OWASP

Sunday Tea Club was founded in Daejeon in 2023. Created as a quiet alternative to Korea’s typical drinking and nightlife culture, the club offers a calm, meaningful way to spend your Sunday afternoons. If you’ve ever wished for a slower, more mindful space to enjoy afternoon tea and gentle conversation — you’re more than welcome to join us! Participant fee 15,000won+order 1drink(The participation fee is only paid once — at your first visit. All fees are collected and reinvested into the club to purchase new teaware, high-quality teas, or ingredients for future gatherings.)

**What is a langauge exchange?** A language exchange is a relaxed social meetup where you practice languages through **real conversations with real people**. No textbooks. No grammar drills. Just talking, listening, laughing, and occasionally stumbling through sentences together. **What to Expect at Our Events** * Weekly in-person language exchange meetups * Casual, café-style atmosphere There’s always someone new to meet and talk to. **Who Comes to These Meetups?** * Both locals and internationals **How It Works** * Choose an event time * Book a spot * Show up and join the conversation That’s it. You can come alone or with friends. Running late? No problem. Join when you can, leave when you want. **Why People Like This Group** **1\. Smart Group Matching** Participants are grouped to create balanced conversations based on language level and background with optimised algorithm. **2\. Meet New People Each Round** Groups rotate every session, so you don’t get stuck talking to the same people all night. **3\. Beginner\-Friendly** Beginners are always welcome. You’ll never be forced into conversations beyond your comfort level. **FAQs** **1\. My target language isn’t very good\. Can I still join?** Yes. Beginners are welcome and grouped with others at a similar level. **2\. Can I arrive late or leave early?** Yes. The meetup is casual and flexible. **3\. Do I need to come every week?** No. Join whenever it fits your schedule. **How to Join** * Book your spot: [https://nurio.kr/events/3](https://nurio.kr/events/3) * Questions or help: [http://pf.kakao.com/_xmzbQn/chat](http://pf.kakao.com/_xmzbQn/chat) \-\-\- **언어 교환이란 무엇인가요?** 언어 교환은 교재나 수업 없이 실제 사람들과의 자연스러운 대화를 통해 언어를 연습하는 편안한 소셜 모임입니다. 교과서는 없고 문법 문제도 없습니다. 그저 말하고 듣고 웃고, 가끔은 문장을 더듬으며 함께 대화합니다. **모임에서는 무엇을 하나요** 주 1회 오프라인 언어 교환 모임을 진행하며 카페처럼 편안한 분위기에서 만납니다. 항상 새로운 사람들을 만나고 대화할 수 있습니다. **누가 참여하나요?** 한국인과 외국인이 함께 참여합니다. **참여 방법** 원하는 일정을 선택하고 참가 신청 후 오셔서 대화에 참여하면 끝입니다. 혼자 와도 괜찮고 친구와 함께 와도 됩니다. 늦게 와도 문제없고 원할 때 자유롭게 나가셔도 됩니다. **이 모임의 특징** **1\. 스마트 그룹 매칭** 언어 수준과 배경을 기준으로 최적화된 알고리즘을 통해 대화가 잘 되는 그룹으로 구성합니다. **2\. 매 라운드마다 새로운 사람** 세션마다 그룹이 바뀌기 때문에 같은 사람과만 계속 이야기하지 않아도 됩니다. **3\. 초보자 환영** 초보자도 언제나 환영하며 부담되는 대화에 억지로 참여할 일은 없습니다. **자주 묻는 질문** **1\. 목표 언어를 잘 못하는데 괜찮을까요?** 물론입니다. 초보자도 수준에 맞는 그룹으로 배정됩니다. **2\. 늦게 가거나 일찍 나가도 되나요?** 네. 모임은 캐주얼하고 유연하게 운영됩니다. **3\. 매주 꼭 참여해야 하나요?** 아니요. 일정에 맞을 때 자유롭게 참여하시면 됩니다. **참여 방법** 예약하기: [https://nurio.kr/events/3](https://nurio.kr/events/3) 문의하기: [http://pf.kakao.com/_xmzbQn/chat](http://pf.kakao.com/_xmzbQn/chat)

OWASP is ending use of Meetup, so I built an eventbrite for the event. https://www.eventbrite.com/e/ai-development-risk-case-studies-and-how-agentic-ai-is-the-future-of-appsec-tickets-1981450622150?aff=oddtdtcreator AI is transforming how software is designed, developed, and deployed, dramatically accelerating velocity while introducing new categories of risk. As organizations adopt AI-assisted coding, autonomous agents, and increasingly complex model interactions, traditional application security approaches struggle to keep pace. This talk examines emerging AI-driven risks through real case studies from the field, highlighting issues such as insecure code generation, data-leakage pathways, model manipulation, and evolving supply-chain threats. We will explore how engineering teams must adapt their people, processes, and governance models to secure AI-augmented development workflows effectively. The session will then introduce agentic AI as the next evolution in application security—autonomous systems capable of continuous analysis, multi-step reasoning, and real-time remediation. Attendees will learn how combining agentic AI with modern practices can reduce developer friction, improve coverage, and create a future-ready application security strategy designed for the demands of AI-native software development

