Let’s look back at APS 2025 — a major event in France’s security ecosystem — featuring an ambitious program masterfully led by the entire SPAC Alliance team, with the full support of our members. Workshops and demonstrations on our booth, official APS conferences… here’s the full story!
The Full Commitment of SPAC Alliance Members
Usually, thank-yous come at the end. But we prefer to begin by highlighting those who have supported this event for months — through their commitment to making sure we had a (fantastic!) booth, and by designing workshops, demonstrations, and conferences that allowed the Alliance to share its vision, prove its expertise, and convince through action.
Biometrics, SSCP, Badge Hacking and NIS 2 Compliance Demonstrations
Having a global vision of security is great — but nothing beats a live demonstration!
CLR Labs steals your face
Always fascinating and a bit unsettling, the live demonstration of a biometric data injection attack drew large crowds. You interact with a camera, but the face displayed isn’t yours — a perfect illustration of how many security systems can be bypassed in real time.
SSCP Certifications
Security starts with trusted products. Functional SSCP certifications bring transparency, supported by the European regulatory framework, and promote the interoperability of components that can be integrated into an ever-growing number of security solutions. A big thank you to Stéfane Mouille, Achraf Hadhri, Kévin Carta, and Jean Chaput!
Badge Hacking and SSCP Printer
Duplicating some of the most common badges on the market in just a few seconds was a wake-up call for many visitors. Thanks to Evolis, ACTS, and Genetec, we demonstrated that a secure technology alone is not enough: several attacks can occur as early as the design phase of an identifier — highlighting the importance of using printers capable of countering them. Many thanks to Didier Runtz and Julien Martigny for their dedication!
Audit and NIS 2 Compliance
It’s coming soon to France — and it’s already rolling out across Europe! NIS 2 was one of the most discussed topics at the show. Through on-demand mini-audits and hands-on exploration of the first available compliance framework (the Belgian CyberFundamentals), we provided concrete answers for organizations seeking compliance or — as it should be — real control over their security posture. A huge bravo to Christel Thienpont, as clear and reassuring as ever on this subject!
… not forgetting those who gave their time to help us welcome the visitors (Fabien Dudevant, Georges Menu, and many others)!
Three Days, Three Workshops
By giving the floor to our expert members, we were able to illustrate all the benefits of co-innovation and move beyond the boundaries of traditional security. Each workshop will be featured in a dedicated article to explore the topics introduced during this edition of APS.
Day 1: Managing Data Flows
From identification to strong authentication, we covered several key aspects of data flow management.
- Regulatory reminder on flow management by SPAC Alliance
- Open solution by Calypso (Julien Teixeira Costa) to ensure security in transport systems (and many other applications)
- Testimonies from STid (Tarek Attaf) and Connectwave (Sophie Tron) in the healthcare and social sectors, with a focus on retirement homes — demonstrating how security and comfort can go hand in hand for dependent individuals
- Securing badges used for strong authentication from the very moment of encoding, with Evolis / ACTS (Didier Runtz) and Genetec (Julien Martigny)
Day 2: Certification, Approval and Sovereignty
The security of tomorrow will be transparent and sovereign. Certifications and approvals serve this very goal — and in the heart of Paris, it was only natural to talk about CSPN.
- Presentation of the sovereign SSCP protocol, led by SPAC Alliance, along with functional SSCP certifications by Omnitech Sécurité (Sylvain Bosquet) and CLR Labs (Achraf Hadhri)
- Testimonies from our members certified CSPN or approved by ANSSI, presenting their solutions and discussing the value of the “security visa,” with TIL Technologies by Hirsch (Olivier Brousse), Castel / Synchronic (Yves Clousier), Secure Systems & Services (François Robeyn) and Genetec (Damien de la Hoz)
- Presentation from the Ministry of the Interior on electronic security, the importance of trusted technologies, and the protection framework within France’s most critical services
- Opening discussion on the rise of biometrics in access control. Between opportunities and threats, CLR Labs sparked a debate that lasted much of the afternoon — thank you, Achraf Hadhri!
