🎅OWASP Switzerland Community Meetup, December 2025 - X-mas Edition🎄
Details
🎄 The OWASP community is getting together for a Christmas meetup this December! Join us for some security talks, good company, mulled wine 🍷 and some christmas vibes - Ugly sweaters welcome 😊
Program:
16:30 - Doors open: Grab a drink, meet old and new friends from the OWASP Switzerland community
17:00 - Hello from Ergon & OWASP Switzerland
17:05 - Beyond the Basics: Uncovering Subtle Flaws in Password Reset Mechanisms in 2025 - (Marek Rzepecki, Security Consultant @ Securitum)
17:55 - (5min break)
18:00- Introduction To AI security Threats And Countermeasures - (Thierry Nkoutche, Security & Risk Consultant @ SBB)
18:55 - (10 min break)
19:05 - Token Exchange As A Security Measure - (Urs Zurbuchen, Principal Security Consultant @ Airlock)
19:40 - Networking & Glühwein 🍷🎅🏼🎄 - Grab a bite and chat with old and new friends
Talk Details:
Beyond the Basics: Uncovering Subtle Flaws in Password Reset Mechanisms in 2025 by Marek Rzepecki:
This session explores lesser-known weaknesses in password reset flows that can enable attackers to compromise arbitrary accounts. The speaker will demonstrate fresh techniques observed during real-world penetration tests on production applications (in 2024 and 2025), highlighting how seemingly minor flaws can escalate into full account takeover.
Introduction To AI security Threats And Countermeasures by Thierry Nkoutche:
AI is a double-edged sword for businesses. On one hand, it offers new opportunities, but it also brings a new wave of threats. In this session, we will review AI concepts such as machine Learning, deep Learning, artificial neural networks. Then, using concrete use cases, we will discuss the main security threats and the existing countermeasures.
Token Exchange As A Security Measure by Urs Zurbuchen:
Tokens are everywhere nowadays, and many applications use them for authentication and authorization. But what dangers lurk? How can zero trust be achieved and unauthorized cross-access prevented? The presentation shows the technical details and elegance of the solution with token exchange.