Code auditors and vulnerability researchers practice their art largely using grep, because code analysis tools are too inflexible and dated.
ShiftLeft’s Ocular enables the detailed, complex mining of ShiftLeft’s Code Property Graph (CPG). The CPG includes syntax trees, control flow graphs, call graphs, data dependencies, and directory structures, to name a few, and an easy to use query language.
Ocular, and its predecessor, Joern, have been used by several organizations to find zero-day vulnerabilities in large complex code bases, such as the Linux kernel.
|Free Trial||Full Version|
|Data flow engine|
|Security Profile Queries|