About us
- Note: Our Meetup page is no longer being actively updated due to platform changes at OWASP and may be removed without notice. For the most up-to-date information on OWASP Ottawa events, resources, and announcements, please visit our GitHub chapter page: OWASP Ottawa GitHub - the official home for everything related to the OWASP Ottawa chapter.
We are a place to come and meet local developers and information security professionals, share ideas, and learn.
You will find us informal, approachable, and thankful for your assistance. We encourage and welcome beginners. We are an open, tolerant, and inclusive organisation that accepts all races, genders, creeds, abilities, things, and ideas with the exception of one - Hate: Hate has no home at OWASP Ottawa.
Software powers the world, but insecure software threatens safety, trust, and economic growth. The Open Web Application Security Project (OWASP) is dedicated to making application security visible by empowering individuals and organizations to make informed decisions about true application security risks.
OWASP Foundation is a 501(c)(3) not-for-profit worldwide charitable organization, OWASP does not endorse or recommend commercial products or services. Instead, we allow our community to remain vendor neutral with the collective wisdom of the best individual minds in security worldwide. This simple rule is the key to our success since 2001.
For more information visit: http://www.owasp.org or come to a meeting, they are FREE and open to EVERYONE!
https://owasp.org/www-chapter-ottawa/
Upcoming events
1
OWASP Ottawa May 20th, 2026: “Shai-Hulud - Anatomy of a Self-Replicating Worm”
150 Louis-Pasteur Private, Ottawa, ON, CA- Note: Our Meetup page may be removed soon due to platform changes at OWASP. For the most up-to-date information on OWASP Ottawa events, resources, and announcements, please visit our GitHub chapter page: OWASP Ottawa GitHub - the official home for everything related to the OWASP Ottawa chapter.
Welcome to our in-Person Meetup at the University of Ottawa
In-Person Location:
150 Louis-Pasteur Private, Ottawa,
University of Ottawa
Room 117We will continue to Live Stream on our YouTube channel. (https://www.youtube.com/@OWASP_Ottawa). Subscribe to our YouTube channel, set a reminder and you’ll get a notification as soon as we go live!
YouTube Live Stream Link: TBA!!!
6:00 PM EST Arrival, setup, mingle, PIZZA!!!
6:30 PM EST Technical Talks
- Introduction to OWASP Ottawa, Public Announcements.
- “Shai-Hulud: Anatomy of a Self-Replicating Worm (A Beginner’s Walkthrough of Modern Malware Analysis)” with Jainil Malaviya
Abstract:
In September 2025, a self-replicating worm called Shai-Hulud compromised over 500 npm packages, with no humans in the loop. By November, follow-on waves had pushed stolen secrets to more than 25,000 public GitHub repos. This talk walks through how a malware analyst would read it: static analysis, YARA detection, dynamic analysis, and a deep dive into Shai-Hulud's credential harvesting and self-replication mechanics. If you've never opened a malware sample but you've always wanted to, this hour is for you.Speaker:
Jainil Malaviya is a Security Engineer at Nokia Canada Inc and an April 2026 graduate of Northeastern University. Based in Ottawa, he is OSCP+ certified, serves as the OffSec Canada Chapter Ambassador, and is a member of the Cloud Village team that runs at DEF CON, RSAC, and major BSides events.9 attendees
Past events
143
