Jump to: navigation, search

Welcome to OWASP Baltimore

The OWASP Baltimore Local Chapter meetings are FREE and OPEN to anyone interested in learning more about application security. We encourage individuals to provide knowledge transfer via hands-on training and presentations about OWASP projects, security research topics, and the Software Development Life Cycle.

The chapter is committed to providing an engaging experience for a variety of audience types ranging from local students and those beginning in AppSec to experienced and accomplished professionals and researchers who are looking for competent collaborators for active OWASP-related projects.

We encourage vendor-agnostic presentations and individual volunteerism to enable perpetual growth. As a 501(3)c non-profit association, we encourage donations of meeting space, catering, and event sponsorship. Simply contact the local chapter leaders listed on this page to discuss.

OWASP Baltimore

Welcome to the Baltimore chapter homepage. Come see us at a chapter meeting, join the mailing list, or email our leaders. Membership is not required to participate and meetings are FREE and OPEN to all interested parties.

The chapter leaders are Ann Grove, Chaim Sanders, and Brad Scherer. Please feel free to email one or all of us with questions or interest in sponsorship, speaking, or offering space. We welcome your participation and thoughts.

The chapter is fiscally sound. Our current account balance can be publicly viewed, in the interest of transparency and accountability. Please feel free to view Our Budget

The group's mailing list, OWASP Baltimore, is open to both members and non-members and its archive can be found at OWASP Baltimore Archives. Please be aware that communication sent to this list are publicly visible at the archive link. This includes both email address and the message body.
Click here to join the local chapter mailing list.


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Chapter Meetings

Visit our group on

Upcoming events

No events are scheduled at the moment.

Past events

  • Oct 2, 2018 (18:00): October: Brian Reed - Risks Hiding in Plain SightTEK Systems, 999 Corporate Blvd Ste 200 · Linthicum Hts, What happens when you vett hundreds of thousands of appstore apps against OWASP Mobile Top 10 criteria? Arrive and eat: 6 to 6:30Presentation by Brian Reed: 6:30 to around 7:30Q&A, closing: 7:30 to 8Join in person or online>>, pw owaspDial: US: [masked] or [masked]Meeting ID:[masked]International numbers available: https:// (read more)
  • Jul 31, 2018 (18:00): July: Reducing the Attack Surface of a .Net OWIN WebsiteZeroFox, 1834 South Charles St · Baltimore, mdArrive and eat: 6 to 6:30Presentation by Clarke Bowers: 6:30 to around 7:30Q&A, closing: 7:30 to 8 OWIN is an alternative to the IIS HTTP pipeline. It provides explicit control of the exposed surface of your web application. OWIN runs in a variety of environments: Window Server, Windows EXE, IIS Application, Linux. It optionally support ASP.NET, Routing and MVC. Topics covered will be: pipelin (read more)
  • Jun 26, 2018 (18:00): June: Scanner Bakeoff PART 2 – Use Cases for Two Popular DAST toolsTEK Systems, 999 Corporate Blvd Ste 200 · Linthicum Hts, Location will be added soon. Schedule6:00 Arrive/enjoy pizza and drinks from our host TEKsystems6:30 7:30 Dave Wichers: A look at the popular, open-source ZAP (Zed Attack Proxy), an OWASP project8:00 Q&A In March, Chaim Sanders presented a practical approach to using BURP for Dynamic Application Security Testing (DAST), which was the first half of the DAST bakeoff. Join us for the second half (read more)
  • May 22, 2018 (18:00): May: The Hacking Journey through a Web Application AttackTEK Systems, 999 Corporate Blvd Ste 200 · Linthicum Hts, ARRIVE/EAT: 6 to 6:30PRESENTATION: 6:30 to about 7:30Q&A/CLOSING: 7:30 to 8 Remote option at 6:30: GOAL: Provide insight to the application developer of what the hacker goes through to break a web application (i.e. gain unauthorized access to the device). OUTLINEThe Scenario (the setup)The Journey- Finding information- Enumerating more information- Testi (read more)
  • Apr 24, 2018 (18:00): April: Matt Green on the role of cryptography in web app security TEK Systems, 999 Corporate Blvd Ste 200 · Linthicum Hts, TOPIC: The role of cryptography in modern application security (touching upon application layer encryption and TLS 1.3).~~~~Onsite attendees: registration is recommended. Drop ins are welcome if space allows. Free event! Students welcome.Virtual attendees: reception (food/drink): 6 to 6:30Presentatio (read more)
See all past events on

Again, Welcome!

Everyone -- whether a member or not -- is welcome to join our mailing list, attend chapter meetings, and reach out to chapter leaders. Join us as we pursue the OWASP mission: to make application security visible.

Social Channels



Mailing Lists

Chapter Leaders

Ann Grove,

Chaim Sanders

Brad Scherer