Schedule

Talks, workshops, side events and evenings

Video records are available!

You can access the records of the talks on our talks page.

Download the program

You can download the program in PDF here: day 1 (15.11) and day 2 (16.11).

Wednesday 15th November 2017

08:30 - 09:00 Welcome and coffee
09:00 - 09:15 Opening
09:15 - 10:00
From zero to sixty in three years (EN)
Jad Boutros (Snapchat, Inc.)

10:00 - 10:10 Room change
10:10 - 11:00
Fingerprint all the things with scannerl (EN)
Adrien Giner (Kudelski Security)

Security Breaches: what's your legal obligations and how to survive to a breach? (FR)
Sylvain Métille (HDC)

11:00 - 11:30 Coffee break
11:30 - 12:30
Security review of proximity technologies: beacons and physical (FR)
Renaud Lifchitz (Econocom Digital Security)

Active Directory Threats & Detection: Heartbeat that keeps you alive may also kill you! (EN)
Harman Singh (Defendza)

12:30 - 13:30 Lunch
13:30 - 14:20
Hydrabus: Lowering the entry fee to the IoT bugfest (EN)
Benjamin Vernoux (Hydrabus)

Workshop: Hands-On Security Lab with Hacking-Lab (EN/FR)
Philipp Sieber (Compass Security)
Nicolas Heiniger (Compass Security)
Sylvain Heiniger (Compass Security)
Workshop: La ‘santé légale’ des gardiens de vos données vitales ? Le ‘legal hacking’ amène de premières réponses publiques... (FR)
Eric Sinot

14:20 - 15:10
Locky Strike: Smoking the Locky Ransomware Code (EN)
Rommel Joven (Fortinet)

15:10 - 15:40 Coffee break
15:40 - 16:30
Fighting Cyber Threats to Switzerland (FR)
Mauro Vignati (Swiss Government)

16:30 - 17:00 Welcome to Corporate event / Coffee break
17:00 - 17:45
Java JSR 241 and 341 - RCE state of mind (EN)
Gregory Draperi

Corporate event







17:45 - 18:30
Let’s Play with WinDBG & .NET (FR)
Paul Rascagneres (Cisco Talos)

18:30 - 19:15 Aperitif
19:15 - 19:30 Travel
(Bus or personnal car)
(Bus departure at 19:15)
19:30 - 23:00 Evening
"La Prairie"

Thursday 16th November 2017

08:45 - 09:15 Welcome and coffee
09:15 - 10:00
16 ans de (cyber)-sécurité en Suisse Romande : évolutions, perspectives (FR)
Paul Such (Hacknowledge)

10:00 - 10:10 Room change
10:10 - 11:00
Exploiting hash collisions (EN)
Ange Albertini (Google)

Leveraging threat modelling for improved information risk management (FR)
Stéphane Adamiste (ELCA Informatique SA)

11:00 - 11:30 Coffee break
11:30 - 12:30
Parsing JSON is a Minefield (FR)
Nicolas Seriot (Swissquote Bank)

Turla APT - Attack against Ruag Conf (EN)
Andreas Greulich (MELANI/GovCERT.ch)
Reto Inversini (MELANI/GovCERT.ch)
12:30 - 13:30 Lunch
13:30 - 14:20
Down The Rabbit Hole: How Hackers Exploit Weak SSH Credentials To Build DDoS Botnets (EN)
Christophe Tafani-Dereeper (EPFL)

Workshop: Hydrabus on IoT (EN/FR)
Benjamin Vernoux (Hydrabus)

Black Alps’ badge hacking (FR/EN)
Nicolas Oberli (Black Alps)

Y-NOT-CTF

@HEIG-VD

Free registration

Welcome@13:30
Start@14:00
End@19:00

Awards@19:15
















14:20 - 15:10
Improvements to Internet Voting in Geneva (FR)
Thomas Hofer (Etat de Genève)

15:10 - 15:40 Coffee break
15:40 - 16:30
Snuffleupagus - Killing bugclasses in php7, virtual-patching the rest (FR)
Julien Voisin (NBS System)
Sébastien Blot (NBS System)
Rump session
16:30 - 17:00 Travel to HEIG-VD
(Bus or personnal car)
(Bus departure at 16:40)
17:00 - 18:30 Y-SECURITY
@HEIG-VD
18:30 - 19:30 Aperitif @HEIG-VD
19:30 - 19:45 Travel
(Bus or personnal car)
(Bus departure at 19:30)
19:45 - 23:00 Evening
"Switzerland"

Legend

         Neutral - Plenary - Keynote

         Talk in the track "attacks"

         Talk in the track "lessons learned"

         Workshop

         Side events

         Evenings

Entreprise en cyber-danger ! Comment se défendre ?

Corporate event

Cet évènement est principalement destiné aux entreprises souhaitant comprendre les enjeux de la cyber-sécurité. Il sera principalement en français.

Programme

L'évènement sera animé par Yohann Perron (Alp ICT)

Dès 16h30 Accueil des participants
17h00 Accueil et ouverture Patrick Barbey (Innovaud)
17h05 Cyberattaques : état de la menace pour les entreprises en Suisse (FR)Mathieu Simonin (MELANI)
17h25 Quelle stratégie de sécurité pour protéger efficacement les données de l'Etat de Vaud ? (FR)Marc Barbezat (Etat de Vaud)
17h40 Utilité d’un service de type MDR (managed detection response) (FR)Paul Such (Hacknowledge)
17h50 Securing Data on the Cloud: Risks and Challenges (EN)Andy Yen (Proton Mail)
18h00 Securing data even when endpoints or networks get breached (EN)Cristian Zamfir (Cyberhaven)
18h10 Table ronde

Inscriptions

Les participants possédant un ticket pour Black Alps (Regular ou VIP) peuvent accéder à cet évènement sans billet supplémentaire.

Il est possible de participer uniquement à cet évènement (sans entrée à Black Alps). L'inscription se fait alors avec l'achat d'un ticket Black Alps 2017 - Corporate event ONLY (15 Nov) au prix de CHF 30.-.

Co-organisateurs

Evenings

La Prairie evening - Wednesday 15th November 2017

We will share a "Risotto nel parmigiano" (rice and cheese) in the hotel La Prairie.

We will meet here at 20h00.

Travel

Each participant may drive from Y-Parc to the restaurant at La Prairie with their own car.

A bus will be organized from Y-PARC to La Prairie. Bus departure is planned at 19:15 in front of the conference building (rue Galilée 2).

Website

Location

Hôtel La Prairie
Avenue des Bains 9
CH-1400 Yverdon-les-Bains
Switzerland







"Switzerland" evening - Thursday 16th November 2017

We will share a "Fondue" (cheese fondue) in the restaurant of Y-PARC Y-PARC RESTO. A few animations are planned :-)

We will meet here at 19:30.

Travel

We will finish the event Y-SECURITY at the HEIG-VD. Each participant may drive from the HEIG-VD to the Y-PARC restaurant with their own car.

A bus will be organized from the HEIG-VD to the Y-PARC restaurant. Bus departure is planned at 19:30 in the parking of HEIG-VD.

Website

Location

Restaurant Y-PARC
Rue Galilée 13
CH - 1400 Yverdon-les-Bains
Switzerland

+41 (0) 24 4 239 239