OWASP Ottawa

Hello Ottawa and the World, Welcome to your OWASP Ottawa Chapter!

OWASP Ottawa Image

Who We Are

We are a place to meet local developers and information security professionals, share ideas, and learn.

You will find us informal, approachable, and thankful for your assistance. We encourage and welcome beginners. We are an open, tolerant, and inclusive organisation that accepts all races, genders, creeds, abilities, things, and ideas with the exception of one - Hate: Hate has no home at OWASP Ottawa.

OWASP Ottawa events are completely free. We will never charge for access to any of our events.

What We Do

We provide a mix of InfoSec talks, hands on training sessions, and special interest discussion groups. We hold monthly meetups at the STEM Building of the University of Ottawa. We hold occassional workshops on a variety of security topics.

We are always looking for new ideas for events so let us know if you have an idea.

You can submit an idea at any point in time at the following link: OWASP Ottawa Speaker Submission Form 2024.

For updates, events, membership; please visit our meetup page: OWASP Ottawa Meetup

Volunteers

OWASP Ottawa would not function without the generous support of time and effort from our volunteers. If you would like to get more involved we would love to have your help. OWASP Ottawa CTF Volunteers 2024

Contact us on any of our socials or Slack if you wish to volunteer.

Chapter Supporters

UofO Logo Cyber Range Logo Rewind Logo

Currently Scheduled Events

Connect with us on Social Media and on Slack

Watch our past Talks


Next Meeting/Event(s)


OWASP Ottawa Chapter upcoming events can be found on Meetup:

https://www.meetup.com/OWASP-Ottawa/


Wednesday November 20th, 2024

Details

Welcome to our in-Person Meetup at the University of Ottawa

In-Person Location: 150 Louis-Pasteur Private, Ottawa, University of Ottawa Room 117

We will continue to Live Stream on our YouTube channel. (https://www.youtube.com/@OWASP_Ottawa). Subscribe to our YouTube channel, set a reminder and you’ll get a notification as soon as we go live!

YouTube Live Stream Link: TBA

6:00 PM EST Arrival, setup, mingle, PIZZA!!! 6:30 PM EST Technical Talks

  • Introduction to OWASP Ottawa, Public Announcements.
  • A Brief Overview of the OWASP Top 10 with Gabriel Kronfeld.
  • DevSecOps Worst Practices with Tanya Janca.

Abstract:

A Brief Overview of the OWASP Top 10 with Gabriel Kronfeld The OWASP Top 10 reveals the most critical security vulnerabilities facing modern web applications. This talk will walk attendees through each item on the 2021 list, from broken access control to server-side request forgery. Each vulnerability is explored in detail—understanding how it works, why it’s dangerous, and what’s needed to prevent it. With real examples to bring these threats to life, this session is an accessible introduction for beginners and a useful refresher for seasoned practitioners. Join us to get a solid foundation in web security essentials.

DevSecOps Worst Practices with Tanya Janca Quite often when we read best practices we are told ‘what’ to do, but not the ‘why’. When we are told to ensure there are no false positives in the pipeline, the reason seems obvious, but not every part of DevOps is that intuitive, and not all ‘best practices’ make sense on first blush. Let’s explore tried, tested, and failed methods, and then flip them on their head, so we know not only what to do to avoid them, but also why it is important to do so, with these DevSecOps WORST practices.

Speakers:

Gabriel Kronfeld is a graduate from the University of Ottawa with a degree in Computer Engineering. With experience spanning backend programming, DevOps, system administration, and database management, Gabriel has collaborated with various Ottawa-based companies on technical projects. Although new to cybersecurity, he brings a strong technical foundation and is keen to expand his knowledge in this field. Outside of work, Gabriel enjoys cycling, photography, and building drones as hands-on hobbies.

Tanya Janca, aka SheHacksPurple, is the best-selling author of ‘Alice and Bob Learn Secure Coding’, ‘Alice and Bob Learn Application Security’ and ‘Cards Against AppSec’. Over her 28-year IT career she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals, via her online academies (We Hack Purple and Semgrep Academy), and her live training programs. Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software. Tanya currently leads education and community for Semgrep.