Guide · May 2026
Cybersecurity AI in the Baltimore-DC corridor
The strip of I-95 between Baltimore and DC is one of the densest cybersecurity-AI clusters on Earth. Most people outside the industry don't know it exists.
Drive south on I-95 from Baltimore. In about thirty minutes you'll pass within a few miles of: NSA headquarters at Fort Meade, Johns Hopkins APL in Laurel, the offices of Tenable, ZeroFox, Huntress, Blackpoint Cyber, QOMPLX, and CyberPoint International. It's one of the most concentrated cybersecurity-AI clusters anywhere — and it's invisible from outside the industry because almost all of these companies sell to enterprises, governments, and other security companies.
Why this cluster exists where it does
The honest answer: NSA. Fort Meade has been pumping out cybersecurity talent for fifty years, and after the Snowden disclosures accelerated NSA-to-private-sector flow, that talent largely stayed in Maryland. Blackpoint Cyber was founded by former NSA staff. So were many of the technical leads at Tenable, ZeroFox, and CyberPoint. Hopkins APL contributes a separate but adjacent talent stream.
Add the federal customer base — DC is right there — and you have the conditions for a self-sustaining cluster.
What "cybersecurity AI" means here
It is mostly not what consumer AI press covers. There are very few LLM products in this cluster. What you'll find instead:
- Anomaly detection on telemetry. Endpoint, network, identity, cloud — the volumes are so large that ML triage is the only way to make human analysts effective. Huntress and Tenable are the canonical examples.
- Graph-based threat modeling. QOMPLX leans heavily into graph analytics over enterprise telemetry to score risk.
- NLP on threat intelligence. ZeroFox is the loudest example — public web and dark web monitoring with NLP at the core.
- Adversarial ML research. Less commercialized, mostly inside Hopkins APL, CyberPoint, and federal labs.
The hiring market is unusual
Several things to know if you're considering joining this cluster:
- Many roles require security clearances. This narrows the candidate pool dramatically and pushes salaries up. If you don't have a clearance, Huntress and Tenable's commercial sides are your most accessible entry points.
- Career mobility within the cluster is high. People rotate between ZeroFox, Tenable, Blackpoint, and APL like it's one company. If you join one, you've effectively joined all of them.
- The product engineering culture is conservative. These companies sell to security-conscious customers. Trunk-based development with feature flags and continuous deployment is rare. Releases are scheduled, regression-tested, and signed off.
What's not happening here (yet)
A few categories the cluster is underweight in:
- AI-for-AI-security. As LLM applications proliferate, the security stack for them — prompt injection defense, model supply chain, agent sandboxing — is mostly being built in the Bay Area. The Baltimore-DC cluster has the talent for this and isn't moving fast enough.
- Consumer-facing security AI. Apart from password managers and a few SMB-targeted MDR products, the cluster doesn't really do consumer.
What to read next
- AI companies in Baltimore: a 2026 field guide
- Hopkins APL: spinouts and the unsung half of Baltimore AI
Last updated May 2026.