OWASP Salt Lake City


Welcome to the OWASP Salt Lake City Chapter (aka your local appsec support group). We try to meet monthly and do so virtually for now.

  • Join us virtually at our upcoming chapter meetings (RSVP for upcoming events through our meetup page)
  • Chat with us on Slack
  • Follow us on Twitter

Upcoming Event(s)

March 2022 Details

  • TBD


The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

Chapters are led by local leaders in accordance with the Chapter Leader Handbook. Financial contributions should only be made online using the authorized online donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP Project, independent research, or related software security topic you would like to present.

Everyone is welcome and encouraged to participate in our Projects, Local Chapters, Events, Online Groups, and Community Slack Channel. We especially encourage diversity in all our initiatives. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert. We also encourage you to be become a member or consider a donation to support our ongoing work.


Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.

Past Events

See all recent events in MeetUp.

February 22, 2022 - Mobile App Pen testing

Thursday, January 12

  • Developer Training
  • Round Table Discussion

November 22nd and talked about:

  • OWASP’s new Top 10 2021
  • OWASP Top 10 is almost entirely categories now with SSRF the last Top 10 that sounds like a single vulnerability; most are collections of dozens of CWEs
  • XSS is now part of the broad injection category, but in some ways, a lot of these could be linked into even broader categories in the same way; there’s a lot of overlap as illustrated by a venn diagram that was shared, but it was for the 2017 Top 10
  • Lots of company’s use OWASP Top 10 for training
  • Top 10 can also be used for threat modeling/checklists or as a way to check tool/process coverage (e.g., does tool X find OWASP Top 10 A??)

September 29, 2021

  • Career progression in AppSec (from entry level up to technical tracks and management),
  • How participating in conferences and events (e.g., CTF) can help entry level candidates,
  • Impostor syndrom is common in this industry and we all often have to look things up or refresh our memory or learn something new,
  • How technical leaders provide value by “scaling their services” (helping others be more effective).