Day 3: Choosing the Right Badge Technology
An essential component of our ecosystem, the physical badge still has a key role to play in ensuring reliable, smooth, and controlled access.
- Managing high volumes of users with Calypso, and how to ensure agility and flexibility while keeping costs under control — bravo to Manon Chaix!
- Choosing and securing badges from creation onwards, with insights from Evolis / ACTS and Genetec
- Understanding and applying continuous authentication with Alcea and Leosac — an illustration of how physical and logical access control can interact, presented by Sandrine Du Caurroy and Maxime Chamley
- To fully grasp the challenges, L-Xploit (Marion Roubaud) showcased the many ways a poor technological choice or a single vulnerability can be exploited, and presented Pentest and Red Team methodologies
Full House for the Conferences
Three conferences were held in the official APS rooms. Full audiences and lively discussions afterward showed that the entire ecosystem — as well as end users — understands how crucial knowledge sharing and expertise exchange are for designing and integrating the security solutions of tomorrow. We’ll be revisiting these sessions in November, when you’ll also be able to download the presentation materials.
Conference 1: Standardisation, Compliance and Certifications — The Impact of New European Regulations on Electronic Security
Mickaël Wajnglas and Stéfane Mouille (CLR Labs)
In summary: the new European regulations do more than just set requirements — they are fundamentally reshaping the framework of cyber resilience, component traceability, and technological sovereignty.
For security industry stakeholders, the dual challenge is clear: ensure compliance while transforming regulatory frameworks into innovation drivers.
Conference 2: Hybrid Attacks — The New Cyber Threat. Watch a Live Hacking Demonstration!
Mickaël Wajnglas and Jérémy Nedjar (L-Xploit Cyber Experts)
Hybrid attacks are a real and growing threat. The live demonstration vividly showcased simple yet highly effective techniques capable of compromising an entire system in just a few seconds — along with several exploitation methods targeting IT systems, including websites.
One quick glance at the audience was enough to see the impact of this awareness session: the reactions and engaged discussions that followed clearly showed that awareness is rising — and that’s great news.
Conference 3: Biometric Identification Technologies, AI and Injection Attacks
Mickaël Wajnglas and Achraf Hadhri (CLR Labs)
Understanding the challenges, opportunities and threats — that’s the winning trio for tomorrow’s security.
AI and biometrics are now at the core of our systems. From practical use cases to regulatory analysis, our speakers provided a clear synthesis of the issues and outlined the posture needed to embrace these innovations safely.
Launch of the SPAC Alliance Club
SPAC Alliance has always been a crossroads for the ecosystem. Bringing together professionals and institutions, the next natural step was to include end users — from CISOs to security managers, as well as design offices and consultants.
The goal? To support them throughout their security journey with expert content, dedicated services, actionable tools, and direct connections with our members. We’re extending our “early bird” offer, reducing the annual membership fee from €300 to €150 (but only for a limited time!). To take advantage of it, use the code “APS2025”.
What to Take Away from APS 2025?
As you might have guessed, our biggest takeaway is the total commitment of our members, which made this edition such a success.
Why such strong engagement, you may ask? We have a few ideas.
Support?
The NIS 2 guide, regulatory monitoring, SSCP protocol updates, the launch of our new website with its online store and Club, webinars, sales training sessions, member support — all these deliverables, tools, and resources help our members move forward with greater confidence every day.
Recognition?
This year, we had the privilege of leading one of the standards of the Cyber Resilience Act — proving our ability to manage large-scale projects and connect regulatory frameworks with real-world implementation.
Responsibility?
Our responsible approach to security — one that places the user at the center of every consideration — along with our ongoing work on the CSR Directive (CSRD) and the Ecodesign Regulation (ESPR), continues to bring people together.
Innovation and shared vision?
During the workshops, several members teamed up to present what they had built together.
Our ANSSI-certified members demonstrated the relevance of the SSCP protocol as a foundation for European sovereignty — an approach recognized by the Ministry of the Interior and by the wider ecosystem.
We believe everyone brings their own mix of motivation, contributing according to their strengths — with kindness and collaboration.
At the end of the day, it’s people who drive SPAC Alliance. That’s our true engine.
