ShiftLeft to Present at No Hat Conference 2021
17.11.2021 11:00:00 EET | Business Wire | Press release
ShiftLeft, Inc., an innovator in automated application security testing, today announced that its Chief Scientist, Fabian Yamaguchi, and Security Research Engineer, Claudiu-Vlad Ursache, will give a presentation focused on Ghidra2cpg at the No Hat Conference in Bergamo, Italy on November 20, 2021. The No Hat 2021 is a security conference organized to bring together specialists, professionals and hobbyists operating in the field of computer security and privacy.
Event Details:
Who: Fabian Yamaguchi, Chief Scientist and Claudiu-Vlad Ursache, Security Research Engineer, ShiftLeft
What: Virtual Session: Presentation on Ghidra2cpg: From graph queries to vulnerabilities in binary code
When: Saturday, November 20, 2021, 11:15am – 12:00pm CET
Where: Centro Congressi Giovanni XXIII - Bergamo, Italy
For more information, visit: https://www.nohat.it/program
Session Abstract - Ghidra2cpg: From graph queries to vulnerabilities in binary code
Uncovering bugs in source code is hard enough as it is, but when all you have is a binary, the importance of tooling becomes undeniable. Disassemblers such as IDA Pro, Ghidra, BinaryNinja or Radare2 provide a strong foundation for an investigation but are designed primarily to assist in what remains a manual investigation. This leaves room for partial automations that make the discovery process less painful.
Fabian and Claudiu were looking to design a search tool for binary code that allows them to uncover instances of programming patterns linked to vulnerabilities - at scale and for multiple major instruction sets. In this talk, they will present ghidra2cpg, an extension for the open-source code mining platform Joern that enables it to process binary code. Together, Joern and ghidra2cpg enable you to quickly uncover the attack surface, search for variants of known vulnerabilities, and gather information interactively using a query language.
In this session they will show how to write queries for the system that describe bugs in source code and introduce corresponding queries for binary code, highlighting what's harder and what is easier to describe when looking at the machine code directly. They will also be looking at modern consumer-grade router firmware and may drop a zero-day or two in the process.
About Fabian Yamaguchi
Fabian is Chief Scientist at ShiftLeft Inc and an Associate Professor Extraordinary at Stellenbosch University. He has over 15 years of experience in the security domain, where he has worked as a security consultant and researcher, focusing on manual and automated vulnerability discovery. Throughout his work, he has identified previously unknown vulnerabilities in popular system components and applications such as the Microsoft Windows kernel, the Linux kernel, the Squid proxy server, and the VLC media player. He has presented his findings and techniques at both major industry conferences such as BlackHat USA, DefCon, First, and CCC, and renowned academic security conferences such as ACSAC, Security and Privacy, and CCS. He holds a master’s degree in computer engineering from Technical University Berlin, as well as a PhD in computer science from the University of Goettingen.
About Claudiu-Vlad Ursache
Claudiu-Vlad Ursache is a Security Research Engineer at ShiftLeft, having recently entered cybersecurity after a decade of writing software. In his day-to-day job he builds static analysis tools and his current research focuses on IoT firmware.
About ShiftLeft
ShiftLeft enables software developers and application security teams to radically reduce the attackability of their applications by providing near-instantaneous security feedback on software code during every pull request. By analyzing application context and data flows in near real-time with industry leading accuracy, ShiftLeft empowers developers and appsec team to find and fix the most serious vulnerabilities faster. Using its patented graph analysis that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft’s platform scans for attack context and pathways typical of modern applications, across APIs, OSS, internal microservices and first-party business logic code, and then provides detailed guidance on risk remediation within existing development workflows and tooling. ShiftLeft CORE, a unified code security platform, combines the company’s flagship NextGen Static Analysis (NG SAST), Intelligent Software Composition Analysis (SCA), and contextual security training through ShiftLeft Educate to provide developers and application security teams the fastest, most accurate, most relevant, and easiest to use automated application security and code analysis platform.
Backed by Bain Capital Ventures, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, CA. To learn how ShiftLeft keeps AppSec in sync with the rapid pace of DevOps, see https://www.shiftleft.io/.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20211117005403/en/
Contact information
PR:
Corinna Krueger
ShiftLeft
ckrueger@shiftleft.io
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
EVE Energy Strengthens European Operations Through Compliance, Local Manufacturing, and Regional Services2.7.2026 09:30:00 EEST | Press release
The Smarter E Europe 2026 opened in Munich on June 23 and runs through June 25, gathering global players from the clean energy sector on one of Europe’s most influential trade exhibition platforms. EVE Energy unveiled its Mr. Big Family series, a 6.9+ MWh energy storage system, all-scenario storage solutions, and high-performance EV batteries — showcasing its lithium-sodium dual-technology platform, full product portfolio, and localized European operational layout. During the exhibition, European clients showed strong interest in the company’s product performance and placed strong emphasis on sustained adherence to the EU’s evolving regulatory standards. This industry attitude further underscores that regulatory compliance readiness has become a fundamental prerequisite for accessing the European clean energy market. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260701651416/en/ The BMW iX3 displayed at the EVE Energy booth
Braun Launches the Next Generation of Electric Shaver With Braun NEVO Introducing a New Dawn of Smooth Touch2.7.2026 09:00:00 EEST | Press release
With over 100 years of exceptional German craftsmanship, Braun introduces Braun NEVO, an electric shaver redefining what a close shave and smooth skin mean. Every element has been reimagined: the sleek unibody stainless steel handle, the revolutionary AeroTouch™ Technology and advanced personalized display deliver a perfectly close shave without sacrificing comfort. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260701842080/en/ Braun NEVO Shaver Oliver Grabes, Braun Head of Design, said: “At Braun, we set out to reimagine the shaving experience which led to the development of AeroTouch™ Shaving Technology, a cutting system engineered for ultra-low friction on the skin and high efficiency. This makes Braun NEVO our best shaver* setting a new standard for smooth skin.” Introducing the revolutionary world’s first AeroTouch™ Technology, featuring 250 diamond-sharp cutting edges and an exclusive Ultra gliding foil for a smooth g
Brenus Pharma Strengthens Its Governance With Designation of a New President and Appointment of Former Novo Nordisk EVP as Independent Member2.7.2026 09:00:00 EEST | Press release
Brenus Pharma, today announced key appointments to its board of directors. The company welcomes Eric DESSERTENNE, as President & Chairman of the board, succeeding co-founder Jacques GARDETTE, who will remain an active board member. Eric brings extensive experience in healthcare innovation and value creation, having notably led BIOCORP through its development and acquisition by Novo Nordisk. Brenus also appoints Camilla SYLVEST, as a second independent director, following the earlier addition of Diala EZZEDDINE a seasoned US-based biotech executive and entrepreneur. Camilla SYLVEST is an experienced pharmaceutical executive and global business leader, having spent nearly three decades at Novo Nordisk A/S, where she most recently served as Executive Vice President for Global Commercial Strategy, Corporate Communication and Sustainability. She currently serves on the Boards of Argenx SE, Getinge AB, and Zealand Pharma A/S, and has previously served on the Board of Danish Crown A/S and as
Access Advance and Alibaba Announce Alibaba's Expanded Participation in the VDP Pool2.7.2026 03:00:00 EEST | Press release
Access Advance LLC and Alibaba Group today announced that Alibaba has joined the Access Advance Video Distribution Patent Pool (VDP Pool) as a Licensee, securing a license to the pool's comprehensive coverage of HEVC, VVC, VP9, and AV1 codec technologies. The announcement marks a milestone in a multi-year collaboration between the two companies that spans the VVC Advance Patent Pool, where Alibaba participates as both a Licensor and Licensee, and the VDP Pool, where Alibaba joined as a Licensor in 2025. Alibaba's subsidiary Youku, one of China's leading streaming platforms, also joined the VDP Pool as a Licensee in 2025. Alibaba operates one of the world's most diverse video ecosystems, spanning a wide range of video-based services across e-commerce, entertainment, and digital media. As video has become central to how consumers shop, communicate, and access entertainment, the breadth of Alibaba's video operations reflects the kind of business model complexity the VDP Pool was designed
Vertex Announces US FDA Approval for Expanded Use of CASGEVY ® for the Treatment of People Ages 2 Years and Older With Sickle Cell Disease or Transfusion-Dependent Beta Thalassemia2.7.2026 02:58:00 EEST | Press release
Vertex Pharmaceuticals Incorporated (Nasdaq: VRTX) announced today that the U.S. Food and Drug Administration (FDA) has approved expanded use of CASGEVY® (exagamglogene autotemcel) for the treatment of people ages 2 years and older with either sickle cell disease (SCD) with recurrent vaso-occlusive crises (VOCs) or transfusion-dependent beta thalassemia (TDT). CASGEVY is the first approved genetic therapy indicated for children as young as 2 years for both SCD and TDT. “Just as we redefined what is possible in cystic fibrosis, our ambition is to transform the future for people living with sickle cell disease and transfusion-dependent beta thalassemia. The remarkable consistency of results across age groups reinforces the potential of CASGEVY to deliver durable, transformative benefits to those who have historically had limited options,” said Reshma Kewalramani, M.D., Chief Executive Officer and President, Vertex. “We’re deeply grateful to the patients, families and investigators who pa
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
