addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwchatcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-crosscrosseditemptyheartfacebookfolderfullheartglobegmailgoogleimagesinstagramlinklocation-pinmagnifying-glassmailminusmoremuplabelShape 3 + Rectangle 1outlookpersonplusprice-ribbonImported LayersImported LayersImported Layersshieldstartrashtriangle-downtriangle-uptwitteruseryahoo

OWASP Monthly Meeting - November 6, 2013: NOTE New Date for this meeting

Los Angeles OWASP Chapter Board WINS Best Chapter Leader!

Join OWASP today and become a member

Nov 6 Topic: "Whiz, Bang, ZAP! An introduction to OWASP's Zed Attack Proxy"

The OWASP Zed Attack Proxy (ZAP) is "an easy to use integrated penetration testing tool for finding vulnerabilities in web applications." The technology is comparable to IBM AppScan and HP WebInspect - but free, open source and maintained by OWASP volunteers. The project has seen a tremendous amount of development lately. Learn about the tool, what it can do for you, and optionally bring your laptop to follow along as we use it to test some (purposefully insecure) web applications. 

Speaker: Ben Walther

Ben Walther is a security engineer, with a background consulting and teaching for Symantec, Cigital, and within higher education. He is the co-author of the Web Security Testing Cookbook and an active contributor to OWASP projects.

Thanks to our sponsor

Check Point Software Technologies Ltd.

Check Point Software Technologies Ltd. (, the worldwide leader in securing the Internet, provides customers with uncompromised protection against all types of threats, reduces security complexity and lowers total cost of ownership. Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. Today, Check Point continues to develop new innovations based on the Software Blade Architecture, providing customers with flexible and simple solutions that can be fully customized to meet the exact security needs of any organization. Check Point is the only vendor to go beyond technology and define security as a business process. 

Check Point 3D Security uniquely combines policy, people and enforcement for greater protection of information assets and helps organizations implement a blueprint for security that aligns with business needs. Customers include tens of thousands of organizations of all sizes, including all Fortune and Global 100 companies. Check Point's award-winning ZoneAlarm solutions protect millions of consumers from hackers, spyware and identity theft.

Join or login to comment.

  • Kris R.

    Great meet-up / presentation. My biz partner loves burp suite so is checking out ZAP as I type this!

    Side note I have several App security positions open in Greater LA including a couple we are working on as sole suppliers so please connect or send a message if you would like to look at options. One will go to a base of $180K which I though may be a little tempting.

    1 · November 7, 2013

  • Todd N.

    Great Job Ben!

    1 · November 7, 2013

  • Doug M.

    Very interesting open source project.

    November 7, 2013

  • Howard L.

    Sorry, too many meetings in the office today (just finishing)

    November 6, 2013

  • Matti S

    fyi - So Cal Code Camp, a free community run event is this weekend ( Nov 9, 10 ) at USC. Note the scheduled sessions: Web API Security with OWASP Top 10, and Web Application Security with With Web Goat.NET and OWASP Top 10 on Sunday. More info:

    1 · November 6, 2013

    • Matti S

      Also, SCALE has announced their call for papers. This year SCALE 12x will be on Feb 21, 22,[masked] again at the LAX Hilton. Please talk to me at tonight's meeting if you have any questions. https://www.socallinux...­

      1 · November 6, 2013

  • volkan u.

    Is there parking around the building?

    November 6, 2013

    • A former member
      A former member

      Yes. Symantec has a parking garage, for which they provide validation. Sometimes when OWASP lets out, they open the gate and let everyone out at once.

      1 · November 6, 2013

  • Carol

    Do you need to be a member of OWASP (i.e. paid your dues) in order to attend the meetup?

    1 · November 4, 2013

    • Stu

      No you don't need to be a member of OWASP to attend the meeting. Everyone is welcome :)

      1 · November 5, 2013

  • Nathan

    Congratulations to the Leadership Team!

    November 1, 2013

  • A former member
    A former member

    Does anyone record CPEs after attending - and if so, how many?

    October 31, 2013

    • Doug M.

      We attend because we love our leaders; don't we donate CPEs for the privilege of attending?

      October 31, 2013

  • Sunil

    Congratulations Team : OWASP-LA ! Well deserved !

    1 · October 30, 2013

  • Jill

    Congrats LA Chapter Leaders! Way to go.

    2 · October 29, 2013

  • Doug M.

    LA wins chapter award for best chapter leader ....Wow. I knew we had something special. Probably the reason I have enjoyed my affiliation with OWASP-LA so much. Well done.

    6 · October 29, 2013

Our Sponsors

  • OWASP - LA


  • incapsula


  • Verizon

    Verizon DEFEND - Comprehensive cloud-based WAF and DDoS protection

  • Bugcrowd

    An innovator in crowdsourced security testing for the enterprise.

  • Absolute Software

    Industry standard in endpoint and management solutions

  • Prevoty

  • Whitehat Security

    End-to-end solutions for Web security.

  • GreenSQL

    Database Security and Compliance for EVERY organisation.


    Authentic8 puts you back in control.

  • Guidance Software

    Recognized worldwide as the industry leader in endpoint investigation

  • Check Point

    The worldwide leader in securing the Internet

  • WinMagic

    Makes it easy to secure data!

  • ioActive

    IOActive security consultancy with global presence and deep expertise

  • Contrast Security

    Secure Apps at their Source.

  • Akana


  • Qualys

    QualysGuard Web Application Scanning (WAS)

  • Click below:

  • Cigital, Inc

    The world’s largest consulting firm specializing in software security

  • Trend Micro

    A global leader in security software

  • Checkmarx

    Ensures your application remains hacker-proof.

  • SecureAuth

    SecureAuth is a technology leader in enterprise identity governance.

  • Symantec Corporation

    Provide security, storage and systems management solutions

  • BeyondTrust

    The global leader in privileged identity and threat management solutions

  • Security Innovation

    The Application Security Company

  • Palo Alto Networks

    Their Next-Generation Firewall enables applications

  • Arxan Technologies

    Sharing thought leadership & best practices on mobile apps security

  • Bay Dynamics

    IT Analytics

  • Venafi

    Inventor and market leader: Enterprise Key & Certificate Management

  • Trustwave

    Simple solutions to your complex security and compliance challenges

  • Phone Factor

    Multi-factor authentication to protect against today's threats

  • Gemalto

    Gemalto (formerly SafeNet)

  • PhishMe


People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy