Conference 2025

Program

November 20th to 21st, 2025
La Marive, Yverdon-les-Bains

Cutting Edge Technical Talks... and more!

#BlackAlps25 program has been prepared by an independent, neutral committee of internationally recognized experts. The program committee reviewed many proposals and selected the most appropriate and interesting talks for the conference (except the keynotes and rumps).

Learn more about the Call For Proposal and committee.

Most of the program is at La Marive, Yverdon-les-Bains, except specific side events like the Networking dinner.

Thursday November 20th, 2025

08:30 - 09:00
LIVE
Welcome and coffee
09:00 - 09:15
LIVE
Opening Words, Day 1 (en)
Sylvain Pasini (HEIG-VD, president of Black Alps )
09:15 - 09:45
LIVE
[Keynote] Ransomware Up Close : Exploring A Crisis From Inside (en)
Stefan Dydak (Adnovum)
09:50 - 10:20
LIVE
Building An ISAC For The Railway Sector (en)
Reto Inversini
Alexandre Herzog
10:20 - 10:45
LIVE
Coffee Break
10:45 - 11:15
LIVE
No App? No Problem: Fuzzing Librairies With Automatic Driver Generation (en)
Flavio Toffalini
Nicolas Badoux
11:20 - 11:50
LIVE
Siemply Irresistible: When Attackers Love Your SIEM More Than You Do (en)
Melina Philips (GCI)
11:55 - 12:25
LIVE
HTTP/3 On The Racetrack – Introducing Quickdraw (en)
Maor Abutbul (CyberArk )
12:25 - 14:10
LIVE
Lunch
14:10 - 14:40
LIVE
Investigating An In-The-Wild Campaign Using RCE In CraftCMS (en)
Nicolas Bourras
14:45 - 15:15
LIVE
Speculative-Execution Attacks And Implications For Confidential Computing (en)
Kaya Ercihan (Switch)
15:20 - 15:50
LIVE
All You Can Leak: Real Tales Of Publicly Leaked Kubernetes Secrets (en)
Guillaume Valadon (GitGuardian)
15:50 - 16:15
LIVE
Coffee Break
16:15 - 16:45
LIVE
Goodbye Purple Team, Hello Purple Bots (en)
Ralph El Khoury
Patrick Mkhael
16:50 - 17:20
LIVE
Guess Who’s Coming To Room 305: Hacking Hotel Doors With Just A Name And a Date (en)
Fabrice Caralinda
17:45 - 18:15
LIVE
Travel
18:00 - 23:00
LIVE
Networking dinner Salle des quais (Grandson)
Salle des quais (Grandson)
Mandatory registration
Aperitif at 18:00
Dinner at 19:30
23:30 - 00:00
LIVE
Travel

Friday November 21st, 2025

08:30 - 09:00
LIVE
Welcome and coffee
09:00 - 09:10
LIVE
Opening Words, Day 2 (en)
Sylvain Pasini (HEIG-VD, president of Black Alps )
09:10 - 09:40
LIVE
[Keynote] AI: Emerging Risks And New Threats (en)
Dr. Raphael Reischuk (Swiss National Test Institute for Cybersecurity NTC )
09:45 - 10:15
LIVE
Project Brainfog: Beyond The Facade – Exposing Smart Giants (en)
Gjoko Krstic (Zero Science Lab )
10:15 - 10:40
LIVE
Coffee Break
10:40 - 11:10
LIVE
CLFS Uncontained: Exploiting CLFS Without Touching The Log (en)
Marco Ortisi
11:15 - 11:45
LIVE
Plugins Gone Rogue: Attacking Developer Environments (en)
Raphael Silva (Checkmarx)
11:50 - 12:20
LIVE
Who Watches The Watchmen ? Reversing Video Surveillance Equipment … (en)
Antonio Vázquez Blanco
12:20 - 14:05
LIVE
Lunch
14:05 - 14:35
LIVE
Project Headend And Then ST16CF54 (en)
Travis Goodspeed
14:40 - 14:55
LIVE
Bacteria : Attacking Bacnet In Modern Building Automation Systems (en)
AdriNels
14:55 - 15:10
LIVE
Level Up Your Malware: A Practical Journey Into EDR Evasion (en)
Baptiste Copros (EPFL)
15:15 - 15:45
LIVE
Trust Me, I’m A ShortCut: New Link Abuse Methods (en)
Wietze Beukema
15:45 - 16:10
LIVE
Coffee Break
16:10 - 16:40
LIVE
Unicode As Low-level Attack Primitive (en)
Alexandre Zanni (Synacktiv )
16:45 - 17:45
LIVE
Rump Session (fr-en)
Several speakers
17:45 - 19:00
LIVE
Aperitif
19:00 - 00:00
LIVE
Black Dinner
(La Marive)
Free for all
Black Alps participants

Legend

 
Conference
 
Keynote
 
Lightning Talks
 
Evening

Talk selection process

A call for proposal (CFP) was organized. The program committee was in charge to select the talks (except the keynotes and rumps). The submission process is now closed (it was open until July 31, 2025.).

Program committee

The program committee is composed of international renowned experts in the field.

  • Nicolas Oberli , Blackalps (chair)
  • Ange Albertini , Corkami
  • Axelle Apvrille , Fortinet
  • Gynvael Coldwind , HexArcana
  • Michał Kowalczyk
  • Sylvain Pelissier , SICPA
  • Christophe Tafani-Dereeper
  • Candid Wüest , xorlab

Proposal topics

  • Application security
  • Vulnerability research and exploits development
  • Penetration testing and red teaming
  • Cloud security
  • Security automation
  • Network security
  • Intrusion detection and monitoring
  • Cryptography