My seed is a desire for technological inquiry.

Ryo Shota

Career entry IT Engineer (Cybersecurity) Network Company
Security Research Center

Ling, a member of the Security Research Center, is driven by his passion for technological inquiry, gathering the latest technological information from around the world and giving it back to society. He supports the industry, including nurturing the next generation, so that the world of security becomes something to aspire to.

Q1: What is your current job and what is rewarding about it?

Viewing systems with a hacker's mindset

I initially joined the company as an engineer specializing in encryption products, and from there I expanded my scope to include technical support and consulting in the cybersecurity field.

In 2019, I was seconded to a company based in Singapore, where I was involved in launching a new security service. After returning to Japan, I was responsible for developing the infrastructure for security services while also working on research into attack methods against AI and LLM ^*.

Currently, we are developing and releasing applications that intentionally have vulnerabilities, and operating a demo environment to concretely verify "what kind of risks arise from what kind of development methods." One of our goals is to reproduce real-world threats, such as cases where information leaks occur when AI agents handle emails and files.

When I'm working, I make it a point to look at things from an attacker's perspective. By reviewing a system with a hacker's mindset—considering "how would an attacker act?" and "where could I exploit to break through?"—I sometimes discover unexpected weaknesses.

Furthermore, it is essential to continuously gather information on vulnerabilities and new technologies from around the world. We are also working on creating systems for continuous learning, such as developing our own tools to automatically summarize news.

My motivation is pure technical curiosity. I want to know "how does it work?" and "if this mechanism exists, wouldn't it be possible to attack it this way?" I formulate hypotheses and then test them. Macnica provides an environment where I can repeatedly do this and satisfy my curiosity, and being able to give back to society is what makes my work rewarding.

*LLM: Large Language Model. An AI technology that learns from vast amounts of text data and can understand and generate natural-sounding sentences like a human.

Q2: Why did you choose Macnica?

A comfortable environment with a high degree of autonomy.

At the time, Macnica was looking for people who could speak English, so I joined Macnica as a temporary employee in 2004 and became a full-time employee in 2005.

When I started working at Macnica as a temporary employee, I realized that it was a company with a much higher degree of freedom than I had experienced in my previous workplaces. Although my days were very busy, I felt very comfortable in an environment where I could proceed with my work at my own discretion, as my opinions were sought regardless of my position, and there was plenty of room to try new things.

Although I was initially assigned to Macnica as a temporary employee, Macnica employees highly valued me, and I felt that it was an environment where I could maximize my abilities. Therefore, after discussing it with my staffing agency, I decided to take on the selection process and was accepted into the company.
During my year working as a temporary employee, I strongly felt that "I could grow more here" and "I could take on more challenges," so I think changing jobs was a natural progression.

Daily Schedule

9:00

Check email and news

I'll review vulnerability information and security news from both domestic and international sources, and organize today's tasks.
10:00

Research team regular meeting

Sharing the latest vulnerability investigation progress
11:00

the study

Perform new vulnerability testing and Proof of Concept (PoC⁾ in a virtual environment.
Analyze the behavior of the Proof of Concept (PoC) (attack code) and confirm its reproducibility.

*Proof of Concept: A process of prototyping and demonstrating, on a small scale, whether a new technology, theory, or idea is feasible and effective, in the early stages before full-scale development.
12:00

Lunch

While having lunch, I exchanged information with my colleagues about topics related to the security industry and overseas conferences.

13:00

System development

Implement new features into existing systems according to the roadmap.
15:00

AI attack research and tool development

I developed my own LLM attack tool.
Refine the code.
18:00

Community activities

Participation in external communities such as study groups.
19:00

End of Business

Q3: An episode that made you grow

We generate results through both "technology" and "communication."

During a training session at Black Hat, one of the world's largest security conferences, I had the opportunity to learn about penetration testing ^* and intrusion techniques.

After returning to Japan, I shared the content of my training with my colleagues and conveyed my strong interest in the knowledge I gained and the "principles of hacking." This caught the attention of the then-head of technology, and I was selected to become a member of the newly established Security Research Center.

Since the research center started from scratch, we first focused on building a foundation for disseminating information. Through steadily building things up, such as launching a blog, giving presentations at exhibitions, and developing demo tools, we gradually began to let the public know about Macnica 's technological capabilities.

A major turning point came around the time of a large-scale incident at a certain organization. Our continued reporting on targeted attacks and malware analysis attracted attention, and we saw a sudden increase in interview requests and inquiries.

Furthermore, the demo malware "Shinobot" that I created during that period was highly praised at an overseas event, and I became the first Japanese person to have my tools selected for display at "Black Hat." This increased my visibility both domestically and internationally, which also contributed to the increase in inquiries.

Both the Security Research Center and I personally felt a great sense of growth.

*Penetration testing: A testing method in which white-hat hackers simulate actual cyberattacks and attempt to infiltrate systems and networks to evaluate the effectiveness of security.

MY VISIONFuture goals and aspirations

Currently, in addition to technological research and development, we are focusing on initiatives that enable young people to enter the world of security with the right knowledge and ethical values. As part of this effort, we conduct lectures and manage a training program called "Security Camp" for those under 22 years old. We believe it is important to create an environment where young people can be exposed to the "ideal hacker" from an early age.

Another area I'm focusing on is talent development for working professionals. I want to pass on the experience I've cultivated in both technology and communication to the next generation and create an environment where they can aspire to work in the world of security.
My greatest mission is to create a foundation that allows future engineers to grow healthily and continue to take on challenges.

Message

The world of technology, not just cybersecurity, is changing at a dizzying pace. You can't keep up with the changes by simply waiting for instructions from above. It's important to go to the scene, see the situation with your own eyes, and think about what needs to be done while feeling the atmosphere there.

Macnica offers an environment where you can think for yourself and take on challenges, and you can be involved in a wide range of activities from research and development to global expansion. Also, regardless of your role or seniority, if you raise your hand for something you want to do, you'll have the opportunity to be entrusted with it, and there are many colleagues who will support your challenges.

If you're someone who embraces change positively and wants to expand your own potential, we'd love for you to join our team.