OWASP Ottawa

Hello Ottawa and the World, Welcome to your OWASP Ottawa Chapter!

OWASP Ottawa Image

Who We Are

We are a place to meet local developers and information security professionals, share ideas, and learn.

You will find us informal, approachable, and thankful for your assistance. We encourage and welcome beginners. We are an open, tolerant, and inclusive organisation that accepts all races, genders, creeds, abilities, things, and ideas with the exception of one - Hate: Hate has no home at OWASP Ottawa.

OWASP Ottawa events are completely free. We will never charge for access to any of our events.

What We Do

We provide a mix of InfoSec talks, hands on training sessions, and special interest discussion groups. We hold monthly meetups at the STEM Building of the University of Ottawa. We hold occassional workshops on a variety of security topics.

We are always looking for new ideas for events so let us know if you have an idea.

You can submit an idea at any point in time at the following link: OWASP Ottawa Speaker Submission Form 2024.

For updates, events, membership; please visit our meetup page: OWASP Ottawa Meetup

Volunteers

OWASP Ottawa would not function without the generous support of time and effort from our volunteers. If you would like to get more involved we would love to have your help. OWASP Ottawa CTF Volunteers 2024

Contact us on any of our socials or Slack if you wish to volunteer.

Chapter Supporters

UofO Logo Cyber Range Logo Software Secured Logo Managed Risk Logo

Currently Scheduled Events

Connect with us on Social Media and on Slack

Watch our past Talks

Next Meeting/Event(s)

Wednesday April 15th, 2026

Details

Welcome to our in-Person Meetup at the University of Ottawa

In-Person Location: 150 Louis-Pasteur Private, Ottawa, University of Ottawa Room 580

We will continue to Live Stream on our YouTube channel. (https://www.youtube.com/@OWASP_Ottawa). Subscribe to our YouTube channel, set a reminder and you’ll get a notification as soon as we go live!

YouTube Live Stream Link: https://www.youtube.com/watch?v=TXpb7ooZZRg

6:00 PM EST Arrival, setup, mingle, PIZZA!!! 6:30 PM EST Technical Talks

  • Introduction to OWASP Ottawa, Public Announcements.
  • “Threat Modeling in Practice: From Diagram to Defense” with Rodrigo Rocha

Abstract:

Modern development teams often view Threat Modeling as heavy, theoretical, or compliance-driven — and as a result, it gets skipped. This session introduces a practical, lightweight approach to Threat Modeling that fits directly into agile workflows. Using a real-world healthcare portal example, we walk step-by-step from drawing a simple data flow diagram to identifying critical assets, mapping real attack scenarios (via MITRE CAPEC), linking root causes (CWE), and translating them into testable security requirements using OWASP ASVS. The session demonstrates how to turn abstract risks into concrete sprint tickets developers can actually implement. We also explore why Threat Modeling frequently fails in organizations and how Security Champions programs can scale security culture across engineering teams.

April 2026 poster

Speaker:

Rodrigo Rocha is a Security Enablement Leader and GRC Consultant with over 15 years of experience bridging the gap between security and application security. He specializes in building Security Champions Programs that empower developers to ship faster and more securely—without slowing down innovation. Rodrigo spent eight years as an Application Security Specialist before transitioning into governance and compliance, giving him a rare ability to communicate fluently with both developers and auditors. He has designed and scaled Security Champions Programs across 200+ engineering teams, trained over 6,000 developers at Brazil’s largest companies. His compliance expertise spans SOC 2 Type I/II, ISO 27001, NIST CSF, and CIS Controls—achieving audit success while maintaining engineering velocity, including clean SOC 2 audits with 45% less preparation time through automation. Rodrigo has also published thought leadership with the CNCF on cloud-native security approaches.

If you are coming into town by car to attend a meetup then you may have questions about parking. Below is a Ottawa University Campus parking map:

Parking Map

Alternatively, you can try your luck on street parking in Sandy Hill or in the Triangle on the other side of the canal (you can cross over using the Corkstown pedestrian bridge).

Even better, use the train as there is a station on campus.

Chapter Supporters

The following are the list of organizations that have generously supported the Ottawa Chapter:

UofO Logo Cyber Range Logo Software Secured Managed Risk Logo PacketLabs Logo Devious Plan Logo Xanthus Security Logo

How to Support OWASP Ottawa

Financially

Specifying OWASP Ottawa in your donation helps support OWASP and the Ottawa Chapter to provide quality security education.

  1. Browse to https://owasp.org/ottawa
  2. Click the green Donate button to the top right.
  3. Select an amount.
  4. Click “Publicly list me as a support of OWASP Ottawa”.
  5. Enter your details.
  6. Prove to a robot, that you are not a robot.
  7. Provide payment information.

Other ways to Support OWASP Ottawa

There are other ways you can support the chapter. These can include:

  • SWAG.
  • Food or Beverages at events.
  • Security content.

Contact us for more details.

Watch Star