🚨 OWASP Ottawa March 2026 Meetup - Featuring Garth Boyd! 🚨

OWASP Ottawa is excited to announce our March 2026 meetup featuring Garth Boyd present their talk “We know what you hide in JS: If it runs in the browser, it's public". The details are as follows:

📍 Location: 150 Louis-Pasteur Private, University of Ottawa, Room 117
📅 Date: March 18, 2026
⏰ Time: 6:00 PM EST - Arrival, networking, & pizza! 🍕
6:30 PM EST - Technical Talk

This session will focus on Garth going over some common and accidental assumptions made by software developers when writing JavaScript for modern applications, and how these mistakes can provide attackers with a variety of insights that can be leveraged to exploit vulnerabilities in a web application.

We will cover techniques and tools for performing comprehensive client-side JavaScript reconnaissance to uncover hidden endpoints, sensitive information, and potential security vulnerabilities.

Whether you’re a student, early-career professional, or seasoned practitioner looking to learn more about client-side security, come aboard and learn from experts!

We look forward to seeing you there in-person! If you cannot attend the event, you can watch the livestream on our YouTube channel.

🔗 : https://www.youtube.com/@OWASP_Ottawa

#OWASP #Ottawa #AppSec #Javascript #cybersecurity #networking

🎤 Call for Speakers: OWASP Ottawa Monthly Meetups 🎤

OWASP Ottawa is actively looking for speakers to present at our monthly meetups, and we warmly encourage first-time and beginner speakers to apply. Our chapter typically meets on the third Wednesday of each month.

If you’re passionate about cybersecurity and enjoy sharing knowledge, we’d love to hear from you.

📌 What speakers should know:
• OWASP Ottawa is a vendor-neutral, open-source community focused on improving software security.
• We are also open to speakers who wish to present cybersecurity-focused talks that are not related to software security.
• However, all talks must be strictly non-commercial.
• Presentations should focus on education, research, open-source tools, or community benefit.
• Talks must not be used to promote products, services, or sales activities.
Company or tool references are allowed only when needed for technical context, not endorsement.

🕰️ Talk formats:
15, 30, or 50 minutes - your choice.

If you’ve been thinking about speaking but weren’t sure where to start, OWASP Ottawa is a supportive and inclusive place to share your ideas.

Apply using the Google Form linked in this post. We’re excited to hear your ideas and help amplify voices across the cybersecurity community!

Google Form: https://docs.google.com/forms/d/e/1FAIpQLSe4W7iFl8bNQKZmBFQINGbMufktebe-hJ-4z-QjelzRGrWdwQ/viewform?pli=1

#OWASP #Ottawa #Cybersecurity #CallForSpeakers #InfoSec #AppSec #Community #PublicSpeaking

OWASP Ottawa February 2026 Meetup - Featuring Fennix! 🚨

#OWASP #Ottawa is excited to announce our February 2026 meetup featuring Fennix (a.k.a Chris Shepherd) present their talk “E-Waste? In This Economy?: Building a testing lab at home on the cheap”.

Location: 150 Louis-Pasteur Private, University of Ottawa, Room 117

⏰ Time:
Wednesday February 18th
6:00 PM EST - Arrival & networking
6:30 PM EST - Technical Talk

https://github.com/OWASP-Ottawa/chapter-guide/blob/main/Nextevent/tab_nextevent.md

#homelab #appsec

🎤 Call for Speakers: OWASP Ottawa Monthly Meetups 🎤

OWASP Ottawa is actively looking for speakers to present at our monthly meetups, and we warmly encourage first-time and beginner speakers to apply. Our chapter typically meets on the third Wednesday of each month.

If you’re passionate about cybersecurity and enjoy sharing knowledge, we’d love to hear from you.

📌 What speakers should know:
• OWASP Ottawa is a vendor-neutral, open-source community focused on improving software security.
• We are also open to speakers who wish to present cybersecurity-focussed talks that are not related to software security.
• However, all talks must be strictly non-commercial.
• Presentations should focus on education, research, open-source tools, or community benefit.
• Talks must not be used to promote products, services, or sales activities.
Company or tool references are allowed only when needed for technical context, not endorsement.

