OWASP Portland, Maine

Welcome OWASP Portland Maine

Welcome to the OWASP Portland Maine chapter homepage. OWASP Portland Maine is the Maine, United States chapter of OWASP, the Open Web Application Security Project.


We aim to organize at least four (4) chapter meetings per year.


If you would like to join or participate in our events and network with our community, we’d love to have you!

Reach us via email at [email protected] or our social links on the right!

Next Meeting/Event

All OWASP Maine Chapter meetings are posted on our Meetup page. Please visit OWASP Maine Meetup for event information.

We hope to see you there!

Past Events

Register on Meetup.com

Recent Events

Tuesday November 21, 2023 6:00 PM to 8:00 PM

Hosted By: Onapsis Topic: Cybersecurity of Critical SAP Apps

Rising Tide Brewery - 103 Fox St - Portland, ME


Application and software security are so vitally important in all aspects of the business especially with every company becoming a software company as they navigate through digital transformations.

With that being said ERP systems are some of THE MOST critical applications within enterprises today and come with their own unique set of security challenges.

The fine folks at Onapsis who 100% specialize in SAP and ERP application security will be on site to dive deep into these specific challenges. They will also review real world attacks on SAP ERP environments and discuss the best in class strategies and measures you can do to mitigate the risk of exploitation of your ERP environments.

Anyone who is involved in SAP ERP environments from both a software development and security perspective would gain a tremendous amount of knowledge attending this meetup.

Thursday, October 26, 2023 RESCHEDULED

Thursday, June 22, 2023 6:00 PM to 8:00 PM

Hosted By: NowSecure Topic: Jump into Mobile AppSec with the OWASP MAS Project

IDEXX Corporate Headquarters - 1 Idexx Dr - Westbrook, ME


Mobile apps dominate all digital time spent online - but mobile AppSec programs often lag. Jumpstart your team and skills by stepping inside the OWASP Mobile AppSec Project (MAS), the OWASP Mobile Application Security Verification Standard (MASVS), and OWASP Mobile Application Security Testing Guide (MASTG) to learn about the fundamentals of mobile app security and the latest updates just released in OWASP MASVS V2 launched at OWASP Global AppSec in Dublin. Learn the differences in Mobile AppSec vs Web AppSec and how to put OWASP MAS project, tools and resources to work.

In this session we will drill down into the top 5 most frequent security issues found in testing thousands of mobile apps. Learn how to test for them, and how to teach your dev teams to prevent them with code examples, test examples, links to additional resources and how to build your own toolkit. Along the way we will hit the latest privacy and security updates with iOS and Android.

Older Events

Wednesday April 19, 2023

1st Annual 2023 OWASP Maine Secure Coding Tournament

January 19, 2023

Post COVID OWASP Maine Relaunch Networking Event!

Monday, November 14, 2022

2022 OWASP Global AppSec San Francisco

Friday, October 21, 2022

Are you an OWASP Member?

Tuesday, September 13, 2022

OWASP Advanced Whiteboard Hacking - AKA Hands on Threat Modeling

Thursday, June 10, 2021 6:00 PM to 8:00 PM REMOTE

Hosted By: OWASP Topic: OWASP Maine June 2021 Virtual Meeting


We’re back for the first OWASP Maine meetup of 2021!

Hacking Modern Websites with OWASP Juice Shop

Have you ever thought about getting into web application security testing? Maybe you know a few things and you would like to sharpen your skills in testing modern single-page web applications? Well, this is the event for you.

In this hands-on hacking workshop, Ben Allen (https://www.dc207.org) will dig in to one of OWASP’s flagship projects, Juice Shop (https://owasp.org/www-project-juice-shop/). Juice Shop emulates an e-commerce web application and is meant to show how modern JavaScript-based applications can be compromised.

In this follow-along workshop we will cover:

What OWASP Juice Shop is How to deploy your own Juice Shop on the internet for free How to set your computer up for testing How to hunt for bugs An interactive walk-through of a few challenges

What you will need to follow along:

A computer with Windows / MacOS / Linux installed A desire to learn about web application security testing

Thursday, January 23, 2020 6:00 PM to 8:00 PM

Hosted By: Guideline Topic: SSH & Reverse Engineering

Benkay Japanese Restraunt & Sushi Bar - 16 Middle St - Portland, ME

We’re back for the first OWASP meetup of 2020! Once again we’ll be hosted by Guideline.

This month we have two of our members presenting for the group:

  • Keep SSH keys secret, keep them safe!

    Why & How to keep your SSH keys on a Yubikey, and effectively use them. We will run through some of the benefits of keeping keys on a cryptographic device, and how to enhance your key security without degrading usability.

  • Intro to Reverse Engineering

    Ben Mason (suidroot) will cover some of the basics of reverse engineering software and firmware. Ben will cover tools, processes, and some basic techniques used to investigate how to take apart a piece of software and understand what is doing.

Thursday, 24 October 2019 6PM

Hosted By: Guideline Topic: SSH & Reverse Engineering

Benkay Japanese Restraunt & Sushi Bar - 16 Middle St - Portland, ME

Time: Doors Open at 6:00PM for registration, food, drinks and networking. Talks begin at 6:30PM.


  • Making Sense of GRC: context and strategy - Elliot Murphy

    What is the difference between governance, risk, and compliance? Where does security fit in? We’ll discuss how all the parts fit together, and clarify some of the commonly confused terms. We’ll also review suggestions for confidently making progress inside a rapidly changing legal landscape. Presentation

  • Elliptic Curve Cryptography - A short introduction - Scott Ellis

    What is it, how does it work and where is it used? Presentation

Thursday, 22 August 2019 6PM

Hosted By: OWASP Topic: Jump into Mobile AppSec with the OWASP MAS Project

IDEXX Corporate Headquarters - 1 Idexx Dr - Westbrook, ME

Time: Doors Open at 6:00PM for registration, food, drinks and networking. Talks begin at 6:30PM.


  • OWASP JuiceShop Project - Joe LeBeau

Joe will talk about OWASP JuiceShop Project, including what is is, how to set it up, and a few different ways it can be used.

  • Wireless Security Concepts Using Hak5 WiFi Pineapple and Aircrack-NG - Matt Stroder

Matt will be presenting an introduction to wireless security concepts using the Hak5 WiFi Pineapple and Aircrack-NG suite to capture and crack WPA2 PSK.

Maine Chapter Leaders

John Ellingsworth - Email - LinkedIn

Energetic leader adept at empowering software teams and driving security-focused software solutions. Extensive experience in Application and Product Security, Software Architecture and Development, Operations Management, and web technologies.

Tony Quadros - Email - LinkedIn

Working to give back to the application and software security community in northern New England by helping organize great talks, learning opportunities, and networking events for security and software development professionals with a strong interest in secure coding and web app security.

Scott Brown - Email - LinkedIn

Digital life consists of digital experiences, and applications drive these digital experiences. The only way enterprises can truly provide safe digital experiences to their customers, partners, employees and entire ecosystem, is by securing the applications at the heart of their business.

Justin Kezer - Email - LinkedIn

Experienced engineer proficient in security management and financial technology, fostering growth through innovation and partnerships. Demonstrated success in developing robust security plans and leveraging technology for unparalleled protection.