Business Wire

ShiftLeft to Present at No Hat Conference 2021

17.11.2021 11:00:00 EET | Business Wire | Press release

Share

ShiftLeft, Inc., an innovator in automated application security testing, today announced that its Chief Scientist, Fabian Yamaguchi, and Security Research Engineer, Claudiu-Vlad Ursache, will give a presentation focused on Ghidra2cpg at the No Hat Conference in Bergamo, Italy on November 20, 2021. The No Hat 2021 is a security conference organized to bring together specialists, professionals and hobbyists operating in the field of computer security and privacy.

Event Details:

Who: Fabian Yamaguchi, Chief Scientist and Claudiu-Vlad Ursache, Security Research Engineer, ShiftLeft
What: Virtual Session: Presentation on Ghidra2cpg: From graph queries to vulnerabilities in binary code
When: Saturday, November 20, 2021, 11:15am – 12:00pm CET
Where: Centro Congressi Giovanni XXIII - Bergamo, Italy

For more information, visit: https://www.nohat.it/program

Session Abstract - Ghidra2cpg: From graph queries to vulnerabilities in binary code

Uncovering bugs in source code is hard enough as it is, but when all you have is a binary, the importance of tooling becomes undeniable. Disassemblers such as IDA Pro, Ghidra, BinaryNinja or Radare2 provide a strong foundation for an investigation but are designed primarily to assist in what remains a manual investigation. This leaves room for partial automations that make the discovery process less painful.

Fabian and Claudiu were looking to design a search tool for binary code that allows them to uncover instances of programming patterns linked to vulnerabilities - at scale and for multiple major instruction sets. In this talk, they will present ghidra2cpg, an extension for the open-source code mining platform Joern that enables it to process binary code. Together, Joern and ghidra2cpg enable you to quickly uncover the attack surface, search for variants of known vulnerabilities, and gather information interactively using a query language.

In this session they will show how to write queries for the system that describe bugs in source code and introduce corresponding queries for binary code, highlighting what's harder and what is easier to describe when looking at the machine code directly. They will also be looking at modern consumer-grade router firmware and may drop a zero-day or two in the process.

About Fabian Yamaguchi

Fabian is Chief Scientist at ShiftLeft Inc and an Associate Professor Extraordinary at Stellenbosch University. He has over 15 years of experience in the security domain, where he has worked as a security consultant and researcher, focusing on manual and automated vulnerability discovery. Throughout his work, he has identified previously unknown vulnerabilities in popular system components and applications such as the Microsoft Windows kernel, the Linux kernel, the Squid proxy server, and the VLC media player. He has presented his findings and techniques at both major industry conferences such as BlackHat USA, DefCon, First, and CCC, and renowned academic security conferences such as ACSAC, Security and Privacy, and CCS. He holds a master’s degree in computer engineering from Technical University Berlin, as well as a PhD in computer science from the University of Goettingen.

About Claudiu-Vlad Ursache

Claudiu-Vlad Ursache is a Security Research Engineer at ShiftLeft, having recently entered cybersecurity after a decade of writing software. In his day-to-day job he builds static analysis tools and his current research focuses on IoT firmware.

About ShiftLeft

ShiftLeft enables software developers and application security teams to radically reduce the attackability of their applications by providing near-instantaneous security feedback on software code during every pull request. By analyzing application context and data flows in near real-time with industry leading accuracy, ShiftLeft empowers developers and appsec team to find and fix the most serious vulnerabilities faster. Using its patented graph analysis that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft’s platform scans for attack context and pathways typical of modern applications, across APIs, OSS, internal microservices and first-party business logic code, and then provides detailed guidance on risk remediation within existing development workflows and tooling. ShiftLeft CORE, a unified code security platform, combines the company’s flagship NextGen Static Analysis (NG SAST), Intelligent Software Composition Analysis (SCA), and contextual security training through ShiftLeft Educate to provide developers and application security teams the fastest, most accurate, most relevant, and easiest to use automated application security and code analysis platform.

Backed by Bain Capital Ventures, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, CA. To learn how ShiftLeft keeps AppSec in sync with the rapid pace of DevOps, see https://www.shiftleft.io/.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

PR:
Corinna Krueger
ShiftLeft
ckrueger@shiftleft.io

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Samos Energy Acquisition Corporation Announces Pricing of Initial Public Offering10.7.2026 16:32:00 EEST | Press release

Samos Energy Acquisition Corporation (the “Company”) announced today the pricing of its initial public offering (“IPO”) of 20,000,000 units at a price of $10.00 per unit. The units will be listed on the New York Stock Exchange (the “NYSE”) and trade under the ticker symbol “SAMO.U” beginning on July 10, 2026. Each unit consists of one Class A ordinary share and one-half of one redeemable warrant, with each whole warrant entitling the holder thereof to purchase one of the Company’s Class A ordinary shares at an exercise price of $11.50 per share. Once the securities comprising the units begin separate trading, the Class A ordinary shares and warrants are expected to be listed on the NYSE under the symbols “SAMO” and “SAMO.WS,” respectively. Cantor Fitzgerald & Co. is acting as the sole book running manager for the proposed offering. The Company has granted the underwriter a 45-day option to purchase up to an additional 3,000,000 units at the IPO price. The public offering is being made

Onera hPSG ® Wins Prestigious Red Dot Product Design Award10.7.2026 16:00:00 EEST | Press release

Onera Health, a leader in transforming sleep medicine, announces that its innovative product, Onera hPSG®, has been honoured with the prestigious Red Dot Product Design Award for 2026. This international recognition celebrates exceptional design quality and underscores Onera Health's commitment to excellence, creativity, and patient-centric innovation. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260710266668/en/ Onera Health's patch-based home polysomnography solution, Onera hPSG®, wins Prestigious Red Dot Product Design Award 2026. The Red Dot Award, one of the most sought-after seals of quality for good design, attracted thousands of entries from around the globe. Onera hPSG® stood out for outstanding functionality, striking aesthetics, and thoughtful user experience. The expert jury praised the product for translating complex sleep diagnostics into a wearable, easy-to-use system that enables low-threshold application.

teamLab Biovortex Kyoto Welcomes Over 1 Million Visitors within 9 Months of Opening10.7.2026 10:00:00 EEST | Press release

teamLab Biovortex Kyoto has welcomed over 1 million visitors as of July 6, 2026, 9 months after its grand opening. (*1) These visitors arrived from more than 150 countries and regions. International visitors account for approximately 42% of the total. Many of these international visitors travel from distant countries and regions, including the United States, Australia, Canada, the United Kingdom, and Germany. Approximately 30% of these international visitors purchase their tickets at least 30 days in advance. teamLab Biovortex Kyoto is teamLab's largest museum in Japan, with an average visitor stay of over two and a half hours. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260709913938/en/ teamLab Biovortex Kyoto Welcomes Over 1 Million Visitors within 9 Months of Opening *1 According to ticket purchase data from the official teamLab Biovortex Kyoto website (survey period: October 7, 2025 – July 6, 2026) Visitors Comment (M

Robbyant Launches LingBot-VA 2.0 Built Natively for Embodied AI and Physical World Control10.7.2026 09:48:00 EEST | Press release

Robbyant, an embodied AI company within Ant Group, today announced the release of LingBot-VA 2.0, the industry’s first embodied-native video-action world model. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260709654440/en/ A robot powered by LingBot-VA 2.0 engages in a real-time tabletop air hockey match with a human This release marks a key transition in robotics foundation models, shifting from repurposing digital world models to designing them natively for the physical world. Instead of relying on fine-tuned digital content generation models, LingBot-VA 2.0 is built from scratch to meet the original demands of dynamic modeling, causal prediction, and real-time execution in physical environments. Integrating world models with embodied AI has been one of the major focuses of the AI industry. However, most mainstream approaches rely on video generation models designed for digital content, which are then fine-tuned for robo

SureWerx Appoints Erik Pertot as VP/GM SureWerx EMEA10.7.2026 09:00:00 EEST | Press release

SureWerx, a leading global manufacturer of personal protective equipment, safety products, tools and equipment solutions, today announced the appointment of Erik Pertot as VP/GM SureWerx EMEA. Pertot will report directly to CEO Scott Dowell and will lead growth, manufacturing and M&A activities in Europe across the company’s global portfolio. Erik joins SureWerx with more than 20 years of international leadership experience across engineering, quality, marketing, sales, international supply chain, product management, and general management. He brings deep expertise in the personal protective equipment industry, with a track record of leading complex, compliance-critical programs, managing business transitions, and driving growth across multinational environments. Most recently, Pertot served as Global General Manager for Footwear and Fall Protection at Protective Industrial Products (PIP), where he also held senior portfolio management leadership roles. Prior to that, he held a series

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye