Beating the OWASP Benchmark

Beating the OWASP Benchmark

Tl;dr; Today, we present the results of evaluating ShiftLeft’s static analysis pipeline on the OWASP benchmark, where we achieve a true positive rate of 100% at 25% false positives. With a resulting Youden Index of 75%, this makes our analysis the best in class, beating the commercial average by 45%, ... Read More
Beating the OWASP benchmark

Beating the OWASP benchmark

Tl;dr; Today, we present the results of evaluating ShiftLeft’s static analysis pipeline on the OWASP benchmark, where we achieve a true positive rate of 100% at 25% false positives. With a resulting Youden Index of 75%, this makes our analysis the best in class, beating the commercial average by 45%, ... Read More
Save Joern — Open Source at ShiftLeft

Save Joern — Open Source at ShiftLeft

TL;DR; We want the technology developed at ShiftLeft to benefit open security projects and the security research community as much as possible. Therefore, we are planning to open-source our semantic code property graph and its query language in the coming months, and integrate the open-source C/C++ code analyzer “Joern” (http://mlsec.org/joern/) ... Read More