What we're about

OWASP is a not-for-profit, worldwide organization focused on improving the security of all software. Our mission is to make software security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.

The OWASP Los Angeles chapter was formed by Cassio Goldschmidt. Tin Zaw and Richard Greenberg soon followed as presidents of the organization. Under their leadership, OWASP LA was awarded Chapter of the Year. Additionally, Richard Greenberg was elected to the OWASP Global Board of Directors and served 2019-2020. OWASP LA was one of the founding chapters of the world-reknon AppSec California conferences.

We hold virtual (for now) Meetups on the 4th Wednesday every month, featuring great speakers on important security topics. Once we can again meet in person, we would love to have you join us for food and drink and to socialize and understand what security is really about.

Join the movement today!

Become an OWASP Member TODAY (https://www.owasp.org/index.php/Individual_Member)
Support your LA Chapter: only $50 for the entire year! ($20 if you're a student)

Upcoming events (2)

OWASP LA Monthly In-Person Meeting - October 5, 2022

Needs a location

TOPIC: Security for Growth Companies

*** NOTE NEW DATE *** Join us for great networking, dinner, and see a presentation by Cassio Goldschmidt, the founder of OWASP Los Angeles and CISO of ServiceTitan

ABSTRACT: The increased pressure for cybersecurity practices, even in their earliest stages, is becoming a common demand from both customers and investors. With cyber threats escalating, it’s more urgent than ever to embed security into a company’s day-to-day operations from day one to prevent ‘security debt’ from emerging as the company scales.
Establishing a robust cyber security program can be a daunting task. A cloud-native company faces dozens of cybersecurity tools to choose from and the typical resource constraints of a young company that needs to grow fast. Based on the practical advice given by CISOs of 7 hyper-growth companies (Netflix, Datadog, HashiCorp, ACV, Axonius, Discord, and ServiceTitan), this talk aims to provide you with a modern, light-weight security guide to succeed in the cloud-first/cloud-native era.

BIO: Cassio Goldschmidt is the Chief Information Security Officer (CISO) at ServiceTitan and an operating advisor at Bessemer. He is also an investor, startup advisor, MBA mentor, regular speaker at conferences, long-time contributor to the security community, and an award-winning technology executive.

Sponsor: Vendors interested in sponsoring send an email to [masked]

OWASP LA Monthly In-Person Meeting - October 26, 2022

Needs a location

TOPIC: Mobile App Vulnerabilities – The Bad, The Worse And The Ugly

Join us for great networking, dinner, and see a presentation by Ray Kelly, Fellow at Synopsys

ABSTRACT: One of today’s hottest targets for hackers is mobile applications. Whether its developer inexperience, rush to market or poor coding techniques, hackers are exploiting mistakes made by mobile app developers and it can be quite costly for companies. In this session you will see attack vectors for mobile apps and real examples of vulnerable public facing apps and how they were exploited.

BIO: Ray Kelly is an internet security professional with over twenty five years of development experience, twenty of which has focused on the internet security space. Ray has been a key player in multiple successfully acquired cyber security start-ups. He was the lead developer and business unit director for WebInspect with SPI Dynamics which is an industry leading application security scanner (later HP and Micro Focus). Ray holds three web application scanning patents and speaks regularly at security conferences. Today, Ray is a Fellow at Synopsys (formally WhiteHat) where he contributes to research, sales and vision of the security product line.

Thanks to our Sponsor: Synopsys
Build Secure Software, Faster. Synopsys helps customers build security and quality into the DNA of their software code―at any stage of the software development lifecycle and across the supply chain―to minimize risks while maximizing speed of application development. Our static analysis, software composition analysis, and dynamic analysis solutions allow customers to find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior with unmatched depth, accuracy, and speed. We help companies test their software early and often, so they can avoid costly product crashes, security breaches, and catastrophic system failures. We also automate the process of securing and managing open source software to ensure license compliance, remediate vulnerabilities, and reduce operational risks.

Vendors interested in sponsoring send an email to [masked]

Past events (135)

OWASP LA Monthly In-Person Meeting - August 24, 2022

Needs a location

Photos (329)