Author Archives: Webmaster

Special Halloween Offer

Haven’t bought your ticket yet? Keep calm!  🙂 The AppSec Forum Organization Committee is celebrating Halloween during the week-end and extending the ticket sales for 3 extra days!   So head off to Eventbrite and buy your ticket now!   Wishing … Continue reading

Posted in ASFWS 2014, News

Enjoy the Swiss lifestyle at the AppSec Social Events!

After the busy AppSec conference days, the evening social events will be the opportunity to have some informal networking time with other professionals while enjoying some of the best Swiss traditions. The Château Dinner (November 5th) Overlooking the Neuchâtel Lake, … Continue reading

Posted in ASFWS 2014, News

Helen Bravo

Helen Bravo is the Head of Product Management at Checkmarx.

Posted in ASFWS 2014, Speakers

AppSec Contests: Test Your Knowledge and Win Prizes!

The 2014 AppSec Forum will not only be about serious trainings and talks and there will also be some opportunities for fun and games. Participate in one of the AppSec contests on November 5th: test your Security Knowledge and win … Continue reading

Posted in ASFWS 2014, News

Nicolas Fischbach

Nicolas Fischbach is Director of Strategy, Architecture and Innovation at Colt. Before moving into this role he was in charge of Security Engineering and Operations.

Posted in ASFWS 2014, Speakers | 1 Comment

Keynote speaker: Nicolas Fischbach

The 2014 edition of the AppSec Forum will be opening its doors in exactly 3 weeks and today we are pleased to announce that Nicolas Fischbach will be the keynote speaker on Wednesday, November 5th. Working for Colt Technology Services, … Continue reading

Posted in ASFWS 2014, News

2014 Rump Session: Call for submissions

The AppSec Forum Rump Session will take place on Thursday, November 6th, between 5 and 7 pm. This is the opportunity for participants to give short talks on topics of interest to the community. Talks should be either informative or amusing… or … Continue reading

Posted in ASFWS 2014, News | Tagged

Capture The Flag (CTF) Contest

In partnership with Insomni’hack, the AppSec Forum 2014 Edition will host a Jeopardy-style CTF Contest on Wednesday, November 5th, between 5 and 7 pm. Participants will be invited to gain points by solving questions and problems in various domains such as cryptography, reverse … Continue reading

Posted in ASFWS 2014, News | 1 Comment

Special event: InnovaudConnect@APPSEC

We are pleased to announce that special event InnovaudConnect@APPSEC will take place at the Swiss Technopole Y-Parc during the next AppSec Forum on Wednesday, November 5th, between 15:45 and 18:30. This event is co-organized by AppSec partners ALPICT, Innovaud and … Continue reading

Posted in ASFWS 2014, News

Keynote speaker: Hervé Schauer

With less than 6 weeks left until the opening day of the AppSec Forum 2014 edition, the Program Committee is pleased to announced that renowned information security expert, Hervé Schauer, will be the keynote speaker on, Thursday November 6th. Hervé’s … Continue reading

Posted in ASFWS 2014, News

Hervé Schauer

Hervé Schauer est un expert renommé internationalement en sécurité des systèmes d’information.

Posted in ASFWS 2014, Speakers | 1 Comment

Detailed Event Program Now Available!

The complete AppSec Forum Western Switzerland 2014 Edition Program is now available. The full list of speakers and trainers can be found on the Program page of this site. As previously annouced, the AppSec Forum 2014 event will cover a … Continue reading

Posted in ASFWS 2014, News | Tagged , ,

Virtual Patching Automatisé des Applications Web

Le patching virtuel des applications Web est le processus par lequel les paramètres d’un pare-feu applicatif sont modifiés en fonction des résultats d’un audit de vulnérabilités. Il vise à réduire au maximum le risque d’exploitation des vulnérabilités découvertes. Pour la … Continue reading

Posted in ASFWS 2014, Student Slots | 1 Comment

TProxy: un proxy pour l’interception transparente de trafic TCP

Lorsqu’il effectue des tests de pénétration, l’auditeur moderne est parfois confronté à des services et des protocoles plus exotiques que les désormais traditionnelles applications web accessibles par HTTP ou HTTPS. Les proxies d’interception HTTP ne lui sont d’aucune aide lorsque … Continue reading

Posted in ASFWS 2014, Student Slots | 1 Comment

Finding holes: Operation Emmental

Like Swiss Emmental cheese, online banking protections may be full of holes. Banks have been trying to prevent cyber crooks from accessing their customers’ online accounts for ages. They have, in fact, invented all sorts of methods to allow their … Continue reading

Posted in ASFWS 2014, Talks | 1 Comment

Why .NET needs MACs and other serial(-ization) tales

What is the story behind Microsoft’s patches MS13-067 (SharePoint) and MS13-105 (Outlook Web Access)? What is really involved in a .NET ViewState and why did Microsoft disable the ability to turn off its integrity protection since ASP.NET version 4.5.2 (KB2905247)? … Continue reading

Posted in ASFWS 2014, Talks | 1 Comment

Offline bruteforce attack on WiFi Protected Setup

Wi-Fi Protected Setup™ is an optional certification program based on technology designed to ease the setup of security-enabled Wi-Fi networks in home and small office environments. Wi-Fi Protected Setup supports methods (pushing a button, entering a PIN, or using NFC) … Continue reading

Posted in ASFWS 2014, Talks | 2 Comments

On the Security of the iCloud Keychain

iCloud Keychain, one of the latest additions to the family of iCloud services that was pitched by  Apple. It is no doubt great for usability, but what about security? What kind of access does Apple  have to your passwords stored … Continue reading

Posted in ASFWS 2014, Talks | 1 Comment

Analyse technique d’un piratage helvétique

Il est rare qu’une affaire de piratage suisse fasse autant de vagues que le piratage d’un journaliste de la TSR cet été dans le cadre de l’affaire Giroud. Sans nous prononcer sur le fond de l’affaire nous allons décortiquer en … Continue reading

Posted in ASFWS 2014, Talks | 1 Comment

#ASFWS 2014: New speakers announced

Just a little more than two months to go before the Application Security Forum Western Switzerland opens its doors in Yverdon-les-Bains. The Program Committee is pleased to announce that the following speakers have been selected for the conferences (Second round selection): … Continue reading

Posted in ASFWS 2014, News

Sébastien Andrivet

Sébastien is playing with computers since the beginning of ’80s. After spending some years with 8-bit processor assembly programming, he specialized in the ’90 in C/C++ and i386 assembly on Win/Intel.

Posted in ASFWS 2014, Speakers | 1 Comment

Jean-Philippe Aumasson

Jean-Philippe Aumasson is Principal Cryptographer at Kudelski Security, and is employed in the Kudelski Group since 2010.

Posted in ASFWS 2014, Speakers | 1 Comment

Julien Bachmann

Even being more known at AppSecForum for iOS applications reverse engineering and auditing, Julien interest in reverse engineering is wider and applies to any kind of analysis, including malwares and operating system internals.

Posted in ASFWS 2014, Speakers | 1 Comment

Registration for AppSec trainings is now open!

Just a little more than two months to go before the Application Security Forum Western Switzerland opens its doors in Yverdon-les-Bains. The first day of the forum will be dedicated to full day appsec training sessions. You’ll find all the details … Continue reading

Posted in ASFWS 2014, News

Andrey Belenko

Andrey Belenko is a Security Engineer at viaForensics where he enjoys breaking things about as much as building things. He became interested in iOS after Apple released iOS 4, the first iOS version to feature proper data encryption.

Posted in ASFWS 2014, Speakers | 1 Comment