### Tools in your AI's Toolbox : An introduction to MCP Servers The generative AI revolution has unlocked unprecedented capabilities, but the next frontier is agency: empowering models to interact with, query, and act upon the world. The current challenge is the “N x M integration problem,” where every AI model requires a custom, brittle integration for each external tool or data source. This approach simply doesn’t scale. How can we give an AI access to our sales leads, code repositories, or IoT devices in a standardized, secure, and reusable way? This session introduces Anthropic’s Model Context Protocol (MCP), the open-source framework designed to solve this challenge and become the universal connector—the USB-C port—for AI. MCP standardizes how AI models discover and use external tools, moving beyond simple function-calling to a robust, client-server architecture. We will dive into how this open protocol is creating a new ecosystem for building powerful, context-aware AI agents. Join this session for a developer-focused introduction where you will learn how to: Understand the core concepts of the open-source Model Context Protocol and its architecture. Utilize pre-built, open-source MCP servers to instantly connect AI to tools like Git, Slack, and databases. Build a custom MCP server to securely expose your own proprietary data and APIs as tools for any compliant AI. Move beyond bespoke integrations and contribute to a standardized, collaborative, and open ecosystem. Stop building one-off connectors and start building intelligent agents. This session will give you the practical knowledge to leverage MCP and create the next generation of AI that doesn’t just talk, but does. Want to be a speaker? submit your talk to our Call for Presenters!!! [https://sessionize.com/azure-cbus-2026/](https://sessionize.com/azure-cbus-2026/)

**Important note about the retirement of the OWASP Meetup platform** Fellow OWASP Toronto members, We are making an important announcement regarding an upcoming transition. The OWASP Foundation has announced that they will be retiring their Meetup Pro subscription effective January 31, 2026: https://owasp.org/blog/2026/01/13/retiring-meetup.html This means that our OWASP Toronto Meetup group may be removed in the coming days. We understand this may be short notice, so we want to make this announcement before we lose access. You are an important part of our chapter community. Many attendees I have spoken to have discovered OWASP Toronto via Meetup. To continue engaging with the community while using a platform that enables discoverability, we will moving to the [Evenbrite](https://owasp-toronto-chapter.eventbrite.com/) for publishing our events. You can continue to follow us via our [Google Group mailing list](https://groups.google.com/a/owasp.org/g/toronto-chapter), our [Chapter page](https://owasp.org/www-chapter-toronto/), our [LinkedIn group](https://www.linkedin.com/showcase/owasp-toronto-chapter/), our [YouTube channel](https://www.youtube.com/channel/UCqmBl-u_4cOEiH3OXWE3sPg), our Slack channel ([#owasp-toronto-chapter](https://owasp.slack.com/archives/C075DRCB1PZ), does not require an OWASP membership), as well as on our new [Discord channel](https://discord.gg/eg3upJ6N). Please see below for details of our February 12 event. Visit our [Eventbrite](https://www.eventbrite.ca/e/owasp-toronto-february-2026-tickets-1982057078076) page for more information! \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* **Dual Talk Event: Raising Cyber Awareness Through Electronic Word of Mouth \| When AI Becomes Application Logic: Securing Shadow AI** Presentation #1: Raising Cybersecurity Awareness Through Electronic Word of Mouth: A Data-Driven Assessment Awareness of the many cybersecurity threats, vulnerabilities, and solutions to mitigate these threats/vulnerabilities is instrumental in improving basic cybersecurity behaviours. A healthy body of knowledge has been devoted to exploring how to better increase awareness, in any given topic, among members of the general public which have explored the role of word of mouth (WOM) and electronic word of mouth (eWOM) in spreading awareness. In recent years, the rise of social media platforms as an alternative communication channel has created efforts to promote cybersecurity awareness online regarding the numerous cybersecurity threats. However, little research attention has been devoted to exploring eWOM communication on social media surrounding cybersecurity awareness. Moreover, no research to date has considered the impact of the COVID-19 pandemic on these eWOM discussions related to cybersecurity awareness. To address these literature gaps, this research collected 227, 270 relevant tweets surrounding cybersecurity awareness from 2018 to 2022 conducting an exploratory analysis of the corpus using social network analyses, topic modelling and semantic similarity analysis. The results found topics rose in prominence and then dissipated as newer topics emerged while information was found to spread incredibly far despite a high degree of community forming, suggesting the online discourse is very open and evolving over time. These findings illustrate the potential of social media as an effective tool for raising cybersecurity awareness. The impact of COVID-19 observed an increase in the reach of information in addition to new specific topics emerging in the discourse, but the effects appear to be temporary. Speaker: Dane Vanderkooi Dane Vanderkooi is a fifth-year Doctoral Candidate in management science at TorontoMet University who specializes in researching cybersecurity and digital privacy behaviours. He completed his bachelor's of commerce at Uottawa and holds a master's in management science degree from Ryerson University. Dane has published his research in academic journals, conferences and industry reports. Dane has also presented his research at various conferences including HC2P, SERENE-RISC, HCII, CyberToronto, ASAC and SocialMedia+Society, AMCIS, and ICIS. Dane is certified in cybersecurity (CC) from ISC2 and has practical experience working in the field of cybersecurity with private industry, non-for-profits, and the public sector including the Canadian Armed Forces, Public Health and Safety Canada, Justice Canada, Innovation Science and Economic Development (ISED), Bell, BMO, Desjardins, Ritchie Bros and Achev. \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\* Presentation #2: When AI Becomes Application Logic: Securing Shadow AI AI is entering production faster than security teams can see it. From “simple” chatbot integrations to LLMs wired directly into business logic — and agents running entire application flows — organizations are accumulating Shadow AI: untracked, ungoverned, and often dangerously over-privileged. This talk shows how AI quietly changes application behavior at runtime: expanding trust boundaries, introducing non-deterministic authorization paths, and creating blast radiuses that static inventories and policy checklists cannot capture. Using real-world architectural patterns and runtime signals, we’ll demonstrate how security teams can identify where AI is actually used, what it can access, and how attackers abuse AI-driven logic to exploit new classes of vulnerabilities. Attendees will leave with a practical framework for securing AI-powered applications — grounded in runtime behavior and evidence, not assumptions. Speaker: Daniel Shechter Daniel Shechter is the CEO and Co-Founder of Miggo, an Application Detection and Response platform. Shechter has an impressive background in both threat intelligence and within the security industry. Before founding Miggo he was leading cyber security teams in Israel's elite cyber intelligence division, Unit 8200. He later joined McKinsey, a strategy and management consulting company, where he provided guidance on acquisition, developing new business strategies and more. Shechter is an industry expert in security, incident detection and response, threat intelligence, and attack observability.

