What we're about

OWASP is a not-for-profit, worldwide organization focused on improving the security of all software. Our mission is to make software security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.

The OWASP Los Angeles chapter was formed by Cassio Goldschmidt. Tin Zaw and Richard Greenberg soon followed as presidents of the organization. Under their leadership, OWASP LA was awarded Chapter of the Year. Additionally, Richard Greenberg was elected to the OWASP Global Board of Directors and served 2019-2020. OWASP LA was one of the founding chapters of the world-reknon AppSec California conferences.

We hold virtual (for now) Meetups on the 4th Wednesday every month, featuring great speakers on important security topics. Once we can again meet in person, we would love to have you join us for food and drink and to socialize and understand what security is really about.

Join the movement today!

Become an OWASP Member TODAY (https://www.owasp.org/index.php/Individual_Member)
Support your LA Chapter: only $50 for the entire year! ($20 if you're a student)

Upcoming events (1)

OWASP LA Monthly In-Person Meeting - FEB 22, 2023

Lawrence Harvey Recruitment Los Angeles

TOPIC: Every Risk is Not a CVE: Bolster up Against Software Supply Chain Attacks
Join us for great networking, dinner and drinks, and see a presentation by Jamie Scott - Product Manager

ABSTRACT: 3rd party and open source software components are both desired and indispensable ingredients used throughout the development lifecycle, but their consumption comes with considerable security risks, both for the developer herself and her downstream users. The rise of corresponding security incidents demonstrates that adversaries discovered those attack vectors as a viable and scalable attack pattern.
We will present a comprehensive, comprehensible and technology-agnostic taxonomy of attack vectors, created on the basis of hundreds of real-world incidents, and validated by experts in the domain. An interactive visualization of this taxonomy, available as open source itself, will be demoed throughout the talk to explain different techniques at the disposal of attackers, supported by real-world examples.
Following, we will discuss the types of defenses you can put in place to detect and respond to such modern day attacks.

Thanks to our Sponsor: Endor Labs
Endor Labs’ Dependency Lifecycle Management Platform is designed to address the weakest link in software supply chain security: the ungoverned sprawl of open source software in the enterprise. Endor Labs’ mission is to help developers spend less time dealing with security issues and more time accelerating development through safe code reuse. With this solution, development and security teams are able to maximize software reuse by safely evaluating, maintaining, and updating dependencies at scale.

Vendors interested in sponsoring send an email to [masked]

Past events (143)

OWASP LA Monthly In-Person Meeting - JAN 25, 2023

Lawrence Harvey Recruitment Los Angeles