Business Wire

ShiftLeft to Present at No Hat Conference 2021

17.11.2021 11:00:00 EET | Business Wire | Press release

Share

ShiftLeft, Inc., an innovator in automated application security testing, today announced that its Chief Scientist, Fabian Yamaguchi, and Security Research Engineer, Claudiu-Vlad Ursache, will give a presentation focused on Ghidra2cpg at the No Hat Conference in Bergamo, Italy on November 20, 2021. The No Hat 2021 is a security conference organized to bring together specialists, professionals and hobbyists operating in the field of computer security and privacy.

Event Details:

Who: Fabian Yamaguchi, Chief Scientist and Claudiu-Vlad Ursache, Security Research Engineer, ShiftLeft
What: Virtual Session: Presentation on Ghidra2cpg: From graph queries to vulnerabilities in binary code
When: Saturday, November 20, 2021, 11:15am – 12:00pm CET
Where: Centro Congressi Giovanni XXIII - Bergamo, Italy

For more information, visit: https://www.nohat.it/program

Session Abstract - Ghidra2cpg: From graph queries to vulnerabilities in binary code

Uncovering bugs in source code is hard enough as it is, but when all you have is a binary, the importance of tooling becomes undeniable. Disassemblers such as IDA Pro, Ghidra, BinaryNinja or Radare2 provide a strong foundation for an investigation but are designed primarily to assist in what remains a manual investigation. This leaves room for partial automations that make the discovery process less painful.

Fabian and Claudiu were looking to design a search tool for binary code that allows them to uncover instances of programming patterns linked to vulnerabilities - at scale and for multiple major instruction sets. In this talk, they will present ghidra2cpg, an extension for the open-source code mining platform Joern that enables it to process binary code. Together, Joern and ghidra2cpg enable you to quickly uncover the attack surface, search for variants of known vulnerabilities, and gather information interactively using a query language.

In this session they will show how to write queries for the system that describe bugs in source code and introduce corresponding queries for binary code, highlighting what's harder and what is easier to describe when looking at the machine code directly. They will also be looking at modern consumer-grade router firmware and may drop a zero-day or two in the process.

About Fabian Yamaguchi

Fabian is Chief Scientist at ShiftLeft Inc and an Associate Professor Extraordinary at Stellenbosch University. He has over 15 years of experience in the security domain, where he has worked as a security consultant and researcher, focusing on manual and automated vulnerability discovery. Throughout his work, he has identified previously unknown vulnerabilities in popular system components and applications such as the Microsoft Windows kernel, the Linux kernel, the Squid proxy server, and the VLC media player. He has presented his findings and techniques at both major industry conferences such as BlackHat USA, DefCon, First, and CCC, and renowned academic security conferences such as ACSAC, Security and Privacy, and CCS. He holds a master’s degree in computer engineering from Technical University Berlin, as well as a PhD in computer science from the University of Goettingen.

About Claudiu-Vlad Ursache

Claudiu-Vlad Ursache is a Security Research Engineer at ShiftLeft, having recently entered cybersecurity after a decade of writing software. In his day-to-day job he builds static analysis tools and his current research focuses on IoT firmware.

About ShiftLeft

ShiftLeft enables software developers and application security teams to radically reduce the attackability of their applications by providing near-instantaneous security feedback on software code during every pull request. By analyzing application context and data flows in near real-time with industry leading accuracy, ShiftLeft empowers developers and appsec team to find and fix the most serious vulnerabilities faster. Using its patented graph analysis that combines code attributes and analyzes actual attack paths based on real application architecture, ShiftLeft’s platform scans for attack context and pathways typical of modern applications, across APIs, OSS, internal microservices and first-party business logic code, and then provides detailed guidance on risk remediation within existing development workflows and tooling. ShiftLeft CORE, a unified code security platform, combines the company’s flagship NextGen Static Analysis (NG SAST), Intelligent Software Composition Analysis (SCA), and contextual security training through ShiftLeft Educate to provide developers and application security teams the fastest, most accurate, most relevant, and easiest to use automated application security and code analysis platform.

