝘷𝘦𝘭𝘰𝘱 𝘵𝘩𝘦 𝘢𝘣𝘪𝘭𝘪𝘵𝘺 𝘵𝘰 𝘥𝘦𝘴𝘪𝘨𝘯 𝘢𝘯𝘥 𝘥𝘦𝘱𝘭𝘰𝘺 𝘤𝘶𝘴𝘵𝘰𝘮 𝘱𝘢𝘺𝘭𝘰𝘢𝘥𝘴, 𝘣𝘶𝘪𝘭𝘥𝘪𝘯𝘨 𝘳𝘦𝘧𝘭𝘦𝘤𝘵𝘪𝘷𝘦 𝘋𝘓𝘓 𝘭𝘰𝘢𝘥𝘦𝘳𝘴, 𝘦𝘯𝘨𝘪𝘯𝘦𝘦𝘳𝘪𝘯𝘨 𝘈𝘔𝘚𝘐 𝘢𝘯𝘥 𝘌𝘛𝘞 𝘣𝘺𝘱𝘢𝘴𝘴𝘦𝘴, 𝘢𝘯𝘥 𝘤𝘳𝘢𝘧𝘵𝘪𝘯𝘨 𝘵𝘢𝘪𝘭𝘰𝘳𝘦𝘥 𝘰𝘧𝘧𝘦𝘯𝘴𝘪𝘷𝘦 𝘵𝘰𝘰𝘭𝘪𝘯𝘨 𝘧𝘳𝘰𝘮 𝘵𝘩𝘦 𝘨𝘳𝘰𝘶𝘯𝘥 𝘶𝘱. 𝘉𝘺 𝘣𝘭𝘦𝘯𝘥𝘪𝘯𝘨 𝘥𝘦𝘦𝘱 𝘵𝘦𝘤𝘩𝘯𝘪𝘤𝘢𝘭 𝘪𝘯𝘴𝘵𝘳𝘶𝘤𝘵𝘪𝘰𝘯 𝘸𝘪𝘵𝘩 𝘱𝘳𝘢𝘤𝘵𝘪𝘤𝘢𝘭, 𝘪𝘯𝘵𝘦𝘳𝘢𝘤𝘵𝘪𝘷𝘦 𝘭𝘢𝘣𝘴, 𝘖𝘋𝘗𝘊 𝘨𝘪𝘷𝘦𝘴 𝘺𝘰𝘶 𝘵𝘩𝘦 𝘬𝘯𝘰𝘸𝘭𝘦𝘥𝘨𝘦, 𝘴𝘬𝘪𝘭𝘭𝘴, 𝘢𝘯𝘥 𝘤𝘰𝘯𝘧𝘪𝘥𝘦𝘯𝘤𝘦 𝘵𝘰 𝘶𝘯𝘥𝘦𝘳𝘴𝘵𝘢𝘯𝘥—𝘢𝘯𝘥 𝘰𝘶𝘵𝘮𝘢𝘯𝘦𝘶𝘷𝘦𝘳—𝘮𝘰𝘥𝘦𝘳𝘯 𝘥𝘦𝘧𝘦𝘯𝘴𝘪𝘷𝘦 𝘵𝘦𝘤𝘩𝘯𝘰𝘭𝘰𝘨𝘪𝘦𝘴."

About the trainer:
Munaf Shariff is an offensive development specialist with deep expertise in bypassing modern security mechanisms and building custom offensive tooling that operates effectively in real-world environments.

🔗 Training details: https://nsec.io/training/2026-offensive-development-practitioner-certification-odpc/

#NorthSec #cybersecurity #offensivesecurity #malware #evasion

🏋️ 𝗡𝗼𝗿𝘁𝗵𝗦𝗲𝗰 𝟮𝟬𝟮𝟲 𝗙𝗼𝗿𝗺𝗮𝘵𝗶𝗼𝗻𝘴/𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘴 (6/12): "Reverse, Bypass, Exploit: Mobile Hacking Workshop" 𝗽𝗮𝗿/𝗯𝘆 David Backer & Steven Smiley (Corellium)

📅 Date: May 11, 2026 (1 day)
📊 Difficulty: Medium
🖥️ Mode: On-Site

Description: Master mobile app security techniques covering iOS and Android platforms. Learn real-time network traffic analysis, reverse engineering, SSL pinning bypass, and security control bypasses including biometrics and jailbreak detection. Manipulate runtime behavior with Frida and tackle real-world mobile security challenges. Perfect for penetration testers and security professionals. Bonus: One week Corellium Viper trial and mobile CTF access.

About the trainers:
David Backer is a systems engineer focused on mobile application security testing. He works across various of layers of the Corellium tech stack to help customers adopt the platform's many features. Before Corellium, he fabricated cutting edge microprocessors in high-volume factories as well as designed, modeled, and fabricated novel silicon research devices. David also has experience with distributed systems, cryptography, data visualization, and business management.

Steven Smiley is a Senior Product Manager at MAST Solutions with over a decade of experience in mobile penetration testing and mobile application security. He holds a degree in Computer Security and Investigations from Fleming College and maintains two SANS certifications in mobile security and forensics (GMOB, GASF). Prior to joining the Corellium team, Steven worked as an independent consultant, leading mobile security assessments and penetration testing engagements for a wide range of organizations.

🔗 Training details: https://nsec.io/training/2026-reverse-bypass-exploit-mobile-hacking-workshop/

#NorthSec #cybersecurity #mobileappsecurity #penetrationtesting