CA-SHIFTLEFT
17.11.2021 09:02:09 CET | Business Wire | Press release
ShiftLeft, Inc ., an innovator in automated application security testing, today announced that its Chief Scientist, Fabian Yamaguchi, and Security Research Engineer, Claudiu-Vlad Ursache, will give a presentation focused on Ghidra2cpg at the No Hat Conference in Bergamo, Italy on November 20, 2021. The No Hat 2021 is a security conference organized to bring together specialists, professionals and hobbyists operating in the field of computer security and privacy.
Event Details:
Who:
Fabian Yamaguchi, Chief Scientist and Claudiu-Vlad Ursache, Security Research Engineer, ShiftLeft
What:
Virtual Session: Presentation on Ghidra2cpg: From graph queries to vulnerabilities in binary code
When:
Saturday, November 20, 2021, 11:15am – 12:00pm CET
Where:
Centro Congressi Giovanni XXIII - Bergamo, Italy
For more information, visit : https://www.nohat.it/program
Session Abstract - Ghidra2cpg: From graph queries to vulnerabilities in binary code
Uncovering bugs in source code is hard enough as it is, but when all you have is a binary, the importance of tooling becomes undeniable. Disassemblers such as IDA Pro, Ghidra, BinaryNinja or Radare2 provide a strong foundation for an investigation but are designed primarily to assist in what remains a manual investigation. This leaves room for partial automations that make the discovery process less painful.
Fabian and Claudiu were looking to design a search tool for binary code that allows them to uncover instances of programming patterns linked to vulnerabilities - at scale and for multiple major instruction sets. In this talk, they will present ghidra2cpg, an extension for the open-source code mining platform Joern that enables it to process binary code. Together, Joern and ghidra2cpg enable you to quickly uncover the attack surface, search for variants of known vulnerabilities, and gather information interactively using a query language.
In this session they will show how to write queries for the system that describe bugs in source code and introduce corresponding queries for binary code, highlighting what's harder and what is easier to describe when looking at the machine code directly. They will also be looking at modern consumer-grade router firmware and may drop a zero-day or two in the process.
About Fabian Yamaguchi
Fabian is Chief Scientist at ShiftLeft Inc and an Associate Professor Extraordinary at Stellenbosch University. He has over 15 years of experience in the security domain, where he has worked as a security consultant and researcher, focusing on manual and automated vulnerability discovery. Throughout his work, he has identified previously unknown vulnerabilities in popular system components and applications such as the Microsoft Windows kernel, the Linux kernel, the Squid proxy server, and the VLC media player. He has presented his findings and techniques at both major industry conferences such as BlackHat USA, DefCon, First, and CCC, and renowned academic security conferences such as ACSAC, Security and Privacy, and CCS. He holds a master’s degree in computer engineering from Technical University Berlin, as well as a PhD in computer science from the University of Goettingen.
About Claudiu-Vlad Ursache
Claudiu-Vlad Ursache is a Security Research Engineer at ShiftLeft, having recently entered cybersecurity after a decade of writing software. In his day-to-day job he builds static analysis tools and his current research focuses on IoT firmware.
About ShiftLeft
ShiftLeft enables software developers and application security teams to radically reduce the attackability of their applications by providing near-instantaneous security feedback on software code during every pull request. By analyzing application context and data flows in near real-time with industry leading accuracy, ShiftLeft empowers developers and appsec team to find and fix the most serious vulnerabilities faster. Using its patented graph analysis that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft’s platform scans for attack context and pathways typical of modern applications, across APIs, OSS, internal microservices and first-party business logic code, and then provides detailed guidance on risk remediation within existing development workflows and tooling. ShiftLeft CORE, a unified code security platform, combines the company’s flagship NextGen Static Analysis (NG SAST), Intelligent Software Composition Analysis (SCA), and contextual security training through ShiftLeft Educate to provide developers and application security teams the fastest, most accurate, most relevant, and easiest to use automated application security and code analysis platform.
Backed by Bain Capital Ventures, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, CA. To learn how ShiftLeft keeps AppSec in sync with the rapid pace of DevOps, see https://www.shiftleft.io/ .
View source version on businesswire.com: https://www.businesswire.com/news/home/20211117005403/en/
Link:
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
LMR Unveils Tonka Bean CO₂ Absolute: Gourmand Excellence from Planet-Friendly Extraction24.2.2026 14:15:00 CET | Press release
True-to-nature gourmand richness achieved with renewable CO2 technology. IFF (NYSE: IFF) — LMR Naturals by IFF—a global leader in natural ingredients for perfumery, cosmetics and flavors—has introduced Tonka Bean CO₂ Absolute to its Conscious Collection, a line of 12 highly sustainable and traceable natural ingredients for perfumes and flavors. Tonka Bean CO₂ Absolute is a natural extract with a gourmand olfactive signature. This new addition to the perfumer’s palette is produced with renewable and recycled supercritical CO2 at IFF’s extraction site in Aubrac, France. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260224233830/en/ Tonka Bean CO₂ Absolute extracted by LMR. “Our CO₂ extraction unit in Aubrac has enabled LMR to develop a collection of extracts that seamlessly blends sustainability with high hedonic profiles for perfumers," said Bertrand de Préville, general manager of LMR Naturals by IFF. "With the launch of To
NorthX Biologics and Demeetra Announce Strategic Collaboration to Deliver a Faster, Lower-Risk Path from Gene to GMP24.2.2026 14:00:00 CET | Press release
NorthX Biologics and Demeetra today announced a strategic collaboration combining a best-in-class high-titer GS (-/-) CHO cell line with full freedom to operate and no additional IP-related costs, together with advanced cell line development technologies and high-quality process development, MCB banking, and GMP manufacturing services. The collaboration is designed to help biotech companies reach IND-enabling and clinical milestones faster, with fewer technical setbacks and without the need to rebuild cell lines or re-qualify processes when transitioning to a manufacturing partner. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260224427714/en/ Supporting stable, high-titer cell line development and seamless GMP advancement. The partnership combines Demeetra’s CleanCut™ CHO platforms and stable CLD services with NorthX Biologics’ proven GMP production capabilities, process scale-up expertise including fill and finish, and re
AdvanCell Showcases Novel TheraPb Phase 2 Study Design of ADVC001 for the Treatment of Metastatic Prostate Cancer at ASCO GU Symposium 202624.2.2026 14:00:00 CET | Press release
-- The trial uses a response-driven dosing strategy and extended treatment across three prostate cancer populations, supported by the favorable clinical, pharmacokinetic and dosimetry results from Phase 1b -- AdvanCell, a clinical-stage radiopharmaceutical company developing innovative targeted alpha therapies for cancer, today announced the novel Phase 2 design of the ongoing TheraPb clinical trial of ADVC001 in metastatic prostate cancer. ADVC001 is an investigational Lead-212-based prostate-specific membrane antigen (PSMA)-targeted alpha therapy. The study design will be showcased in a ‘Trials in Progress’ poster this week at the American Society of Clinical Oncology Genitourinary Cancers Symposium (ASCO GU 2026) in San Francisco, CA. The TheraPb Phase 2 is an open-label, randomized expansion study incorporating dose optimization strategies in three groups of patients with metastatic hormone-sensitive (mHSPC) and castration-resistant prostate cancer (mCRPC). The study’s innovative d
Axelera AI Secures More Than $250 Million Funding on Global Commercial Growth24.2.2026 14:00:00 CET | Press release
European AI semiconductor leader earns backing from funds managed by Innovation Industries and SiteGround Capital along with EU institutions; edge-first architecture addresses AI's critical energy and cooling constraints Axelera AI, the European leader in AI acceleration hardware, announced its latest funding round led by Innovation Industries, with participation from prominent funds and accounts including BlackRock and SiteGround Capital as new investors, as well as existing investors Bitfury, CDP Venture Capital, European Innovation Council Fund, Federal Holding and Investment Company of Belgium (SFPIM), Invest-NL, Samsung Catalyst Fund, and Verve Investments. Axelera AI has attracted over $450 million in equity, grants and venture debt since incorporating in July 2021. The largest investment ever in an EU AI semiconductor company comes as Axelera ships to its 500th global customer across physical AI and edge AI in industries including defense and public safety, industrial manufactur
ExaGrid Wins New Industry Award24.2.2026 14:00:00 CET | Press release
Tiered Backup Storage recognized in inaugural StorageNewsletter Awards ExaGrid®, the leader in Tiered Backup Storage, today announced that it has been honored with an award in the Secondary Storage category from the first annual StorageNewsletter Awards. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260224387048/en/ ExaGrid Tiered Backup Storage wins the award for Secondary Storage for the first annual StorageNewsletter Awards. The winners of the StorageNewsletter Awards were chosen by a seven-member jury who selected the vendors for each category. “A long-standing innovator, ExaGrid has played a key role in shaping a new era of secondary storage with its scale-out architecture. Originally built around HDDs, the platform now supports SSDs and continues to gain market share at a rapid pace, driven by a strong channel ecosystem and broad validation from numerous backup software vendors. Through continuous feature enhancements
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom