What we’re about
The OWASP LA (Los Angeles) chapter (https://owasp.org/www-chapter-los-angeles/) was formed in 2008. We hold meetings on the 4th Wednesday of every month, featuring great speakers on important appsec topics. Join us for food, drinks, to network and understand what application security is really about.
The Open Worldwide Application Security Project (OWASP) is a not-for-profit, 501(c)(3) organization focused on improving the security of all software. Our mission is to improve software security through Open Source initiatives, community education, and networking. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Become an OWASP Member TODAY
Support your LA Chapter: only $50 for the entire year! ($20 if you're a student)
Sponsors
See all
CheckmaxSecuring the Applications Driving Our World
Mend ioequips your dev and security teams with tools to build a mature AppSec
OWASP - LAsponsorship.la@owasp.org
WallarnAPI Security and AI agents
Contrast SecurityApplication Detection and Response for Modern Enterprises
KodemHelping AppSec Teams Make Security a Priority
Endor LabsSecure open source software without the dev productivity tax
DefectDojoDefectDojo is the platform and product that enables scalable security
Cato NetworksOne platform to connect all edges, everywhere- CheckmaxSecuring the Applications Driving Our World
- Mend ioequips your dev and security teams with tools to build a mature AppSec
- OWASP - LAsponsorship.la@owasp.org
- WallarnAPI Security and AI agents
Upcoming events (4+)
See all- OWASP LA Monthly In-Person Meeting - Aug 27, 2025Accenture, Los Angeles, CA, CA
TOPIC: Conquering Castle Envy – The Flawed Mindset That’s Holding Application Security Back
Join us for great networking, dinner and drinks, and see a presentation by Jeff Willams, Co-Founder and CTO, Contrast SecurityABSTRACT: Application security has spent 25 years stuck in the wrong mindset — treating software like a castle that can be fortified, inspected, and declared secure. That mental model leads to confident failure: endless scanning, training, and compliance rituals that rarely stop real threats. In this talk, we’ll re-examine AppSec’s go-to tools — threat modeling, scanning, pentesting, firewalling — through a new lens, so you can see why they keep falling short. The problem isn’t effort. It’s context. You’re trying to secure a living, breathing software city using a blueprint for a castle.
We’ll introduce a new model: Runtime Security. This isn’t theory — it’s about observing real production environments, with real users, data, connections, and threats. We’re not trying to secure a castle. Your application ecosystem is a massive, dynamic city — alive, interconnected, and always under construction. It needs monitoring, coordination, fast response, and resilience — not moats and silos. We’ll show how teams are using runtime visibility and feedback loops to focus on what matters, adapt quickly, and prove they’re making a difference. The most serious AppSec threat isn’t in your code — it’s in your head. Shift your thinking, and everything else starts to fall into place.
Thanks to our SPONSOR: Contrast Security
You can't stop what you can't see
Application Detection and Response for Modern Enterprises
Stop attacks in your applications and APIs from development to productionCODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy - OWASP LA Monthly In-Person Meeting - Sep 24, 2025Need Location, Los Angeles, CA
TOPIC: TBA
ABSTRACT: TBAThanks to our SPONSOR: Kodem Security
The AppSec chase is over.
Swap endless alerts with focused action. Simplify the remediation of your most exploitable issues through runtime security.SPONSORSHIP Opportunities Available
Vendors interested in sponsoring please send an email to sponsorship.la@owasp.orgCODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy - The 2025 California Technology SummitSheraton Park Hotel at the Anaheim Resort, Anaheim, CA
OWASP LA has organized an exceptional offer for our Meetup membership to participate in the 2025 California Technology Summit on October 8th in Anaheim, CA. Join us for a full day of professional development, technical insight, and networking with top minds in IT and cybersecurity.
Register now using code CTS25OWASP for your complimentary pass! Check the full schedule at 2025 California Technology Summit Agenda
### Conference Highlights:
- Opening Keynote: Fred Donatucci, CTO – San Bernardino County
- AI vs AI: Exploring how artificial intelligence is being used to fight AI-driven cyber threats
- CISO & CIO Forums: Executive roundtable sessions for strategic leadership and resilience planning
- Tech & Security Theaters: Covering deepfake detection, wireless architecture, cyber insurance, observability, compliance, and more
- Lunch Sessions: Including presentations on cybersecurity tactics inspired by Sun Tzu, Layer 2 vulnerabilities, and the evolving threat landscape
- Networking & Happy Hour with live sponsor demos and discussions
- Earn CPE Credits while attending technical and executive sessions
- Exhibit Hall featuring over 30 leading technology sponsors
- Sponsor Giveaways including gift cards, tech swag, and security services
- Grand Prize Drawing: Attend the conference for your chance to win the dream vacation you always wanted, plus other exclusive giveaways!
And finally don't forget to stop by the OWASP Los Angeles booth and connect with our local chapter members.
- Authenticate 2024 Conference (FIDO Alliance)Omni La Costa Resort, Carlsbad, CA
OWASP LA has organized an exceptional offer for our meetup membership to participate in FIDO Alliance Authenticate 2025 Conference, October 13 - 15, 2025 in Carlsbad, CA and Virtual. Join us for deep insight in new tools and technology, training, and take advantage of this great opportunity to network with industry professionals.
/** THIS IS A PAID CONFERENCE **/** Register Now ** using code OWASP15 to receive a 15% discount off registration! Prices vary based on FIDO Alliance membership, in-person, and remote. Single day options are also available.
Hosted by FIDO Alliance, Authenticate is the only conference dedicated to all aspects of user authentication – with a focus on the FIDO standards-based approach.
Now in its 6th year, the FIDO Alliance-hosted Authenticate Conference has become renowned for its high-quality content and vibrant community of professionals committed to advancing passkeys and related technologies to create a more secure web.
The focus of the program for the Authenticate 2025 conference is “achieving usable security across the account lifecycle,” with a focus on deeper dives on how to achieve phishing-resistant authentication with passkeys and the adjacent areas necessary to achieve end-to-end account security with usability in mind.2025 keynotes will be delivered by speakers with extensive experience bringing #passwordless experiences to workforces and consumers alike from organizations including Amazon, FIDO Alliance, Google, Microsoft, Sony and Yubico. The conference features content on four stages broken into 11 content tracks to suit attendees’ knowledge base, interests and phase of implementation, along with an interactive expo hall to discover solutions providers, and networking events to connect with peers and subject matter experts.
The agenda features content tracks that collectively build upon one another – covering topics such as FIDO fundamentals, business cases, and in-depth case studies. Attendees can expect to gain the latest insights and how-to information on FIDO authentication and passwordless deployments.
Whether you are new to FIDO, in the midst of deployment or somewhere in between, Authenticate 2025 will have the right content – and community – for you, so don't wait ** Register Now **
/** THIS IS A PAID CONFERENCE **/
And finally don't forget to visit us at the OWASP Los Angeles booth!