🕰️ Talk formats:
15, 30, or 50 minutes - your choice.

If you’ve been thinking about speaking but weren’t sure where to start, OWASP Ottawa is a supportive and inclusive place to share your ideas.

Apply using the Google Form linked in this post. We’re excited to hear your ideas and help amplify voices across the cybersecurity community!

Google Form: https://docs.google.com/forms/d/e/1FAIpQLSe4W7iFl8bNQKZmBFQINGbMufktebe-hJ-4z-QjelzRGrWdwQ/viewform

#OWASP #Ottawa #Cybersecurity #CallForSpeakers #InfoSec #AppSec #Community #PublicSpeaking

Thank you to Vincent Dragnea for an excellent presentation at our first #OWASP #Ottawa meetup of 2026.

Also thank you to uOttawa | Faculty of Engineering | Faculté de génie for the amazing venue and Software Secured for the pizza.

#appsec #infosec

#OWASP #Ottawa would like to acknowledge the gracious support from Software Secured for our January Meetup. Their support for the Ottawa Security community through our chapter brings helps us all to skill up.

www.softwaresecured.com

#AppSec #infosec #aisec

Reminder this Wednesday.

🚨 OWASP Ottawa January Meetup – Featuring Vincent Dragnea! 🚨

#OWASP #Ottawa is excited to announce that we are hosting our first monthly meetup of the year! We’re thrilled to welcome Vincent Dragnea to our in-person meetup at the University of Ottawa on January 21, 2026.

RSVP at:

meetup.com/owasp-ottawa/events/312793912

📅 Date: January 21, 2026
⏰ Time: 6:00 PM EST – Arrival, networking & pizza 🍕
6:30 PM EST – Technical Talks
📍 Location: 150 Louis-Pasteur Private, University of Ottawa, Room 117
🎙️ Talk: "SameSite...or not? Bypassing SameSite cookie protections in browsers"

SameSite cookies are often relied upon too heavily to prevent cross-site request forgery, yet, due to browser implementations, these cookies can be included in unexpected requests. This talk demonstrates novel techniques to attach SameSite=Strict cookies to GET requests originating from another site, including a Google Chrome vulnerability (CVE-2025-8581) discovered while researching these methods. This material aims to help researchers identify insecure behaviors, as well as teach developers how to avoid them.

📺 Can’t make it in person? Watch live on the YouTube channel at youtube.com/@OWASP_Ottawa

OWASP is leaving Meetup.

Starting in February #OWASP #Ottawa will no longer be planning our events using Meetup.

To learn of our events you can:

- Keep following us here and turn on notifications.
- Follow us on BlueSky at https://bsky.app/profile/owaspottawa.bsky.social
- and our owasp.org/ottawa page.

🚨 OWASP Ottawa January Meetup – Featuring Vincent Dragnea! 🚨

#OWASP #Ottawa is excited to announce that we are hosting our first monthly meetup of the year! We’re thrilled to welcome Vincent Dragnea to our in-person meetup at the University of Ottawa on January 21, 2026.

RSVP at:

https://www.meetup.com/owasp-ottawa/events/312793912/

📅 Date: January 21, 2026
⏰ Time: 6:00 PM EST – Arrival, networking & pizza 🍕
6:30 PM EST – Technical Talks
📍 Location: 150 Louis-Pasteur Private, University of Ottawa, Room 117
🎙️ Talk: "SameSite...or not? Bypassing SameSite cookie protections in browsers"

SameSite cookies are often relied upon too heavily to prevent cross-site request forgery, yet, due to browser implementations, these cookies can be included in unexpected requests. This talk demonstrates novel techniques to attach SameSite=Strict cookies to GET requests originating from another site, including a Google Chrome vulnerability (CVE-2025-8581) discovered while researching these methods. This material aims to help researchers identify insecure behaviors, as well as teach developers how to avoid them.

📺 Can’t make it in person? Watch live on the YouTube channel at https://www.youtube.com/@OWASP_Ottawa