What we’re about
The OWASP LA (Los Angeles) chapter (https://owasp.org/www-chapter-los-angeles/) was formed in 2008. We hold meetings on the 4th Wednesday of every month, featuring great speakers on important appsec topics. Join us for food, drinks, to network and understand what application security is really about.
The Open Worldwide Application Security Project (OWASP) is a not-for-profit, 501(c)(3) organization focused on improving the security of all software. Our mission is to improve software security through Open Source initiatives, community education, and networking. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
Become an OWASP Member TODAY
Support your LA Chapter: only $50 for the entire year! ($20 if you're a student)
Sponsors
OWASP - LA
sponsorship.la@owasp.org
Wallarn
API Security and AI agents
Contrast Security
Application Detection and Response for Modern Enterprises
Kodem
Helping AppSec Teams Make Security a Priority
Arnica
AppSec made simple pipelineless detection and secret mitigation.
Endor Labs
Secure open source software without the dev productivity tax
DefectDojo
DefectDojo is the platform and product that enables scalable security
Cato Networks
One platform to connect all edges, everywhere
Checkmax
Securing the Applications Driving Our World
Mend io
equips your dev and security teams with tools to build a mature AppSec
Upcoming events
8
Authenticate 2025 Conference (FIDO Alliance)
Omni La Costa Resort, 2100 Costa Del Mar Rd,, Carlsbad, CA, USOWASP LA has organized an exceptional offer for our meetup membership to participate in FIDO Alliance Authenticate 2025 Conference, October 13 - 15, 2025 in Carlsbad, CA and Virtual. Join us for deep insight in new tools and technology, training, and take advantage of this great opportunity to network with industry professionals - Check out the full Agenda and session details.
/** THIS IS A PAID CONFERENCE **/** Register Now ** using code OWASP15 to receive a 15% discount off registration! Prices vary based on FIDO Alliance membership, in-person, and remote. Single day options are also available.
Hosted by FIDO Alliance, Authenticate is the only conference dedicated to all aspects of user authentication – with a focus on the FIDO standards-based approach.
Now in its 6th year, the FIDO Alliance-hosted Authenticate Conference has become renowned for its high-quality content and vibrant community of professionals committed to advancing passkeys and related technologies to create a more secure web.
The focus of the program for the Authenticate 2025 conference is “achieving usable security across the account lifecycle,” with a focus on deeper dives on how to achieve phishing-resistant authentication with passkeys and the adjacent areas necessary to achieve end-to-end account security with usability in mind.2025 keynotes will be delivered by speakers with extensive experience bringing #passwordless experiences to workforces and consumers alike from organizations including Amazon, FIDO Alliance, Google, Microsoft, Sony and Yubico. The conference features content on four stages broken into 11 content tracks to suit attendees’ knowledge base, interests and phase of implementation, along with an interactive expo hall to discover solutions providers, and networking events to connect with peers and subject matter experts.
The agenda features content tracks that collectively build upon one another – covering topics such as FIDO fundamentals, business cases, and in-depth case studies. Attendees can expect to gain the latest insights and how-to information on FIDO authentication and passwordless deployments.
Whether you are new to FIDO, in the midst of deployment or somewhere in between, Authenticate 2025 will have the right content – and community – for you, so don't wait ** Register Now **
/** THIS IS A PAID CONFERENCE **/
And finally don't forget to visit us at the OWASP Los Angeles booth!
8 attendees
OWASP LA Monthly In-Person Meeting -Oct 22, 2025
Accenture, 1003 E 4th Pl 8th Floor, Los Angeles, CA, CA, USTOPIC: Secure Vibe Coding: 3 Key Lessons
Join us for great networking, dinner and drinks, and see a presentation by Andrew Stiefel, Product Marketing Manager at Endor LabsABSTRACT:
AI coding assistants like Cursor, Copilot, and Windsurf significantly increase productivity and assist with mundane coding tasks. But while powerful, these tools carry risks: trained on vast public datasets, they inherit bad patterns without necessarily ensuring secure application development. In this talk, we'll share three actions you can take to improve code security:- Start with secure prompts
- Implement security standards
- Get real-time security signal
Thanks to our SPONSOR: Endor Labs
Built for Devs by Devs
Real-time scanning & AI semantic analysis lets you find more vulnerabilities, faster.CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy37 attendees![OWASP LA [VIRTUAL] Meeting - OCT 29, 2025](https://secure.meetupstatic.com/photos/event/7/3/3/a/highres_530609498.jpeg)
•OnlineOWASP LA [VIRTUAL] Meeting - OCT 29, 2025
Online/** VIRTUAL **/
TOPIC: Diving in with Vibe Coding11:30-12:00 PM : Session opens, Networking, Chapter Intro
12:00-01:00 PM : Main Talk + Q&A
01:00-1:30 PM: More networking and discussionABSTRACT: This talk will encourage new developers to unleash the power of vibe coding to ”dive in” and build emerging tech and “move fast and break things” with confidence.
The talk will touch upon the following topics:- What vibe coding is, and why it is no longer optional for developers
- How vibe coding can increase productivity when coding, and ways you can build security into these workflows
- Resources that may help along the way
SPONSORSHIP Opportunities Available
Vendors interested in sponsoring please send an email to sponsorship.la@owasp.orgCODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy5 attendees
OWASP 2025 Global AppSec USA (Washington, DC)
Marriott Marquis, 901 Massachusetts Avenue NW, Washington , DC, USTwo powerhouse voices in security will keynote for OWASP Global AppSec USA 2025, in Washington DC!
📍 Daniel Miessler — AI & Security Researcher, entrepreneur, and Founder/CEO of Unsupervised Learning. With thousands of essays and articles, Daniel is a leading thinker at the intersection of AI and cybersecurity.
📍 Adam Shostack — World-renowned threat modeling expert and consultant at Shostack & Associates. Adam’s work empowers organizations to build software that’s secure by design.📈 Level Up Your AppSec Skills with Our 3-Day Trainings Nov 3-5:
📍 Adam Shostack: Threat Modeling Intensive with AI
📍 Jim Manico: AppSec and AI Security for Developers
📍 Abhay Bhargav: Attacking and Defending AWS, Azure & GCP Applications
📍 Dawid Czagan: Full-Stack Pentesting Laboratory: 100% Hands-On + Lifetime LAB AccessCheck the full agenda and training details at https://owaspglobalappsecusa2025.sched.com/list/simple
Join us in Washington, D.C., November 3–7
👉 NOTE this is a paid conference - you must register on https://owasp.glueup.com/event/131624/register/#AppSec #Cybersecurity #ThreatModeling #AISecurity #DevSecOps #GlobalAppSec #Infosec #AppSecUSA #OWASP #DevSecOps
2 attendees
Past events
208
Group links
Organizers
Sponsors
OWASP - LA
sponsorship.la@owasp.org
Wallarn
API Security and AI agents
Contrast Security
Application Detection and Response for Modern Enterprises
Kodem
Helping AppSec Teams Make Security a Priority
Arnica
AppSec made simple pipelineless detection and secret mitigation.
Endor Labs
Secure open source software without the dev productivity tax
DefectDojo
DefectDojo is the platform and product that enables scalable security
Cato Networks
One platform to connect all edges, everywhere
Checkmax
Securing the Applications Driving Our World
Mend io
equips your dev and security teams with tools to build a mature AppSec