Conference 2017

Program

November 15th to 16th, 2017
Y-PARC, Yverdon-les-Bains

Cutting Edge Technical Talks... and more!

Wednesday 15th November 2017

08:30 - 09:00 Welcome and coffee
09:00 - 09:15 Opening
09:15 - 10:00
From zero to sixty in three years (EN)
Jad Boutros (Snapchat, Inc.)
10:00 - 10:10 Room change
10:10 - 11:00
Fingerprint all the things with scannerl (EN)
Adrien Giner (Kudelski Security)
Security Breaches: what's your legal obligations and how to survive to a breach? (FR)
Sylvain Métille (HDC)
11:00 - 11:30 Coffee break
11:30 - 12:30
Security review of proximity technologies: beacons and physical (FR)
Renaud Lifchitz (Econocom Digital Security)
Active Directory Threats & Detection: Heartbeat that keeps you alive may also kill you! (EN)
Harman Singh (Defendza)
12:30 - 13:30 Lunch
13:30 - 14:20
Hydrabus: Lowering the entry fee to the IoT bugfest (EN)
Benjamin Vernoux (Hydrabus)
Workshop: Hands-On Security Lab with Hacking-Lab (EN/FR)
Philipp Sieber (Compass Security)
Nicolas Heiniger (Compass Security)
Sylvain Heiniger (Compass Security)
Workshop: La ‘santé légale’ des gardiens de vos données vitales ? Le ‘legal hacking’ amène de premières réponses publiques... (FR)
Eric Sinot
14:20 - 15:10
Locky Strike: Smoking the Locky Ransomware Code (EN)
Rommel Joven (Fortinet)
15:10 - 15:40 Coffee break
15:40 - 16:30
Fighting Cyber Threats to Switzerland (FR)
Mauro Vignati (Swiss Government)
16:30 - 17:00 Welcome to Corporate event / Coffee break
17:00 - 17:45
Java JSR 241 and 341 - RCE state of mind (EN)
Gregory Draperi

 Corporate event







17:45 - 18:30
Let’s Play with WinDBG & .NET (FR)
Paul Rascagneres (Cisco Talos)
18:30 - 19:15 Aperitif
19:15 - 19:30 Travel
(Bus or personnal car)
(Bus departure at 19:15)
19:30 - 23:00 Evening
"La Prairie"

Thursday 16th November 2017

08:45 - 09:15 Welcome and coffee
09:15 - 10:00
16 ans de (cyber)-sécurité en Suisse Romande : évolutions, perspectives (FR)
Paul Such (Hacknowledge)

10:00 - 10:10 Room change
10:10 - 11:00
Exploiting hash collisions (EN)
Ange Albertini (Google)

Leveraging threat modelling for improved information risk management (FR)
Stéphane Adamiste (ELCA Informatique SA)

11:00 - 11:30 Coffee break
11:30 - 12:30
Parsing JSON is a Minefield (FR)
Nicolas Seriot (Swissquote Bank)

Turla APT - Attack against Ruag Conf (EN)
Andreas Greulich (MELANI/GovCERT.ch)
Reto Inversini (MELANI/GovCERT.ch)
12:30 - 13:30 Lunch
13:30 - 14:20
Down The Rabbit Hole: How Hackers Exploit Weak SSH Credentials To Build DDoS Botnets (EN)
Christophe Tafani-Dereeper (EPFL)

Workshop: Hydrabus on IoT (EN/FR)
Benjamin Vernoux (Hydrabus)

Black Alps badge hacking (FR/EN)
Nicolas Oberli (Black Alps)

Y-NOT-CTF

@HEIG-VD

Free registration

Welcome@13:30
Start@14:00
End@19:00

Awards@19:15
14:20 - 15:10
Improvements to Internet Voting in Geneva (FR)
Thomas Hofer (Etat de Genève)

15:10 - 15:40 Coffee break
15:40 - 16:30
Snuffleupagus - Killing bugclasses in php7, virtual-patching the rest (FR)
Julien Voisin (NBS System)
Sébastien Blot (NBS System)
Rump session
16:30 - 17:00 Travel to HEIG-VD
(Bus or personal car)
(Bus departure at 16:40)
17:00 - 18:30 Y-SECURITY
@HEIG-VD
18:30 - 19:30 Aperitif @HEIG-VD
19:30 - 19:45 Travel
(Bus or personal car)
(Bus departure at 19:30)
19:45 - 23:00 Evening
"Switzerland"

Legend

         Neutral - Plenary - Keynote

         Talk in the track "attacks"

         Talk in the track "lessons learned"

         Workshop

         Side events

         Evenings

Talk selection process

A call for proposal (CFP) was organized. The program committee was in charge to select the talks (except the keynotes and rumps). The submission process is now closed (it was open until January 1, 2000.).

Program committee

The program committee is composed of international renowned experts in the field.

  • Julien Bachmann , Hacknowledge (chair)
  • Pascal Junod , Snap
  • Sébastien Larinier , Sekoia
  • Sylvain Pelissier , Kudelski Security
  • Nicolas Ruff , Google
  • Aurélien Wailly , Amazon Web Services
  • Candid Wüest , Symantec