ShiftLeft to Present at No Hat Conference 2021
17.11.2021 11:00:00 EET | Business Wire | Press release
ShiftLeft, Inc., an innovator in automated application security testing, today announced that its Chief Scientist, Fabian Yamaguchi, and Security Research Engineer, Claudiu-Vlad Ursache, will give a presentation focused on Ghidra2cpg at the No Hat Conference in Bergamo, Italy on November 20, 2021. The No Hat 2021 is a security conference organized to bring together specialists, professionals and hobbyists operating in the field of computer security and privacy.
Event Details:
Who: Fabian Yamaguchi, Chief Scientist and Claudiu-Vlad Ursache, Security Research Engineer, ShiftLeft
What: Virtual Session: Presentation on Ghidra2cpg: From graph queries to vulnerabilities in binary code
When: Saturday, November 20, 2021, 11:15am – 12:00pm CET
Where: Centro Congressi Giovanni XXIII - Bergamo, Italy
For more information, visit: https://www.nohat.it/program
Session Abstract - Ghidra2cpg: From graph queries to vulnerabilities in binary code
Uncovering bugs in source code is hard enough as it is, but when all you have is a binary, the importance of tooling becomes undeniable. Disassemblers such as IDA Pro, Ghidra, BinaryNinja or Radare2 provide a strong foundation for an investigation but are designed primarily to assist in what remains a manual investigation. This leaves room for partial automations that make the discovery process less painful.
Fabian and Claudiu were looking to design a search tool for binary code that allows them to uncover instances of programming patterns linked to vulnerabilities - at scale and for multiple major instruction sets. In this talk, they will present ghidra2cpg, an extension for the open-source code mining platform Joern that enables it to process binary code. Together, Joern and ghidra2cpg enable you to quickly uncover the attack surface, search for variants of known vulnerabilities, and gather information interactively using a query language.
In this session they will show how to write queries for the system that describe bugs in source code and introduce corresponding queries for binary code, highlighting what's harder and what is easier to describe when looking at the machine code directly. They will also be looking at modern consumer-grade router firmware and may drop a zero-day or two in the process.
About Fabian Yamaguchi
Fabian is Chief Scientist at ShiftLeft Inc and an Associate Professor Extraordinary at Stellenbosch University. He has over 15 years of experience in the security domain, where he has worked as a security consultant and researcher, focusing on manual and automated vulnerability discovery. Throughout his work, he has identified previously unknown vulnerabilities in popular system components and applications such as the Microsoft Windows kernel, the Linux kernel, the Squid proxy server, and the VLC media player. He has presented his findings and techniques at both major industry conferences such as BlackHat USA, DefCon, First, and CCC, and renowned academic security conferences such as ACSAC, Security and Privacy, and CCS. He holds a master’s degree in computer engineering from Technical University Berlin, as well as a PhD in computer science from the University of Goettingen.
About Claudiu-Vlad Ursache
Claudiu-Vlad Ursache is a Security Research Engineer at ShiftLeft, having recently entered cybersecurity after a decade of writing software. In his day-to-day job he builds static analysis tools and his current research focuses on IoT firmware.
About ShiftLeft
ShiftLeft enables software developers and application security teams to radically reduce the attackability of their applications by providing near-instantaneous security feedback on software code during every pull request. By analyzing application context and data flows in near real-time with industry leading accuracy, ShiftLeft empowers developers and appsec team to find and fix the most serious vulnerabilities faster. Using its patented graph analysis that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft’s platform scans for attack context and pathways typical of modern applications, across APIs, OSS, internal microservices and first-party business logic code, and then provides detailed guidance on risk remediation within existing development workflows and tooling. ShiftLeft CORE, a unified code security platform, combines the company’s flagship NextGen Static Analysis (NG SAST), Intelligent Software Composition Analysis (SCA), and contextual security training through ShiftLeft Educate to provide developers and application security teams the fastest, most accurate, most relevant, and easiest to use automated application security and code analysis platform.
Backed by Bain Capital Ventures, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, CA. To learn how ShiftLeft keeps AppSec in sync with the rapid pace of DevOps, see https://www.shiftleft.io/.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20211117005403/en/
Contact information
PR:
Corinna Krueger
ShiftLeft
ckrueger@shiftleft.io
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
InterSystems Honored with Four 2026 Best in KLAS Awards4.2.2026 19:00:00 EET | Press release
InterSystems, a creative data technology provider powering more than one billion health records globally, today announced it has received four Global 2026 Best in KLAS awards. The company earned a #1 ranking for Acute Care EHR in Asia, Oceania, and France, as well as for Shared Care Records in Europe. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260204241673/en/ InterSystems earns four Best in KLAS awards for 2026 Best in KLAS is KLAS Research’s annual recognition of top-performing healthcare technology and services solutions, based entirely on feedback from healthcare provider organizations. Awards are given within defined software and services market segments evaluated by KLAS Research using a standardized methodology that reflects customer experience and performance. In addition to U.S. market segments, KLAS also recognizes top-performing solutions through its Global (Non-U.S.) Best in KLAS Awards, which are based on fe
Onego Bio Strengthens Board with Appointment of Dr. Antti Vasara4.2.2026 17:00:00 EET | Press release
Onego Bio, the food ingredient company producing non-animal egg protein through precision fermentation, today announced that Dr. Antti Vasara has joined its board of directors. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260204881159/en/ Dr. Antti Vasara Dr. Vasara brings more than 25 years of global experience in science, technology, and commercial strategy. Most recently, he served as President and CEO of VTT Technical Research Centre of Finland, where he led one of Europe’s foremost deep tech research organizations. His distinguished career spans senior leadership roles in industry and innovation policy—including impactful work with Nokia and strategic contributions to European research and development initiatives. “Antti is one of the most respected leaders in science and innovation,” said Maija Itkonen, CEO of Onego Bio. “His deep understanding of technology commercialization and ecosystem level strategy will be inva
Andersen Consulting Expands Capabilities with Addition of SHMA4.2.2026 16:30:00 EET | Press release
Andersen Consulting enters into a Collaboration Agreement with SHMA, a leading actuarial and financial advisory firm headquartered in the UAE. SHMA is an actuarial consulting firm with nearly four decades of experience helping organizations navigate complexity, manage risk, and unlock opportunities through actuarial and insurance advisory, risk management, and valuation of End-of-Service Benefits (EOSB). Working with insurance companies, pension schemes, and other private and public organizations, SHMA helps clients build resilient organizations. “At SHMA, we keep quality, customized solutions, and genuine connection with people at the center of our mission,” said Shariq Sikander, director of SHMA. “Collaborating with Andersen Consulting provides us with the opportunity to extend our impact globally and expand our actuarial services beyond the MENA region, bringing innovative, client-focused solutions to organizations seeking practical and transformative approaches to their business ch
Energy Vault announces the Award of 100 MW / 870 MWh Long-Term Energy Service Agreement to its Development Partner in Australia4.2.2026 16:09:00 EET | Press release
Energy Vault Holdings, Inc. (NYSE: NRGV) (“Energy Vault”), a leader in sustainable, grid-scale energy storage solutions, and Bridge Energy Pty Ltd (“Bridge Energy”), an Australian developer bridging the gap between fossil fuels and renewable energy, today announced the Ebor Battery Energy Storage System (BESS) has been awarded a Long-Term Energy Service Agreement (LTESA) by AusEnergy Services. Located in Ebor, within the New England Region of New South Wales (NSW), the 100 MW / 870 MWh project will provide 8 hours of dispatchable capacity. The facility will play a critical role in advancing NSW’s renewable energy targets by providing essential grid firming capacity as aging coal generators retire. The system will charge during periods of excess renewable generation and discharge during peak demand, directly supporting the state’s transition to a decarbonized grid. Subject to obtaining the necessary contractual and regulatory approvals, Energy Vault plans to exercise its option to acqui
Boomi’s Market Momentum Accelerates as Enterprises Standardize on Its AI Activation Platform4.2.2026 16:00:00 EET | Press release
Boomi™, the leader in AI-driven automation, today announced that the company’s momentum in enterprise integration and agentic AI has reached a defining moment, driven by unmatched scale, independent analyst validation, proven customer outcomes, and ecosystem growth. With more than 30,000 customers worldwide — including over a quarter of the Fortune 500 — Boomi’s continued growth reflects the trust the world’s largest enterprises place in its platform.Today, customers rely on Boomi’s unique runtime architecture for mission-critical operations — including over 75,000 AI agents in production — executing billions of dollars in transactions with enterprise-grade reliability and resilience. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260204745523/en/ Boomi’s Market Momentum Accelerates as Enterprises Standardize on Its AI Activation Platform “Boomi is experiencing the strongest momentum in its history,” said Steve Lucas, Chairm
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom