Suchakra Sharma is Staff Scientist at ShiftLeft Inc. where he builds code analysis tools and and hunts security bugs. He completed his Ph.D. in Computer Engineering from Polytechnique Montréal where he worked on eBPF technology and hardware-assisted tracing techniques for OS analysis. As part of his research, he also developed one of the first hardware-trace based virtual machine analysis techniques. He has delivered talks and trainings at venues such as RSA, USENIX LISA, SCALE, Papers We Love, Tracing Summit, etc. When not playing with computers, he hikes and writes poems.
Staff ScientistWhat is your company/affiliation(s)? –
ShiftLeft Inc.Website (full URL) – Twitter account (full URL) –
Bug hunting needs to scale in speed and accuracy as agile software development methods take over the world. While existing tools for static analysis code scanning are effective, the ability to customize security scanning to the context of applications is becoming increasingly important given the vast quantity and diversity in modern code. In this lab, we will demonstrate how we can use the open-source framework Joern (https://joern.io) to create a custom static code analyzer.