[Event Report] CODE BLUE 2025, Japan’s Premier International Cybersecurity Conference, Concludes Successfully

The international cybersecurity conference “CODE BLUE 2025,” held in Takadanobaba, Shinjuku, Tokyo, has successfully concluded following the completion of its full program (Training: November 16–17; Conference: November 18–19). The event brought together a wide range of industry professionals, including cybersecurity researchers from Japan and abroad, providing a platform for sharing the latest insights and fostering collaboration through talks, trainings, workshops, and networking events. The next “CODE BLUE 2026” is scheduled to take place on November 17–18, 2026.

Scene from CODE BLUE 2025

【World-Class Speakers Take the Stage at the Conference】

At the conference, pioneering and insightful research was presented across a wide range of fields—including technology, cybercrime, and law and policy—through a highly competitive selection process, with an acceptance rate of approximately 1 in 19. In addition to the main sessions, the program featured “U25” sessions for young researchers, “Bluebox” sessions focused on open-source software (OSS), as well as “Open Talks” hosted by sponsoring companies, offering diverse perspectives and opportunities for knowledge sharing.

The conference opened with a keynote address by David Brumley, a leading authority in the field of software security automation. He shared his perspective on the relationship between AI and cybersecurity, emphasizing the importance of building systems with autonomous feedback loops that learn from failures and advocating for such systems to work collaboratively with humans. As a special session, a panel discussion was held featuring David Brumley and top-ranked participants of the “AI×CC (AI Cyber Challenge).” The discussion explored the cutting edge of AI and cybersecurity, as well as future directions for the field.

Keynote speech by David Brumley

Additionally, several sessions drew particular attention from attendees. Stty K presented findings from an original investigation into North Korean IT workers who assume false identities to work for overseas companies. Stav Cohen showcased multiple examples of the new threat known as “Promptware” attacks, targeting AI services such as Google’s Gemini, illustrating cybersecurity challenges that directly affect widely used AI platforms.

The conference concluded with a session featuring Kazutaka Nakamizo, Deputy Director-General, National Cybersecurity Office (NCO). He provided an overview of Japan’s latest policy initiatives to ensure cybersecurity, including the recently enacted “Proactive Cyber Defense” legislation and the ongoing formulation of the national cybersecurity strategy.

Closing Keynote by Kazutaka Nakamizo, National Cybersecurity Office (NCO)

【U25 Track: Research and Development Incentives Presented to Taiwanese Researchers】

At CODE BLUE, a Youth Track (U25 Track) is established to support young engineers and researchers by providing them with opportunities to present their work. This year, Yong-Xu Yang and Yu-Xuan Luo introduced a new framework combining real-world and simulated environments to enable analysis of highly obfuscated rootkits, while Junho Lee and HyunA Seo presented “BOOTKITTY,” a bootkit and rootkit framework for Windows, Linux, and Android, highlighting the realities of low-level attacks and the importance of defensive measures. The review board highly praised the technical depth of all presentations, and following a rigorous review, three researchers, including Yong-Xu Yang, were awarded research and development incentives in recognition of their outstanding work.

Yu-Xuan Luo (left) and Yong-Xu Yang (center), recipients of research and 

development incentives, with Asuka Nakajima (right) of the review board

【Internationally Renowned Workshops Take Place in Tokyo】

At this year’s conference, a total of 12 contests and workshops were held, including blue team and red team exercises, as well as Capture The Flag (CTF) challenges targeting IoT services and OT devices. Notably, several internationally recognized workshops that are typically held at conferences around the world were also featured at CODE BLUE. Building on last year’s workshops focusing on automobiles and medical devices, this year introduced new themes including aerospace, IoT, and maritime, with dedicated areas in the venue collectively referred to as “Villages.”

Villages Expanded in Scale This Year

Many of the workshops were designed to accommodate participants ranging from beginners to experienced professionals. Attendee feedback included comments such as, “Even beginners could enjoy it,” “The CTF challenges helped me gain practical knowledge,” and “It was so engaging that I focused entirely on it instead of other sessions,” according to the results of the feedback survey.

