ShiftLeft to Present at No Hat Conference 2021
ShiftLeft, Inc., an innovator in automated application security testing, today announced that its Chief Scientist, Fabian Yamaguchi, and Security Research Engineer, Claudiu-Vlad Ursache, will give a presentation focused on Ghidra2cpg at the No Hat Conference in Bergamo, Italy on November 20, 2021. The No Hat 2021 is a security conference organized to bring together specialists, professionals and hobbyists operating in the field of computer security and privacy.
Event Details:
Who: Fabian Yamaguchi, Chief Scientist and Claudiu-Vlad Ursache, Security Research Engineer, ShiftLeft
What: Virtual Session: Presentation on Ghidra2cpg: From graph queries to vulnerabilities in binary code
When: Saturday, November 20, 2021, 11:15am – 12:00pm CET
Where: Centro Congressi Giovanni XXIII - Bergamo, Italy
For more information, visit: https://www.nohat.it/program
Session Abstract - Ghidra2cpg: From graph queries to vulnerabilities in binary code
Uncovering bugs in source code is hard enough as it is, but when all you have is a binary, the importance of tooling becomes undeniable. Disassemblers such as IDA Pro, Ghidra, BinaryNinja or Radare2 provide a strong foundation for an investigation but are designed primarily to assist in what remains a manual investigation. This leaves room for partial automations that make the discovery process less painful.
Fabian and Claudiu were looking to design a search tool for binary code that allows them to uncover instances of programming patterns linked to vulnerabilities - at scale and for multiple major instruction sets. In this talk, they will present ghidra2cpg, an extension for the open-source code mining platform Joern that enables it to process binary code. Together, Joern and ghidra2cpg enable you to quickly uncover the attack surface, search for variants of known vulnerabilities, and gather information interactively using a query language.
In this session they will show how to write queries for the system that describe bugs in source code and introduce corresponding queries for binary code, highlighting what's harder and what is easier to describe when looking at the machine code directly. They will also be looking at modern consumer-grade router firmware and may drop a zero-day or two in the process.
About Fabian Yamaguchi
Fabian is Chief Scientist at ShiftLeft Inc and an Associate Professor Extraordinary at Stellenbosch University. He has over 15 years of experience in the security domain, where he has worked as a security consultant and researcher, focusing on manual and automated vulnerability discovery. Throughout his work, he has identified previously unknown vulnerabilities in popular system components and applications such as the Microsoft Windows kernel, the Linux kernel, the Squid proxy server, and the VLC media player. He has presented his findings and techniques at both major industry conferences such as BlackHat USA, DefCon, First, and CCC, and renowned academic security conferences such as ACSAC, Security and Privacy, and CCS. He holds a master’s degree in computer engineering from Technical University Berlin, as well as a PhD in computer science from the University of Goettingen.
About Claudiu-Vlad Ursache
Claudiu-Vlad Ursache is a Security Research Engineer at ShiftLeft, having recently entered cybersecurity after a decade of writing software. In his day-to-day job he builds static analysis tools and his current research focuses on IoT firmware.
About ShiftLeft
ShiftLeft enables software developers and application security teams to radically reduce the attackability of their applications by providing near-instantaneous security feedback on software code during every pull request. By analyzing application context and data flows in near real-time with industry leading accuracy, ShiftLeft empowers developers and appsec team to find and fix the most serious vulnerabilities faster. Using its patented graph analysis that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft’s platform scans for attack context and pathways typical of modern applications, across APIs, OSS, internal microservices and first-party business logic code, and then provides detailed guidance on risk remediation within existing development workflows and tooling. ShiftLeft CORE, a unified code security platform, combines the company’s flagship NextGen Static Analysis (NG SAST), Intelligent Software Composition Analysis (SCA), and contextual security training through ShiftLeft Educate to provide developers and application security teams the fastest, most accurate, most relevant, and easiest to use automated application security and code analysis platform.
Backed by Bain Capital Ventures, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, CA. To learn how ShiftLeft keeps AppSec in sync with the rapid pace of DevOps, see https://www.shiftleft.io/.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20211117005403/en/
Contact information
PR:
Corinna Krueger
ShiftLeft
ckrueger@shiftleft.io
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Tecnotree Included as a Representative Provider in Gartner ® Innovation Insight: AI SOC Agents Accelerate CSP SecOps Transformation31.12.2025 12:59:00 EET | Press release
Tecnotree, a global digital platform and services provider for communications service providers (CSPs), today announced that it has been referenced as a Representative Provider alongside Google, Anthropic, Dropzone AI, DRUID, Palo Alto Networks, and Pegasystems in the Gartner® Innovation Insight: “AI SOC Agents Accelerate CSP SecOps Transformation,” published in December 2025. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251231210303/en/ Tecnotree Included as a Representative Provider in Gartner® Innovation Insight: AI SOC Agents Accelerate CSP SecOps Transformation The Gartner Innovation Insight examines the emerging role of AI-driven Security Operations Centre (SOC) agents in CSP environments, outlining how these agents are used to automate and augment security operations across signalling, core networks, RAN, Open RAN, and roaming domains. The research discusses use cases such as alert triage, investigation support, thr
UAE’s Medcare Treats First International SMA Patient With Revolutionary Intrathecal Gene Therapy30.12.2025 16:15:00 EET | Press release
Medcare Women & Children Hospital has successfully administered a pioneering intrathecal gene therapy for Spinal Muscular Atrophy (SMA) to Hulus, a three-year-old patient from Turkey. This milestone positions Medcare among the first private healthcare providers worldwide to offer this innovative treatment to an older international patient, overcoming previous age and weight limitations. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251230695275/en/ World's first international patient, who received intrathecal gene therapy at Medcare Royal Hospital in Dubai, UAE, along with parents, and the hospital team. (Photo: AETOSWire) SMA is a rare neuromuscular disorder that progressively weakens muscles responsible for movement and breathing. This newly licensed one-time therapy addresses the root genetic cause by delivering a functional SMN1 gene. For Hulus, whose daily routine earlier depended on intensive physiotherapy and hydroth
Amazfit Introduces Active Max: Bigger, Brighter, and Built for Maximum Performance30.12.2025 10:00:00 EET | Press release
Amazfit, a leading global smart wearable brand by Zepp Health (NYSE: ZEPP), today announces the Amazfit Active Max, the newest member of the Amazfit Active family. Built for everyday athletes and anyone looking to elevate their wellness routine, Active Max blends a 1.5″ ultra-bright AMOLED display, up to 25 days of battery life, easy podcast listening and advanced training tools to support consistent training and clearer visibility across any activity. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251230279762/en/ Bigger Display. Max Clarity: A 1.5″ ultra-bright AMOLED display delivers exceptional clarity in any setting—whether in the gym, outdoors, or on the move. With up to 3,000 nits of peak brightness, the screen ensures real-time stats are always easy to read. Active Max introduces a higher-precision training experience through BioCharge™ readiness insights, adaptive coaching, enhanced strength-training tracking, and c
2026 Future of Fitness Report: Experts from Coherent Solutions Turn Years of Fitness Industry Software Engineering Work Into a Guidebook on Future-proof Digital Transformation in Fitness29.12.2025 19:48:00 EET | Press release
Coherent Solutions has released its 2026 Future of Fitness report, capturing years of domain knowledge from helping emerging and global fitness brands drive digital transformation, innovate, and improve member engagement. “The Future of Fitness: Winning with Digital Value Creation” takes lessons from real projects and fitness enthusiasts, turning them into a guidebook for the next era of fitness. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251229965712/en/ New Fitness Tech Whitepaper by Coherent Solutions While the global fitness market is on track to surpass $257 billion, and brands are expanding globally, pioneering new regions, and implementing new technologies, the report highlights the most effective growth trajectory in acknowledging the importance of technology as equal to supporting the fitness community. "Most people only spend 3–5 hours a week in a gym. That leaves 160+ hours where their choices and habits are i
Hanshow and the University of Cambridge Launch Joint Research on Augmented Intelligent Hybrid Wireless Technology25.12.2025 13:34:00 EET | Press release
Hanshow, a global leader in electronic shelf labels (ESL) and digital store solutions, has entered into a multi-year research collaboration with the University of Cambridge, one of the world’s most prestigious academic institutions. The partnership will focus on joint research and innovation in next-generation intelligent hybrid wireless technologies, marking an important milestone in Hanshow’s continued investment in core technologies and long-term innovation. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251225988816/en/ This collaboration leverages the University of Cambridge’s deep expertise in fundamental wireless technology research, alongside Hanshow’s extensive industry experience, to further strengthen multi-protocol integration capabilities and expand scalable applications across diverse retail scenarios. Guided by shared principles of innovation, collaboration, openness, and knowledge sharing, the two parties aim
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom