BLACK ALPS

November 20th & 21st, 2025
Yverdon-les-Bains, Switzerland

Program

Cutting Edge Technical Talks... and more!

#BlackAlps25 program has been prepared by an independent, neutral committee of internationally recognized experts. The program committee reviewed many proposals and selected the most appropriate and interesting talks for the conference (except the keynotes and rumps). Learn more about the Call For Proposal and committee.

All sub-events are at La Marive, except the Networking dinner (Nov 20th 2025).

Thursday November 20th, 2025

08:30 - 09:00
Welcome and coffee
09:00 - 09:15
Opening words, Nov 20th
Sylvain Pasini (HEIG-VD, president of Black Alps)
09:15 - 09:45
To be announced
09:50 - 10:20
Building an ISAC for the Railway Sector
Alexandre Herzog
Reto Inversini
10:20 - 10:45
Coffee break
10:45 - 11:15
No App? No Problem: Fuzzing Libraries with Automatic Driver Generation
Flavio Toffalini
Nicolas Badoux
11:20 - 11:50
SIEMply Irresistible: When Attackers Love Your SIEM More Than You Do
Melina Phillips (GCI)
11:55 - 12:25
HTTP/3 on the RaceTrack - Introducing QuicDraw
Maor Abutbul (CyberArk)
12:25 - 14:10
Lunch
14:10 - 14:40
Investigating an in-the-wild campaign using RCE in CraftCMS
Nicolas Bourras
14:45 - 15:15
Speculative-Execution Attacks and Implications for Confidential Computing
Kaya Ercihan (Switch)
15:20 - 15:50
All You Can Leak: Real Tales of Publicly Leaked Kubernetes Secrets
Guillaume Valadon (GitGuardian)
15:50 - 16:15
Coffee break
16:15 - 16:45
Goodbye Purple Team, Hello Purple Bots
Ralph El Khoury
Patrick Mkhael
16:50 - 17:20
Guess Who’s Coming to Room 305: Hacking Hotel Doors with Just a Name and a Date
Fabrice Caralinda
17:45 - 18:15
Travel
(17:50, bus departure from La Marive to Salle des Quais)
from 18:00
Networking dinner
Salle des quais (Grandson)
Mandatory registration
Aperitif at 18:00
Dinner at 19:30
23:30 - 00:00
Travel
(Bus departure from Salle des Quais to Yverdon train station, La Marive, and Grand Hotel des Bains)

Friday November 21st, 2025

(Bus departure from Grand Hotel des Bains to La Marive)
08:30 - 09:00
Welcome and coffee
09:00 - 09:10
Opening words, Nov 21st
Sylvain Pasini (HEIG-VD, president of Black Alps)
09:10 - 09:40
To be announced
09:45 - 10:15
Project Brainfog: Beyond the facade - Exposing smart giants
Gjoko Krstic (Zero Science Lab)
10:15 - 10:40
Coffee break
10:40 - 11:10
CLFS Uncontained: Exploiting CLFS Without Touching the Log
Marco Ortisi
11:15 - 11:45
Plugins Gone Rogue: Attacking Developer Environments
Raphael Silva (Checkmarx)
11:50 - 12:20
Who watches the watchmen? Reversing video surveillance equipment…
Antonio Vázquez Blanco
12:20 - 14:05
Lunch
14:05 - 14:35
Project Headend and the ST16CF54
Travis Goodspeed
14:40 - 14:55
BACteria: Attacking BACnet in Modern Building Automation Systems
AdriNels
14:55 - 15:10
Level Up Your Malware: A Practical Journey into EDR Evasion
Baptiste Copros
15:15 - 15:45
Trust Me, I’m a Shortcut: New LNK Abuse Methods
Wietze Beukema
15:45 - 16:10
Coffee break
15:50 - 16:20
Unicode as low-level attack primitive
Alexandre Zanni (Synacktiv)
16:45 - 17:45
Rump session (fr/en)
Several speakers
17:45 - 19:00
Closing aperitif
from 19:00
Black dinner
(La Marive)
Free for all
Black Alps participants
CTF
(La Marive)
Mandatory registration

Welcome at 18:45
Start at 19:15
End at 23:30

Awards at 23:45

Legend

 
Conference
 
Keynote
 
Talk in the track "lessons learned"
 
Side event
 
Evening