What we’re about
The OWASP LA (Los Angeles) chapter (https://owasp.org/www-chapter-los-angeles/) was formed in 2008. We hold meetings on the 4th Wednesday of every month, featuring great speakers on important appsec topics. Join us for food, drinks, to network and understand what application security is really about.
The Open Worldwide Application Security Project (OWASP) is a not-for-profit, organization focused on improving the security of all software. Our mission is to improve software security through Open Source initiatives, community education, and networking. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Become an OWASP Member TODAY
Support your LA Chapter: only $50 for the entire year! ($20 if you're a student)
Sponsors
See all
KodemHelping AppSec Teams Make Security a Priority
Endor LabsSecure open source software without the dev productivity tax
OWASP - LAsponsorship.la@owasp.org
Mend ioequips your dev and security teams with tools to build a mature AppSec
Contrast SecurityApplication Detection and Response for Modern Enterprises
CheckmaxSecuring the Applications Driving Our World
Cato NetworksOne platform to connect all edges, everywhere- KodemHelping AppSec Teams Make Security a Priority
- Endor LabsSecure open source software without the dev productivity tax
- OWASP - LAsponsorship.la@owasp.org
- Mend ioequips your dev and security teams with tools to build a mature AppSec
TOPIC: Hands-on Application Security Workshop with Runtime Security IAST Technology and Secure Code Training
Join us for an action-packed hands-on workshop event led by Will Derksen, Sr. Solutions Engineer, Contrast Security.
Earn 2 hours of CPE credit!*
ABSTRACT:
Together, we will...
- Unify around a precise definition of a vulnerability, as well as understand the challenges current application testing methodologies have in detecting vulnerabilities, and how to change the way we interact with them
- Get hands-on-keyboard experience leveraging Contrast training to find a vulnerability in code, learn how to fix said vulnerability, and proactively go and remediate the vulnerability
Who should attend?
- AppSec professionals
- Security engineers
- Software engineers
- DevOps/DevSecOps professionals
- Anyone wanting to learn more about identifying and fixing code vulnerabilities, discover the most efficient ways to execute on a DevSecOps program, and become proactively more knowledgeable around secure coding techniques.
** PLEASE NOTE ** - for the lab portion of this event, you must bring a laptop (phones or other personal devices will NOT work for the lab).
*This workshop qualifies for 2 hours of hands-on training for Continuing Professional Credits (CPE). For CISSP holders this would be in the Application Security Discipline and you will receive a certificate of completion after the workshop.
Thanks to our SPONSOR: Contrast Security
You can't stop what you can't see
Novel attacks can appear harmless without visibility into the grey areas of your application layer.Stop attacks in your applications and APIs from development to production.
Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org
CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy
Upcoming events (4+)
See all- Hands-on Workshop OWASP LA - July 9, 2025BLANKSPACES Venice, Los Angeles, CA
TOPIC: Hands-on Application Security Workshop with Runtime Security IAST Technology and Secure Code Training
Join us for an action-packed hands-on workshop event led by Will Derksen, Sr. Solutions Engineer, Contrast Security.
Earn 2 hours of CPE credit!*ABSTRACT:
Together, we will...- Unify around a precise definition of a vulnerability, as well as understand the challenges current application testing methodologies have in detecting vulnerabilities, and how to change the way we interact with them
- Get hands-on-keyboard experience leveraging Contrast training to find a vulnerability in code, learn how to fix said vulnerability, and proactively go and remediate the vulnerability
Who should attend?
- AppSec professionals
- Security engineers
- Software engineers
- DevOps/DevSecOps professionals
- Anyone wanting to learn more about identifying and fixing code vulnerabilities, discover the most efficient ways to execute on a DevSecOps program, and become proactively more knowledgeable around secure coding techniques.
** PLEASE NOTE ** - for the lab portion of this event, you must bring a laptop (phones or other personal devices will NOT work for the lab).
*This workshop qualifies for 2 hours of hands-on training for Continuing Professional Credits (CPE). For CISSP holders this would be in the Application Security Discipline and you will receive a certificate of completion after the workshop.Thanks to our SPONSOR: Contrast Security
You can't stop what you can't see
Novel attacks can appear harmless without visibility into the grey areas of your application layer.Stop attacks in your applications and APIs from development to production.Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org
CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy - AISVS: A Developer-Centric Standard for Securing AI ApplicationsLink visible for attendees
We are thrilled to share this timely talk by Jim Manico and presented by The OWASP Virtual Chapter
RSVP at https://www.meetup.com/owasp-virtual-chapter/events/307914301/
Abstract:
As artificial intelligence systems become integrated into mainstream applications, their attack surface expands dramatically—introducing new threats and compounding existing vulnerabilities. The OWASP Artificial Intelligence Security Verification Standard (AISVS) is a new community-driven project designed to define clear, actionable security requirements for developers, architects, and testers building AI-enabled software.
In this session, OWASP leader and security educator Jim Manico will introduce AISVS 1.0, walk through its structure and key categories, and explain how it complements traditional application security standards like ASVS. You’ll learn:- Why we need AISVS: the unique threats AI systems face
- The structure and scope of AISVS and how it supports different security assurance levels
- Key controls across AI data governance, model development, and deployment
- How AISVS integrates with NIST AI RMF, ISO/IEC 42001, and the OWASP LLM Top 10
- How to start using AISVS in your organization today
Whether you're building AI-driven apps, managing security risk for machine learning models, or curious about adversarial ML and secure prompt engineering—this talk will equip you with the foundation to develop and verify secure and trustworthy AI systems.
Target Audience:
Developers, AppSec professionals, DevOps teams, AI/ML engineers, and anyone interested in the future of secure software development. - SoCal Cyber Luau Social - Saturday July 19, 2025Click Link Below, REGISTER to see the address, Long Beach, CA, CA
Join us for the first ever SoCal Cyber Summer Luau Social, hosted by participating cybersecurity communities in Southern California:
ISSA SoCal, CSA LA/SoCal, OWASP LA, ISC2LA, ISACA OC, OWASP OC, and Women's Society of CyberJutsu Chapters.PLEASE (1) RSVP here on our meetup and (2) remember you must get a ticket here **REGISTER** at https://lu.ma/1szig7el
OWASP LA Members: use code OWASPLA-HOAHUI during check-out in Luma to receive your complimentary passes.
Members of Sponsoring Chapters
Your membership provides you with up to 4 complementary tickets. Please contact your chapter leadership for your code.Not a Member of a Sponsoring Chapter?
You can still attend by purchasing a General Admission ticket. We encourage you to join one of the sponsoring organizations for complementary access.No slides, no panels - just a classic picnic to facilitate connection and community, and to get to know each other.
Whether you're a seasoned pro or just dipping your toes into cybersecurity, join us and build lasting connections.
This is a family friendly event - so bring your loved ones! Pets are also welcome.Come for:
- Aloha inspired food
- Hawaiian T-Shirt Competition
- Games - including some friendly chapter competition
- Great company!
CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy#CSA #ISSASoCal #OWASPLA #CyberJutsu #ISC2LA #Cybersecurity #SafeNetworking #BuildingCommunity
- OWASP LA Monthly In-Person Meeting - Jul 23, 2025Accenture, Los Angeles, CA, CA
TOPIC: The Carrot vs. The Stick: Making a Positive Impact on the Security + Developer Relationship
Join us for great networking, dinner and drinks, and see a presentation by Eitam Arad, Sr. Solutions Engineer, ArnicaABSTRACT:
Security and development teams often work toward the same goal but rarely in sync. Misaligned incentives, late-stage scans, and noisy alerts lead to friction and slow remediation. This talk explores how shifting security earlier in the SDLC and aligning with developer workflows can improve outcomes across the board.
You'll learn how developer empowerment, real-time feedback, and actionable guidance reduce alert fatigue, shorten MTTR, and drive better collaboration between teams.Thanks to our SPONSOR: Arnica
Pipelineless AppSec. Developer-Native Workflows.
Surface the right risk to the right owner at the right time with pipelineless, developer-native workflows that foster collaboration, increase development velocity, and reduce overall risk.SPONSORSHIP Opportunities Available
Vendors interested in sponsoring please send an email to sponsorship.la@owasp.orgCODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy
