What we’re about
The OWASP LA (Los Angeles) chapter (https://owasp.org/www-chapter-los-angeles/) was formed in 2008. We hold meetings on the 4th Wednesday of every month, featuring great speakers on important appsec topics. Join us for food, drinks, to network and understand what application security is really about.
The Open Worldwide Application Security Project (OWASP) is a not-for-profit, 501(c)(3) organization focused on improving the security of all software. Our mission is to improve software security through Open Source initiatives, community education, and networking. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Become an OWASP Member TODAY
Support your LA Chapter: only $50 for the entire year! ($20 if you're a student)
Sponsors
See all
CheckmaxSecuring the Applications Driving Our World
Mend ioequips your dev and security teams with tools to build a mature AppSec
OWASP - LAsponsorship.la@owasp.org
WallarnAPI Security and AI agents
Contrast SecurityApplication Detection and Response for Modern Enterprises
KodemHelping AppSec Teams Make Security a Priority
Endor LabsSecure open source software without the dev productivity tax
DefectDojoDefectDojo is the platform and product that enables scalable security
Cato NetworksOne platform to connect all edges, everywhere- CheckmaxSecuring the Applications Driving Our World
- Mend ioequips your dev and security teams with tools to build a mature AppSec
- OWASP - LAsponsorship.la@owasp.org
- WallarnAPI Security and AI agents
Upcoming events (4+)
See all- OWASP LA Monthly In-Person Meeting - Aug 27, 2025Accenture, Los Angeles, CA, CA
TOPIC: Conquering Castle Envy – The Flawed Mindset That’s Holding Application Security Back
Join us for great networking, dinner and drinks, and see a presentation by Jeff Willams, Co-Founder and CTO, Contrast SecurityABSTRACT: Application security has spent 25 years stuck in the wrong mindset — treating software like a castle that can be fortified, inspected, and declared secure. That mental model leads to confident failure: endless scanning, training, and compliance rituals that rarely stop real threats. In this talk, we’ll re-examine AppSec’s go-to tools — threat modeling, scanning, pentesting, firewalling — through a new lens, so you can see why they keep falling short. The problem isn’t effort. It’s context. You’re trying to secure a living, breathing software city using a blueprint for a castle.
We’ll introduce a new model: Runtime Security. This isn’t theory — it’s about observing real production environments, with real users, data, connections, and threats. We’re not trying to secure a castle. Your application ecosystem is a massive, dynamic city — alive, interconnected, and always under construction. It needs monitoring, coordination, fast response, and resilience — not moats and silos. We’ll show how teams are using runtime visibility and feedback loops to focus on what matters, adapt quickly, and prove they’re making a difference. The most serious AppSec threat isn’t in your code — it’s in your head. Shift your thinking, and everything else starts to fall into place.
Thanks to our SPONSOR: Contrast Security
You can't stop what you can't see
Application Detection and Response for Modern Enterprises
Stop attacks in your applications and APIs from development to productionThanks to our HOST: Accenture
Assisting our customers in creating their futureCODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy - OWASP LA Monthly In-Person Meeting - Sep 24, 2025Accenture, Los Angeles, CA, CA
TOPIC: From input-handling flaws to crashables: Security lessons from LLM-based coding tools
Join us for great networking, dinner and drinks, and see a presentation by Mahesh Babu, is a former VP of Information Security turned company builder and now leads growth at Kodem,
ABSTRACT: Claude Code illustrates how LLM-based coding tools expand the attack surface. Design choices around approvals, parsing, and error handling can turn into security flaws. We present specific findings Kodem uncovered in Claude Code. Both issues highlight how LLM-based coding tools introduce new misconfiguration and input-handling risks. This talk dissects the issues, their broader implications for AI developer tools, and practical mitigations.
Thanks to our SPONSOR: Kodem Security
The AppSec chase is over.
Swap endless alerts with focused action. Simplify the remediation of your most exploitable issues through runtime security.SPONSORSHIP Opportunities Available
Vendors interested in sponsoring please send an email to sponsorship.la@owasp.orgCODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy - The 2025 California Technology SummitSheraton Park Hotel at the Anaheim Resort, Anaheim, CA
OWASP LA has organized an exceptional offer for our Meetup membership to participate in the 2025 California Technology Summit on October 8th in Anaheim, CA. Join us for a full day of professional development, technical insight, and networking with top minds in IT and cybersecurity.
Register now using code CTS25OWASP for your complimentary pass! Check the full schedule at 2025 California Technology Summit Agenda
### Conference Highlights:
- Opening Keynote: Fred Donatucci, CTO – San Bernardino County
- AI vs AI: Exploring how artificial intelligence is being used to fight AI-driven cyber threats
- CISO & CIO Forums: Executive roundtable sessions for strategic leadership and resilience planning
- Tech & Security Theaters: Covering deepfake detection, wireless architecture, cyber insurance, observability, compliance, and more
- Lunch Sessions: Including presentations on cybersecurity tactics inspired by Sun Tzu, Layer 2 vulnerabilities, and the evolving threat landscape
- Networking & Happy Hour with live sponsor demos and discussions
- Earn CPE Credits while attending technical and executive sessions
- Exhibit Hall featuring over 30 leading technology sponsors
- Sponsor Giveaways including gift cards, tech swag, and security services
- Grand Prize Drawing: Attend the conference for your chance to win the dream vacation you always wanted, plus other exclusive giveaways!
And finally don't forget to stop by the OWASP Los Angeles booth and connect with our local chapter members.
- Hands-on Workshop OWASP LA - OCT 9, 2025Accenture, Los Angeles, CA, CA
TOPIC: TBA
Join us for an action-packed hands-on workshop event led by Dan Barahona, Founder, APIsec University.ABSTRACT: TBA
Thanks to our SPONSOR: APIsec University
You can't stop what you can't see
Novel attacks can appear harmless without visibility into the grey areas of your application layer.Stop attacks in your applications and APIs from development to production.Vendors interested in sponsoring please send an email to sponsorship.la@owasp.org
CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy
