Conference 2025

Schedule

November 20th to 21st, 2025
La Marive, Yverdon-les-Bains

Program

Cutting Edge Technical Talks... and more!

#BlackAlps25 program has been prepared by an independent committee.

All sub-events are at La Marive, Yverdon-les-Bains, except the Networking dinner.

Thursday November 20th, 2025

08:30 - 09:00
LIVE
Welcome and coffee
09:00 - 09:15
LIVE
Opening Words, Day 1(en)
Sylvain Pasini (HEIG-VD, president of Black Alps )
09:15 - 09:45
LIVE
[Keynote] Ransomware Up Close : Exploring A Crisis From Inside(en)
Stefan Dydak (Adnovum)
09:50 - 10:20
LIVE
Building An ISAC For The Railway Sector(en)
Reto Inversini
Alexandre Herzog
10:20 - 10:45
LIVE
Coffe Break
10:45 - 11:15
LIVE
No App? No Problem: Fuzzing Librairies With Automatic Driver Generation(en)
Flavio Toffalini
Nicolas Badoux
11:20 - 11:50
LIVE
Siemply Irresistible: When Attackers Love Your SIEM More Than You Do(en)
Melina Philips (GCI)
11:55 - 12:25
LIVE
HTTP/3 On The Racetrack – Introducing Quickdraw(en)
Maor Abutbul (CyberArk )
12:25 - 14:10
LIVE
Lunch
14:10 - 14:40
LIVE
Investigating An In-The-Wild Campaign Using RCE In CraftCMS(en)
Nicolas Bourras
14:45 - 15:15
LIVE
Speculative-Execution Attacks And Implications For Confidential Computing(en)
Kaya Ercihan (Switch)
15:20 - 15:50
LIVE
All You Can Leak: Real Tales Of Publicly Leaked Kubernetes Secrets(en)
Guillaume Valadon (GitGuardian)
15:50 - 16:15
LIVE
Coffe Break
16:15 - 16:45
LIVE
Goodbye Purple Team, Hello Purple Bots(en)
Ralph El Khoury
Patrick Mkhael
16:50 - 17:20
LIVE
Guess Who’s Coming To Room 305: Hacking Hotel Doors With Just A Name And a Date(en)
Fabrice Caralinda
17:45 - 18:15
LIVE
Travel
18:00 - 23:00
LIVE
Networking dinner Salle des quais (Grandson)
23:30 - 00:00
LIVE
Travel

Friday November 21st, 2025

08:30 - 09:00
LIVE
Welcome and coffee
09:00 - 09:10
LIVE
Opening Words, Day 2(en)
Sylvain Pasini (HEIG-VD, president of Black Alps )
09:10 - 09:40
LIVE
[Keynote] AI: Emerging Risks And New Threats(en)
Dr. Raphael Reischuk (Swiss National Test Institute for Cybersecurity NTC )
09:45 - 10:15
LIVE
Project Brainfog: Beyond The Facade – Exposing Smart Giants(en)
Gjoko Krstic (Zero Science Lab )
10:15 - 10:40
LIVE
Coffe Break
10:40 - 11:10
LIVE
CLFS Uncontained: Exploiting CLFS Without Touching The Log(en)
Marco Ortisi
11:15 - 11:45
LIVE
Plugins Gone Rogue: Attacking Developer Environments(en)
Raphael Silva (Checkmarx)
11:50 - 12:20
LIVE
Who Watches The Watchmen ? Reversing Video Surveillance Equipment …(en)
Antonio Vázquez Blanco
12:20 - 14:05
LIVE
Lunch
14:05 - 14:35
LIVE
Project Headend And Then ST16CF54(en)
Travis Goodspeed
14:40 - 14:55
LIVE
Bacteria : Attacking Bacnet In Modern Building Automation Systems(en)
AdriNels
14:55 - 15:10
LIVE
Level Up Your Malware: A Practical Journey Into EDR Evasion(en)
Baptiste Copros (EPFL)
15:15 - 15:45
LIVE
Trust Me, I’m A ShortCut: New Link Abuse Methods(en)
Wietze Beukema
15:45 - 16:10
LIVE
Coffe Break
16:10 - 16:40
LIVE
Unicode As Low-level Attack Primitive(en)
Alexandre Zanni (Synacktiv )
16:45 - 17:45
LIVE
Rump Session(fr-en)
Several speakers
17:45 - 19:00
LIVE
Aperitif
19:00 - 00:00
LIVE
CTF
(La Marive)
Mandatory registration

Welcome at 18:45
Start at 19:15
End at 23:30

Awards at 23:45
LIVE
Black Dinner
(La Marive)
Free for all
Black Alps participants

Legend

 
Conference
 
Keynote
 
Talk in the track "lessons learned"
 
Evening

Talk selection process

A call for proposal (CFP) was organized. The program committee was in charge to select the talks (except the keynotes and rumps). The submission process is now closed (it was open until January 1, 2000.).

Program committee

The program committee is composed of international renowned experts in the field.

  • Nicolas Oberli, Blackalps (chair)
  • Ange Albertini, Corkami
  • Axelle Apvrille, Fortinet
  • Gynvael Coldwind, HexArcana
  • Michał "Redford" Kowalczyk
  • Sylvain Pelissier, SICPA
  • Christophe Tafani-Dereeper
  • Candid Wüest, xorlab

Proposal topics

  • Application security
  • Vulnerability research and exploits development
  • Penetration testing and red teaming
  • Cloud security
  • Security automation
  • Network security
  • Intrusion detection and monitoring
  • Cryptography