Scene from Workshops and Contests

【Intensive Training Courses to Master Cutting-Edge Technologies】

Prior to the conference, from November 16–17, four training courses were held covering topics such as AI agent security, the latest web and application hacking techniques, decompiling and programming with IDA Pro, and Windows event log analysis. These courses provided participants with a unique opportunity to learn practical skills directly from cybersecurity specialists active on the front lines, and they received high praise from attendees for their hands-on, expert-led instruction.

Scene from Training: Advanced Windows Event Log Analysis 

and Threat Hunting with Yamato Security Tools

【Connecting Professionals from All Backgrounds; Next Year’s Conference Dates Confirmed】

The conference welcomed attendees from 40 countries and regions across Asia, Europe, the Americas, the Middle East, Africa, and Latin America. Attendance has now returned to pre-COVID levels, and participants were observed actively engaging with each other throughout the venue, exhibition booths, and networking parties.

Attendee feedback included comments such as, “I was able to access the latest cybersecurity information available only here,” “I gained a comprehensive understanding of products and trends from leading companies in the field,” and “I met various stakeholders and expanded my professional network.” Many attendees expressed high expectations for next year’s conference.

CODE BLUE Provided a Wide Range of Networking Opportunities

This year, approximately 50 student staff, selected from a large pool of applicants, supported the operation of the conference. One of CODE BLUE’s goals is to provide outstanding students with opportunities to participate on the international stage, and the student volunteer program continues to be a key part of this effort. Many students took the chance to attend sessions between their activities and to engage directly with industry experts and companies at the forefront of cybersecurity, gaining firsthand experience of an international conference.

At the closing ceremony, Shinoda, the representative of the secretariat, announced the dates for CODE BLUE 2026. The next conference will be held on November 17–18, 2026, at the same venue, Bellesalle Takadanobaba (further details will be announced once confirmed). CODE BLUE will continue to promote international information exchange and networking opportunities in the field of cybersecurity.

Sponsor Booths at the Conference Venue

<CODE BLUE 2025 Archived Session Videos>

Conference ticket holders can access the archive videos on Eventory until December 31, 2025. Only sessions for which the speakers have granted permission are available. Videos for the general public are scheduled to be made available on YouTube starting January 2026.

For instructions on how to access the archive videos on Eventory, please refer to the following link:

https://codeblue.jp/en/about/news/20251125-codeblue2025_eventory-archive/

■CODE BLUE 2025 Overview

Date: November 16th (Sunday) to November 19th (Wednesday), 2025

Organizer: CODE BLUE Executive Committee

Operation: CODE BLUE Secretariat (BLUE Co., Ltd.)　

【Training】

Date: November 16th (Sunday) to November 17th(Monday), 2025

Venue: Bellesalle Shinjuku Minamiguchi 

　　　 (Sumitomo Fudosan Shinjuku Minamiguchi Building 4F)

【Conference】 

Date: November 18th (Tuesday) to November 19th (Wednesday), 2025

Venue: Bellesalle Takadanobaba

　    　(Sumitomo Fudosan Shinjuku Garden Tower B2/1F)

Official Site: https://codeblue.jp/en/

SNS:［X(formerly Twitter)］ https://twitter.com/codeblue_jp

　　 ［Facebook］ https://facebook.com/codeblue.jp

        ［LinkedIn］https://www.linkedin.com/company/codeblue-jp

■About CODE BLUE

CODE BLUE is an international cybersecurity conference that brings together top-class experts from Japan and around the world. Now in its 13th edition, the conference offers cutting-edge presentations by cybersecurity specialists, as well as opportunities for information exchange and networking that transcend national and language barriers. By gathering world-class experts active in diverse fields, CODE BLUE aims to invigorate and strengthen security collaboration across Asia, including Japan. The conference also seeks to discover and support talented young researchers from Japan and other Asian countries, encouraging them to step onto the global stage.

■List of Sponsors:: https://codeblue.jp/sponsors/