I love my job and one of the main things I do is help customers get going with any of the data technologies at Microsoft. Right now there are a lot of my customers asking about Microsoft Fabric. It's hard to weave across all the shiny new options across the Fabric landscape, let alone figure out where it fits into your organization. In this session we'll focus on answering one question - how can I get data into Fabric? We'll talk through the "it depends" options and see some of the options in live demos.

Bring your Raspberry Pi, Arduino, microcontroller, or any other electronic project and join fellow electronics makers for a night of creativity and collaboration! This session is open forum to share your current projects—whether complete or in progress, it’s all interesting! Whether you’re deep into embedded systems, exploring new ideas, or just getting started, you’ll find a welcoming space to collaborate, share, and get inspired. This session will be at the Worthington Park Library in the Olentangy Meeting Room.

Columbus Code & Coffee is an inclusive, informal co-working session. People of all skill levels attend, and we love it that way. Many people (optionally) bring projects to work on, and many other people (optionally) socialize the entire time. It's entirely up to you! **What to Expect at the Intro Circle** \~\~\~\~\~\~\~\~\~\~\~\~\~ Near the beginning of the event (1:30 pm), we do a standup: * Organizer announcements, updates, and logistics Round 1 - (7 secs max): * Your name * What you're working on * What you can help others with Round 2: * Community events you wanna plug. If none, that's cool too. Round 3: * Job opportunities you're hiring for OR announce that you are looking for one. If none, that's cool. After the introduction circle, everything is self-organized! Feel free to work alone, pair up, attend one of our workshops/presentations, or mingle!

**Chaos Monkeys, Open Telemetry, and .NET Aspire: Taming Complexity in Modern Apps** .NET Aspire is far more than just a sleek dashboard for wowing your boss and co-workers. It's also a gateway to increased observability with open telemetry, better fault tolerance to fend off chaos monkeys, and a drastically improved onboarding experience for new developers. This session will explore Microsoft's latest guidance for building distributed, cloud-first applications, with practical strategies for enhancing simpler existing apps. You'll discover the inner workings of Aspire, from installation to customization, and learn how it streamlines integration with performance boosters like Redis. Most importantly, you'll see why scalable microservices architectures can be challenging—and how Aspire helps simplify the journey. **Presenter:** Lee Richardson, Microsoft MVP **Pizza starts at 6. Presentation starts around 6:30.**