Backed by Bain Capital Ventures, Mayfield, Thomvest Ventures, and SineWave Ventures, ShiftLeft is based in Santa Clara, CA. To learn how ShiftLeft keeps AppSec in sync with the rapid pace of DevOps, see https://www.shiftleft.io/.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

PR:
Corinna Krueger
ShiftLeft
ckrueger@shiftleft.io

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Viz.ai Expands into Neurodegenerative Disease with Cortechs.ai Collaboration9.7.2026 16:00:00 EEST | Press release

Viz.ai, the leader in AI-powered disease detection and intelligent care coordination, today announced a collaboration with Cortechs.ai, a global leader in neuroimaging and quantitative analysis solutions, to integrate Cortechs.ai's NeuroQuant and NeuroQuant MS suite into the Viz.ai platform, expanding access to quantitative neuroimaging for hospitals and health systems across the U.S. This partnership marks Viz.ai's expansion into neurodegenerative disease, growing Viz Neuro Suite beyond its already market-leading neuro offerings. The collaboration will begin with a focus on multiple sclerosis (MS), integrating quantitative MRI analysis from NeuroQuant MS directly into Viz.ai's care coordination workflow, giving clinicians both the quantitative precision and the coordination infrastructure needed to identify and manage MS patients at scale. “Viz.ai's core mission has always been to increase access to life-saving treatments. It’s about getting the right information to the right care tea

Orca Security Report: 99.9% of Fixable AI Vulnerabilities Remain Unpatched as AI Moves Into Production9.7.2026 16:00:00 EEST | Press release

Orca Security, a leader in cloud and AI security, today released its 2026 State of AI Security Report, offering a first-hand view into how AI is being deployed across more than 1,200 production cloud environments. The findings show AI is no longer limited to isolated pilots or developer experiments. Organizations are embedding AI into production applications, cloud services, and autonomous workflows faster than security programs can adapt. More than half (56%) of organizations have already deployed AI agents into production, while 51% use AI to build custom applications. At the same time, Orca found that 81% of organizations run vulnerable AI packages, and 99.9% of fixable AI vulnerabilities remain unpatched, highlighting how quickly AI has become operational infrastructure without corresponding security maturity. The report also reveals that AI environments are rapidly becoming more interconnected and business critical. Among organizations adopting AI, 64% now run vector databases, 55

Echodyne Opens New Manufacturing Facility to Meet Surging Global Demand for Advanced MESA® Radar9.7.2026 16:00:00 EEST | Press release

As governments around the world accelerate investment in counter-unmanned aircraft systems (C-UAS) and short-range air defense, Echodyne today announced the opening of a new advanced radar manufacturing facility in Washington State, significantly expanding its manufacturing capacity to meet rapidly growing demand from U.S. and allied customers. With millions of drones manufactured and used by both sides in the Russian War in Ukraine, the need for enhanced safety for defense, national security, and critical infrastructure assets grows with every successful strike and interception. The low cost and high utility of drones dramatically alters the need for safety and security sensors. And as the low altitude economy takes off, hundreds of thousands of drones will perform a range of life-saving and commercial missions, requiring a sensor infrastructure to monitor airspace activity. The new 86,350-square-foot facility is a major step in readying supply for multiple, large, global markets. The

SCP Standard Capital Partners AG: Fabian Becker Appointed Chairman of the Management Board and CEO9.7.2026 15:51:00 EEST | Press release

The Supervisory Board of SCP Standard Capital Partners AG (WKN: A12UPJ | ISIN: DE000A12UPJ7 | XETRA ticker: CAP) resolved today to appoint Mr. Fabian Becker as Chairman of the Management Board and Chief Executive Officer (CEO), effective as of 9 July 2026. Ms. Stephanie Schettler-Köhler will remain a member of the Management Board and will assume the role of Chief Operating Officer (COO). View source version on businesswire.com: https://www.businesswire.com/news/home/20260709982268/en/

Teva and Polpharma Biologics Announce Global Licensing Agreement for a Biosimilar Candidate to Ocrevus ® (ocrelizumab) for Multiple Sclerosis9.7.2026 15:45:00 EEST | Press release

Teva Pharmaceuticals International GmbH, a subsidiary of Teva Pharmaceutical Industries Ltd (NYSE: and TASE: TEVA) and Polpharma Biologics International AG today announced a global licensing agreement granting Teva exclusive rights to commercialize both formulations of Polpharma Biologics’ proposed biosimilar to Ocrevus®1 (ocrelizumab), upon regulatory approval. This strategic agreement is expected to combine Polpharma Biologics’ proven biosimilar development expertise with Teva’s commercial footprint and capabilities. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260709701277/en/ “This agreement reflects our focus on pushing high-quality biologics to the finish line efficiently and at scale,” said Anjan Selz, Chief Executive Officer of Polpharma Biologics International AG. “Teva brings reach, discipline and real commercial strength to our strategic collaboration. Combining its global footprint with our technical and develo

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye