Jump to: navigation, search

OWASP Philadelphia

Welcome to the Philadelphia chapter homepage. The chapter leaders are Aaron Weaver, John Baek and Evan Oslick.

Follow us @phillyowasp
Click here to join the local chapter mailing list.


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Chapter Meetings

Visit our group on

Upcoming events

  • Nov 19, 2018 (18:00): Threat intelligence on Application Security and DefectDojo: Open SourceComcast Center, 1 Comcast Center · Philadelphia, PAHow Applications Are Attacked – an In-Depth Data-Driven Analysis Ray Pompon=> Principal Threat Research Evangelist, F5 Labs will provide results of data analysis for specific industries related to application attacks and prevention. DefectDojo: Running an OWASP Project Aaron Weaver=>Security Consultant, Chapter Lead will discuss DefectDojo, an OWASP project and how to use collaboration acr (read more)
See all upcoming events on

Past events

  • Oct 16, 2018 (18:00): Philly Meetup - Capture the FlagVertex, 2301 Renaissance Blvd · King of Prussia, paThe next OWASP Philly meetup will be held on Tuesday October 16th, 2018 between 6:00 and 8:30pm at Vertex (2301 Renaissance Blvd · King of Prussia). This will be an interactive meetup where you'll have a chance to learn about and apply real application security concepts using the CMD+CTRL capture the flag platform. More information about the event below: LEARN TO DEFEND AGAINST HACKERSThe CTF wil (read more)
  • May 16, 2018 (18:00): Scaling Security using Automation Pipelines joint meeting with AWS User GroupAnexinet, 4 Sentry Parkway East, Suite 300 · Bluebell, PAAre you looking for frictionless security testing in your build pipeline that scales across your organization? This talk provides the framework and tooling to build a DevSecOps pipeline. Do you have infrastructure as code? Can you find security misconfigurations before those changes are applied to your cloud infrastructure? Continuous security testing is achieved using the AppSec Pipeline tool whi (read more)
  • Apr 17, 2018 (18:00): OWASP Top 10 Review and AppSec MeetupNuix, 20 Ash Street · Conshohocken, paHi all - We are restarting chapter for 2018 and will kick off the event reviewing the new OWASP Top 10 list. Let me know what kind of talks you are interested in and we have several more planned for the near future.
  • Aug 18, 2017 (11:30): Security Architects and Engineers, NextGen Developers, and IT Risk ProsVanguard, 425 Old Morehall Road Malvern · Malvern, PAThe Global Technology Audit Services (GTAS) team is excited to partner with the Philadelphia Open Web Application Security (OWASP) chapter to host a chapter meeting here on Vanguard’s campus. Join us on August 18 from 11:30 -3 for pizza, networking and an in-depth discussion focused on techniques used to integrate security early in the development lifecycle. Traditionally, organizations have (read more)
  • May 23, 2017 (18:00): From DevOps to DevSecOpsComcast Center, 1 Comcast Center · Philadelphia, PATalk: From DevOps to DevSecOpsPresenter: Larry Maccherone Senior Director Application Security “There is growing awareness that you cannot prevent the vast majority of incidents with a bolt-on approach to security. This talk introduces a process model and means of mindset change to achieve a "BUILD SECURITY IN" DevSecOps culture.” NOTE: Please use your full name when registering. S (read more)
See all past events on