CA-SHIFTLEFT
17.11.2021 09:02:09 CET | Business Wire | Press release
ShiftLeft, Inc ., an innovator in automated application security testing, today announced that its Chief Scientist, Fabian Yamaguchi, and Security Research Engineer, Claudiu-Vlad Ursache, will give a presentation focused on Ghidra2cpg at the No Hat Conference in Bergamo, Italy on November 20, 2021. The No Hat 2021 is a security conference organized to bring together specialists, professionals and hobbyists operating in the field of computer security and privacy.
Event Details:
Who:
Fabian Yamaguchi, Chief Scientist and Claudiu-Vlad Ursache, Security Research Engineer, ShiftLeft
What:
Virtual Session: Presentation on Ghidra2cpg: From graph queries to vulnerabilities in binary code
When:
Saturday, November 20, 2021, 11:15am – 12:00pm CET
Where:
Centro Congressi Giovanni XXIII - Bergamo, Italy
For more information, visit : https://www.nohat.it/program
Session Abstract - Ghidra2cpg: From graph queries to vulnerabilities in binary code
Uncovering bugs in source code is hard enough as it is, but when all you have is a binary, the importance of tooling becomes undeniable. Disassemblers such as IDA Pro, Ghidra, BinaryNinja or Radare2 provide a strong foundation for an investigation but are designed primarily to assist in what remains a manual investigation. This leaves room for partial automations that make the discovery process less painful.
Fabian and Claudiu were looking to design a search tool for binary code that allows them to uncover instances of programming patterns linked to vulnerabilities - at scale and for multiple major instruction sets. In this talk, they will present ghidra2cpg, an extension for the open-source code mining platform Joern that enables it to process binary code. Together, Joern and ghidra2cpg enable you to quickly uncover the attack surface, search for variants of known vulnerabilities, and gather information interactively using a query language.
In this session they will show how to write queries for the system that describe bugs in source code and introduce corresponding queries for binary code, highlighting what's harder and what is easier to describe when looking at the machine code directly. They will also be looking at modern consumer-grade router firmware and may drop a zero-day or two in the process.
About Fabian Yamaguchi
Fabian is Chief Scientist at ShiftLeft Inc and an Associate Professor Extraordinary at Stellenbosch University. He has over 15 years of experience in the security domain, where he has worked as a security consultant and researcher, focusing on manual and automated vulnerability discovery. Throughout his work, he has identified previously unknown vulnerabilities in popular system components and applications such as the Microsoft Windows kernel, the Linux kernel, the Squid proxy server, and the VLC media player. He has presented his findings and techniques at both major industry conferences such as BlackHat USA, DefCon, First, and CCC, and renowned academic security conferences such as ACSAC, Security and Privacy, and CCS. He holds a master’s degree in computer engineering from Technical University Berlin, as well as a PhD in computer science from the University of Goettingen.
About Claudiu-Vlad Ursache
Claudiu-Vlad Ursache is a Security Research Engineer at ShiftLeft, having recently entered cybersecurity after a decade of writing software. In his day-to-day job he builds static analysis tools and his current research focuses on IoT firmware.
About ShiftLeft
ShiftLeft enables software developers and application security teams to radically reduce the attackability of their applications by providing near-instantaneous security feedback on software code during every pull request. By analyzing application context and data flows in near real-time with industry leading accuracy, ShiftLeft empowers developers and appsec team to find and fix the most serious vulnerabilities faster. Using its patented graph analysis that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft’s platform scans for attack context and pathways typical of modern applications, across APIs, OSS, internal microservices and first-party business logic code, and then provides detailed guidance on risk remediation within existing development workflows and tooling. ShiftLeft CORE, a unified code security platform, combines the company’s flagship NextGen Static Analysis (NG SAST), Intelligent Software Composition Analysis (SCA), and contextual security training through ShiftLeft Educate to provide developers and application security teams the fastest, most accurate, most relevant, and easiest to use automated application security and code analysis platform.
Backed by Bain Capital Ventures, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, CA. To learn how ShiftLeft keeps AppSec in sync with the rapid pace of DevOps, see https://www.shiftleft.io/ .
View source version on businesswire.com: https://www.businesswire.com/news/home/20211117005403/en/
Link:
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Audiencerate: Riccardo Fabbri Joins as Chief Technology Officer—The AI-Driven Phase of the Platforms for SMEs and Media Agencies Begins21.5.2026 09:00:00 CEST | Press release
The co-founder and former managing partner of Nohup (acquired by Havas Group in 2021) will lead the development of the artificial intelligence infrastructure that integrates first-party and third-party data, powering the platform delivered with Postel and Microsoft to Italian SMEs and the platform with the DV360 offering for global media agencies. Audiencerate Ltd, one of the few globally certified Google Customer Match Upload Partners and a Microsoft IP Co-sell certified partner with MACC eligibility, today announced the appointment of Riccardo Fabbri as Chief Technology Officer. The appointment marks a phase of dual expansion: the Audiencerate–Postel–Microsoft platform for Italian SMEs, and the Data platform integrated with Google DV360 for Agencies and Data Providers — both evolving toward a model that natively leverages first-party and third-party data through AI and machine learning. This press release features multimedia. View the full release here: https://www.businesswire.com/n
Phison's Pascari Enterprise Storage Honored with COMPUTEX Best Choice Golden Award for Breakthrough 245.76 TB Capacity21.5.2026 08:30:00 CEST | Press release
Latest PCIe Gen5 SSD lowers costs at scale for optimized data center OPEX Phison Electronics (8299TT), a global leader in NAND flash controllers and storage solutions, today announced that its Pascari D206V PCIe Gen5 data center SSD has received the prestigious COMPUTEX Best Choice Golden Award, recognizing the next generation of innovation in ultra-high-capacity enterprise storage for AI and modern data center infrastructure. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260520865786/en/ Pascari D206V Wins COMPUTEX Best Choice Golden Award in 2026 The Pascari D206V is designed to address the growing industry challenge of efficiently scaling storage capacity for AI, cloud and data-intensive workloads without increasing operational complexity or infrastructure costs. Delivering up to 245.76 TB in a single U.2 PCIe Gen5 SSD, the D206V enables hyperscale and enterprise customers to significantly increase storage density while
Truecaller Travel eSIM Launch Powered by Telness Tech’s Seamless OS21.5.2026 08:30:00 CEST | Press release
Telness Tech, the telecom software company behind Seamless OS, today announced that Truecaller’s newly launched Travel eSIM service is powered by its platform. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260520906699/en/ Telness Tech, the telecom software company behind Seamless OS, today announced that Truecaller’s newly launched Travel eSIM service is powered by its platform. Truecaller, the leading global platform for verifying contacts and blocking unwanted communication, has launched Travel eSIM across 29 countries, marking the company’s move into mobile data services. The launch broadens Truecaller’s platform beyond caller ID and spam protection, and for the first time adds digital consumables to the portfolio. With more than 500 million people already using Truecaller in their daily communication, Travel eSIM extends that relationship to international travel — a category where users routinely overpay for connectivi
AHS Properties: At 26, Abbas Sajwani Is Deploying Billions Into Dubai’s Future21.5.2026 08:00:00 CEST | Press release
Named the youngest billionaire in real estate globally by Forbes, the AHS Properties founder is scaling a AED 50 billion pipeline on a single conviction: Dubai is no longer a luxury market - it’s a capital destination. While global real estate capital recalibrates, Abbas Sajwani is accelerating. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260519804834/en/ Abbas Sajwani, Founder and CEO of AHS Properties. (Photo: AETOSWire) The 26-year-old Founder and CEO of AHS Properties - recently recognised by Forbes as the youngest Arab billionaire and the youngest billionaire globally in real estate, with a net worth of $1.9 billion - is building one of the fastest-scaling development platforms in Dubai. Since launching in 2021, AHS Properties has expanded from ultra-luxury villa redevelopments into a multi-billion-dollar portfolio spanning waterfront residential, Grade-A commercial, and large-scale mixed-use developments across Duba
Xsolla and the Dubai Films and Games Commission Create a Strategic Partnership to Connect Dubai-Based Developers to Global Markets21.5.2026 05:16:00 CEST | Press release
Multi-Year Agreement Creates Opportunities to Build All The Things for Video Games in Dubai and MENA Xsolla, a leading global video game commerce company, and the Dubai Games Commissioner, in coordination with the Dubai Films and Games Commission, announced a multi-year strategic partnership to accelerate the development of the video game industry and expand commercial access for developers operating across the Middle East and North Africa. The announcement was made at GamesBeat Summit 2026 in Los Angeles, California. The partnership will unite Xsolla's global commerce infrastructure, including direct-to-consumer storefronts, intelligent payments across 1,000+ payment methods in 200+ geographies, and player engagement tools, with DFGC's mandate to establish Dubai as a world-class destination for video game development and publishing. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260520329315/en/ Xsolla and the DFGC partner
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom