What we’re about
The OWASP LA (Los Angeles) chapter (https://owasp.org/www-chapter-los-angeles/) was formed in 2008. We hold meetings on the 4th Wednesday of every month, featuring great speakers on important appsec topics. Join us for food, drinks, to network and understand what application security is really about.
The Open Worldwide Application Security Project (OWASP) is a not-for-profit, organization focused on improving the security of all software. Our mission is to improve software security through Open Source initiatives, community education, and networking. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Become an OWASP Member TODAY
Support your LA Chapter: only $50 for the entire year! ($20 if you're a student)
Sponsors
See all
KodemHelping AppSec Teams Make Security a Priority
Endor LabsSecure open source software without the dev productivity tax
OWASP - LAsponsorship.la@owasp.org
Mend ioequips your dev and security teams with tools to build a mature AppSec
Contrast SecurityApplication Detection and Response for Modern Enterprises
CheckmaxSecuring the Applications Driving Our World
Cato NetworksOne platform to connect all edges, everywhere- KodemHelping AppSec Teams Make Security a Priority
- Endor LabsSecure open source software without the dev productivity tax
- OWASP - LAsponsorship.la@owasp.org
- Mend ioequips your dev and security teams with tools to build a mature AppSec
TOPIC: The End of Mobile Security Complacency: DMA, Antitrust, and the Rise of Real API Protection
Join us for great networking, dinner and drinks, and see a presentation by Ted Miracco, CEO, Approov
ABSTRACT:
The security landscape for mobile applications is being redrawn. The EU’s Digital Markets Act (DMA) and landmark legal decisions against Apple’s app store practices are ushering in a new era of mobile security transparency and accountability. At the same time, reports like Dark Reading’s “Mobile Applications Are a Cesspool of Security Issues” expose the urgent need for serious mobile app and API protection strategies.
This talk uncovers the hidden risks of platform monocultures and challenges Apple and Google’s claim that built-in security is sufficient. It offers a practical roadmap for implementing app attestation, runtime protection, and secure API communication to counteract threats such as API scraping, bot automation, credential abuse, and tampered client applications.
We'll dissect recent changes in regulation and litigation and explain why OWASP professionals must lead the charge in adopting more resilient, open, and developer-driven mobile security practices.
Learning Objectives:
- Understand the regulatory and legal catalysts reshaping mobile app security.
- Learn how API attacks exploit mobile app weaknesses, despite “built-in” platform defenses.
- Evaluate tools and frameworks, including app attestation and RASP, that enable secure API communication.
- Gain insights into how to implement dynamic secrets, certificate pinning, and secure client validation.
- Explore why monopolistic behaviors hinder innovation and what OWASP chapters can do about it.
Thanks to our SPONSOR: Approov
Regain Control of Your Mobile App Security.
Approov is a team of passionate developers dedicated to making the future of mobile secure. With focus on developing the world’s most complete end-to-end solution for mobile app security from the device into the cloud, our solutions are used worldwide to secure mobile apps and their APIs in everything from automotive, financial services, healthcare to e-commerce, gaming and media.
Thanks to our HOST: Accenture
Every day, we embrace change and create value for all our stakeholders around the world.
Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org
CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy
Upcoming events (4+)
See all- OWASP LA Monthly In-Person Meeting - Jun 25, 2025Villas at Playa Vista, Playa Vista, CA
TOPIC: The End of Mobile Security Complacency: DMA, Antitrust, and the Rise of Real API Protection
Join us for great networking, dinner and drinks, and see a presentation by Ted Miracco, CEO, ApproovABSTRACT:
The security landscape for mobile applications is being redrawn. The EU’s Digital Markets Act (DMA) and landmark legal decisions against Apple’s app store practices are ushering in a new era of mobile security transparency and accountability. At the same time, reports like Dark Reading’s “Mobile Applications Are a Cesspool of Security Issues” expose the urgent need for serious mobile app and API protection strategies.
This talk uncovers the hidden risks of platform monocultures and challenges Apple and Google’s claim that built-in security is sufficient. It offers a practical roadmap for implementing app attestation, runtime protection, and secure API communication to counteract threats such as API scraping, bot automation, credential abuse, and tampered client applications.
We'll dissect recent changes in regulation and litigation and explain why OWASP professionals must lead the charge in adopting more resilient, open, and developer-driven mobile security practices.
