Top
Home / Featured
Featured, Meet The Talent

Meet the talent: Bleon Proko, Cloud Security Researcher

By

Place of residence: As of September of 2023, in Massachusetts, USA. Originally from Albania

Position: Currently working as a Cloud Security Researcher at Permiso, where, together with the rest of the P0 Team, we try to find new attacks on different Cloud Providers and ways to prevent/detect them. Previously worked as a Red and Blue Teamer for different companies.

Please describe a day in your life

I cannot specifically talk about a day in my life, as different days hold different challenges that need to be solved. If I had to simplify my day, it would consist of connecting to a lab and playing around with different services. But as I said, it’s more than that. I need to test old techniques and find new ways to achieve the same result. Moreover, have to play around with security measures to find the best way to bypass them. I have to find what features a provider provides and use them for my benefit. Most of the best research our team has seen has been abusing features from Cloud Providers.

The rest of the day, at least the workday, is filled with reading books and articles, courses and training, and blog and tool writing. I like to share what I know with others, so I try to present at as many conferences as I can or write blogs and tools.

How many projects are you currently working on? Please describe them:

Several blogs and articles cannot be shared because they have not been finished yet. Other projects I have shared online are Nebula, my first official tool released. I have been maintaining it for more than three years now, and it is available as a free and open-source project. So far, it has 63 modules, not to mention other features it offers, with many more modules on the way.

I am working on releasing a couple more blogs and tools with new research done by me. One project I have been working on for a while is a book I am writing on attacking and defending DigitalOcean-based Infrastructures, concepts of which I have also added to Nebula.

In your opinion, who is the most influential person/company in the world of technology these days?

I cannot name one. There are many who provide knowledge, and in most cases, it is free. I have noticed that most of the time, people who are not known to the general public are the ones who influence a field the most. It might sound like the case of telling the joke louder than the next guy, but it happens. So, I would say the most influential people in cybersecurity, at least, are the ones that you have never heard about.

If you could choose one application/product/project that you would like to be involved in at the moment, what would it be?

I have been recently intrigued by AI and LLMs and the insecurities behind them. Although I have never been good at phishing, I would like to get involved in LLM Phishing, as I think this might be the next insecurity we need to look into.

What are the three most important lessons you have learned in your career?

– If it’s easy for you, it’s easy for an attacker. Always remember a feature to you is a feature to somebody else that gains your access. Always be wary of what you allow yourself and others on a system.

– A basic tool that took you one day to write can be a valuable asset to somebody, so always release it if you can.

– Mitochondria is the powerhouse of cells

How do you see technology, especially cybersecurity, evolving in the next ten years?

There was no point in technology when it could be seen as a non-evolving field. Even during the Dark Ages in Medieval Times, technology always found a way to evolve and help humanity.

The way I see the evolution of technology is in its impact on normal non-technical people and technical people. And I’m not talking only about IT Technical people. I mean every expert in every field.

As I said, technology has always made itself useful to people because it is an effect of our attempts to make something better than it was. People will gain from this. An expert with good tools is better, while a newbie with good tools can finish a job better.

Cybersecurity will get harsher. With new technologies being created, the Attack Surface is widening, and many people are needed to keep it in check. It’s hard to monitor a perimeter that is constantly increasing. :p. I see that many more people are needed in our field to help secure systems and infrastructures from attackers.

What is the most challenging thing you had to deal with during your career?

Imposter Syndrome. The idea of being worse than you actually are because you see somebody better than you. Until you realise that even that person feels like crap when they see somebody better, and it affects your mental health.

Meet the talent: Bleon Proko
Meet the talent: Bleon Proko

What is your greatest achievement up until today?

I would say that, even though presenting at many conferences this year was tiring, I have had the chance to visit beautiful places, meet smart people in the field, learn a lot from them, and give to the community. I hope to be able to do this in the years to come, too.

What is your next goal?

I want to finish the research I have started and start new ones. I have so many ideas that I want to put into practice, and with time, they will all be released for everybody to gain from.

What tips do you have for people wanting to start in the tech world?

Imposter Syndrome never goes away. And it makes sense, as you will always be worse than somebody else. But, if you are happy with your progress, take pride in what you have done. If you are unhappy, take some time off, clear your mind, and continue. Your mental health is more important than any goal you want to achieve.

If you could say something to your younger self, what would it be?

Buy Bitcoin.

Which famous person would you like to have dinner with and why?

It might seem silly, but Scanderbeg, or as his real name was, Gjergj Kastrioti, is a strategic hacker. I like his mindset, which is what a Red Teamer or Ethical Hacker needs to breach a vulnerability. I have always been fascinated with war strategies, and I don’t think I am the only one, as the whole cybersecurity field and jargon are based on military vocabulary.

Where would you like to travel next?

I have a soft spot for Europe, but I think I will mostly visit the USA. This year, I have been around New England, NYC, Washington DC, Arlington, VA, and Vegas. I want to visit LA, San Francisco, and Miami next, especially during the summer.

Meet the talent: Bleon Proko
Meet the talent: Bleon Proko

Do you have a person who influences or motivates you?

I cannot say I have one, but as I said before, in today’s age, where even academic research is put behind paywalls, I thank anybody who goes the extra mile to release free public research and tools.

What did you dream of creating/inventing/doing as a child?

As a kid, I watched an Animated TV Series called Cubix about a robot made out of several cube parts that could be rearranged, and I always wanted to build one. It took me a while to realise that that was the basis of Nanotech, and like me, many had tried and failed, which shattered my dream :p. But yeah, being able to build a machine that thinks for itself and can do things humans cannot is a dream many people have.

Last thing regarding which you told yourself, “how come no one has ever thought of it”?

Many research that others and I have done. There have been cases when I have thought, “How come I did not think about it myself?”. Some features in Nebula are built with “how come no one has ever thought of it” techniques. Blogs I have released, too. And most of them are stuff we do all the time. Just one person decided to put more work into it.

Tags: ,
0

Kristi Shehu is a Cyber Security Engineer (Application Security) and Cyber Journalist based in Albania. She lives and breathes technology, specializing in crafting content on cyber news and the latest security trends, all through the eyes of a cyber professional. Kristi is passionate about sharing her thoughts and opinions on the exciting world of cyber security, from breakthrough emerging technologies to dynamic startups across the globe.

RELATED POSTS

Featured, Tech

World Children's Day, celebrated on November 20th, recognises the rights, needs, and dreams of children around the world. It's a day to advocate for young people's well-being, development, and education and ensure a brighter future for them. Technology has opened

Featured, Tech

Anyone looking for a new smartphone should take advantage of Black Friday. While it is true that all brands offer daily promotions on their devices, the great thing about Black Friday 2024 is being able to choose the best smartphone

Featured, Science

Could you tell us about the inspiration behind LifeShip? What initially sparked the idea to send DNA to space? LifeShip was inspired by a desire to preserve Earth while expanding life and humanity into space. The idea came to me in

4i magazine was founded with the vision of enabling our readers to make sense of the modern world. Our mission is to provide our audience with the most important, cutting-edge tech news and insights. Today's media landscape features too much information and not enough knowledge. Our coverage aims to fix that, by focusing the spotlight on developing trends, up-and-coming talents, and news that's worth your attention.

info@4imag.com
jobs@4imag.com

© Copyright 4i Mag 2022 All Rights Reserved