OWASP Ottawa

Next Meeting/Event(s)

OWASP Ottawa Chapter upcoming events can be found on Meetup:

https://www.meetup.com/OWASP-Ottawa/

Wednesday November 12th, 2025

Details

Welcome to our in-Person Meetup at the University of Ottawa

In-Person Location: 150 Louis-Pasteur Private, Ottawa, University of Ottawa Room 564

We will continue to Live Stream on our YouTube channel. (https://www.youtube.com/@OWASP_Ottawa). Subscribe to our YouTube channel, set a reminder and you’ll get a notification as soon as we go live!

YouTube Live Stream Link: TBA

6:00 PM EST Arrival, setup, mingle, PIZZA!!! 6:30 PM EST Technical Talks

• Introduction to OWASP Ottawa, Public Announcements.
• “Your Trusted Hardware Isn’t: Why Silicon Belongs In The Threat Model” with René Walendy

Abstract:

Modern security stacks assume that hardware is honest: CPUs execute the correct instructions. random number generators are truly random, and “secure enclaves” are actually secure. But none of these assumptions are guaranteed – especially when today’s chips are designed by dozens of third-party IP vendors and fabricated across a global supply chain.

This talk explores hardware Trojans: malicious modifications buried in silicon that can leak secrets, weaken cryptography, or silently bypass your best defenses. We’ll follow a concrete example - sabotaging a CPU’s true random number generator – and see how a few altered transistors can undermine TLS, disk encryption, and authentication without leaving software-visible evidence. Taking a look at recent red-team vs. blue-team research on real chips, we’ll then show what it takes for hardware defenders to detect and counteract such threats in practice. We’ll end with what software and security teams can do right now to treat silicon as part of the threat model, not a trusted black box. If your threat model ends at the instruction set, this talk will extend it to the transistors underneath – without requiring you to be a chip designer.

Speaker:

René Walendy hacks hardware for science. As a PhD researcher at the Max Planck Institute for Security and lvacy and Ruhr University Bochum, he explores how humans reverse engineer chips, how to make that smarter, and where current tooling and training fall short. His work combines hands-on attack scenarios with controlled studies, building and using open research platforms to bring scientific rigor into tradlitionally opaque reverse engineering workflows Beyond the lab, René regularly speaks at academic and hacker conferences, including Chaos Communication Congress, HARRIS, and ACM CHI, and teaches hands-on training sessions at venues like Hardwear.io. He works to bring hardware security closer to the broader security community, bridging the gap between traditional security disciplines and low-level silicon hacking.

If you are coming into town by car to attend a meetup then you may have questions about parking. Below is a Ottawa University Campus parking map:

Parking Map

Alternatively, you can try your luck on street parking in Sandy Hill or in the Triangle on the other side of the canal (you can cross over using the Corkstown pedestrian bridge).

Even better, use the train as there is a station on campus.

Chapter Supporters

The following are the list of organizations that have generously supported the Ottawa Chapter:

How to Support OWASP Ottawa

Financially

Specifying OWASP Ottawa in your donation helps support OWASP and the Ottawa Chapter to provide quality security education.

1. Browse to https://owasp.org/ottawa
2. Click the green Donate button to the top right.
3. Select an amount.
4. Click “Publicly list me as a support of OWASP Ottawa”.
5. Enter your details.
6. Prove to a robot, that you are not a robot.
7. Provide payment information.

Other ways to Support OWASP Ottawa

There are other ways you can support the chapter. These can include:

• SWAG.
• Food or Beverages at events.
• Security content.

Contact us for more details.