Learning Objectives:- Understand the regulatory and legal catalysts reshaping mobile app security.
- Learn how API attacks exploit mobile app weaknesses, despite “built-in” platform defenses.
- Evaluate tools and frameworks, including app attestation and RASP, that enable secure API communication.
- Gain insights into how to implement dynamic secrets, certificate pinning, and secure client validation.
- Explore why monopolistic behaviors hinder innovation and what OWASP chapters can do about it.
Thanks to our SPONSOR: Approov
Regain Control of Your Mobile App Security.
Approov is a team of passionate developers dedicated to making the future of mobile secure. With focus on developing the world’s most complete end-to-end solution for mobile app security from the device into the cloud, our solutions are used worldwide to secure mobile apps and their APIs in everything from automotive, financial services, healthcare to e-commerce, gaming and media.Thanks to our HOST: Accenture
Every day, we embrace change and create value for all our stakeholders around the world.Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org
CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy - Hands-on Workshop OWASP LA - July 9, 2025Need a place!, Los Angeles, CA
TOPIC: Hands-on Application Security Workshop with Runtime Security IAST Technology and Secure Code Training
Join us for an action-packed hands-on workshop event led by Will Derksen, Sr. Solutions Engineer, Contrast Security.
Earn 2 hours of CPE credit!*ABSTRACT:
Together, we will...- Unify around a precise definition of a vulnerability, as well as understand the challenges current application testing methodologies have in detecting vulnerabilities, and how to change the way we interact with them
- Get hands-on-keyboard experience leveraging Contrast training to find a vulnerability in code, learn how to fix said vulnerability, and proactively go and remediate the vulnerability
Who should attend?
- AppSec professionals
- Security engineers
- Software engineers
- DevOps/DevSecOps professionals
- Anyone wanting to learn more about identifying and fixing code vulnerabilities, discover the most efficient ways to execute on a DevSecOps program, and become proactively more knowledgeable around secure coding techniques.
PLEASE NOTE - for the lab portion of this event, you must bring a laptop (phones or other personal devices will NOT work for the lab).
*This workshop qualifies for 2 hours of hands-on training for Continuing Professional Credits (CPE). For CISSP holders this would be in the Application Security Discipline and you will receive a certificate of completion after the workshop.Thanks to our SPONSOR: Contrast Security
You can't stop what you can't see
Novel attacks can appear harmless without visibility into the grey areas of your application layer.Stop attacks in your applications and APIs from development to production.Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org
CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy - OWASP LA Monthly In-Person Meeting - Aug 27, 2025Accenture, Los Angeles, CA, CA
TOPIC: TBA
ABSTRACT: TBA
Thanks to our SPONSOR: Contrast Security
You can't stop what you can't see
Application Detection and Response for Modern Enterprises
Stop attacks in your applications and APIs from development to productionCODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy - The 2025 California Technology SummitSheraton Park Hotel at the Anaheim Resort, Anaheim, CA
OWASP LA has organized an exceptional offer for our Meetup membership to participate in the 2025 California Technology Summit on October 8th in Anaheim, CA. Join us for a full day of professional development, technical insight, and networking with top minds in IT and cybersecurity.
Register now using code CTS25OWASP for your complimentary pass! Check the full schedule at 2025 California Technology Summit Agenda
### Conference Highlights:
- Opening Keynote: Fred Donatucci, CTO – San Bernardino County
- AI vs AI: Exploring how artificial intelligence is being used to fight AI-driven cyber threats
- CISO & CIO Forums: Executive roundtable sessions for strategic leadership and resilience planning
- Tech & Security Theaters: Covering deepfake detection, wireless architecture, cyber insurance, observability, compliance, and more
- Lunch Sessions: Including presentations on cybersecurity tactics inspired by Sun Tzu, Layer 2 vulnerabilities, and the evolving threat landscape
- Networking & Happy Hour with live sponsor demos and discussions
- Earn CPE Credits while attending technical and executive sessions
- Exhibit Hall featuring over 30 leading technology sponsors
- Sponsor Giveaways including gift cards, tech swag, and security services
- Grand Prize Drawing: Attend the conference for your chance to win the dream vacation you always wanted, plus other exclusive giveaways!
And finally don't forget to stop by the OWASP Los Angeles booth and connect with our local chapter members.
