IS CODING A REQUIREMENT FOR CYBER SECURITY
Were you ever under the impression that a cyber security practitioner must know how to code? It is a common misconception. Nevertheless, the notion is not entirely false as the fact of the matter is that certain cyber security job roles require coding or scripting while others do not. Giving a clearcut definition of which roles can cope without coding skills is not possible due to the varying requirements that each employer places on their employees. However, these lists should provide an idea of what to expect:
CODING NOT REQUIRED
Cyber Security Analyst
Incident Responder
Digital Forensics Examiner
IAM Consultant
GRC Manager
Cyber Security Lawyer
Cyber Security Business Manager
CODING REQUIRED
Cyber Security Engineer
Cyber Security Architect
Senior Penetration Tester
Exploit Developer
Network Security Engineer
Cloud Security Architect
Cryptographer
One very common role has been excluded from these lists due to its highly versatile nature. This role is that of a Cyber Security Consultant. Depending on the specific requirements of the employer, a Cyber Security Consultant may be required to have basic to advanced coding or scripting skills, or in some cases there may be no such requirements. As a general rule of thumb it could be stated that roles focusing on Development and Offensive Security / Red Teaming require coding skills whereas Security Operations, Management and Legal usually do not.
Why Coding Skills are not that important?
Even in situations where coding skills are beneficial, they often are not the primary skills for a particular role. As an example, an Incident Responder may need to understand how to read code in order to analyze a malware specimen. By understanding basic programming principles such as functions, loops, conditional statements and iterators, the Incident Responder will be able to get a better understanding of what kind of capabilities the malware has. In like manner, a Penetration Tester may need to know how to code in order to create custom tools for testing, but they also need to have knowledge of existing tools as well as different operating systems and applications.
To be clear though, coding and scripting skills are highly useful in nearly every area of cyber security. You are no longer constrained to what others have already made, but rather you have the power to create tools and automations that are tailormade to your specific need. Furthermore, being able to read and understand different coding languages can help you identify potential vulnerabilities in software and systems. To create the appropriate tool you will need to know which languages are most suitable for getting the job done.
What languages to learn?
Bash is a Unix shell or command line interface for interacting with an operating system. Its prime use is automating repetetive tasks on Unix and Linux operating systems. Additionally, it is a very handy language for writing various types of scripts. As a Cyber Security professional, Linux will likely be in your arsenal so it is to your advantage to learn at least the basics of Bash. Moreover, it is also the default shell for MacOS systems.
In many ways PowerShell is to Windows what Bash is to Unix. However, PowerShell is cross-platform and can be used on non-Windows operating systems. It is a scripting language and shell that is built on top of the .NET framework. It is mainly used for managing and automating tasks. PowerShell is also a powerful tool for incident response and threat hunting.
Python is a versatile general purpose scripting language that is used for a wide range of tasks in cyber security. Typical use cases include automating tasks, such as network scanning and penetration testing, as well as building custom tools and scripts. It also has a plethora of useful libraries and frameworks, some of which are specifically designed for cyber security purposes.
JavaScript is a popular scripting language that is widely used for web development, and therefore, is an important language for web application penetration testers. It can also be used for building custom tools and scripts. Vulnerabilities such as Cross-Site Scripting (XSS) are exploited using JavaScript.
C++ is a high-performance low level programming language that enables developers to build custom tools. It can also be used for exploit development due to its capability to interact with memory structures and other low level processes.
Go (Golang) is a modern programming language that has similarities to C and C++, and thus is often used for building high performance applications and tools. What makes it stand out is its strong focus on concurrency, making it suitable for building tools that can handle multiple tasks simultaneously.
Structured Query Language (SQL) is a programming language that is used to manage and interact with relational databases. It is usually refered to as a query language, as its name implies, and it is used for inserting, updating, retrieving, and deleting data stored within a database. In the context of cyber security, SQL is important because it is widely used to store and manage sensitive data such as financial information, personal information, and confidential business information, and therefore, has been the target of various attacks. In Security Operations it is common to use languages such as Kusto Query Language (KQL) or Splunk Search Processing Language (SPL) to interact with a Security Information and Event Management (SIEM) and Managed Detection & Response (MDR) solutions. These languages resemble SQL in structure and functionality. For this reason, SQL is a useful language to know.
Final Thoughts
It is vital for you to understand what your specific strengths are, and what is it that you intend to do within the cyber security field. As useful as it is to know coding, it is not something you should push yourself into, if it does not interest you. This is especially true, if your particular job role does not require coding skills. If you want to pursue coding, it is advisable to start with a language that is fairly simple to understand such as Python or JavaScript.
HUNGRY FOR MORE?
Cyber Security Misconceptions
Do you lack the educational background and coding skills required to land a job in the cyber security industry? Several misconceptions exist regarding what it takes to break in! Find out more why you could and should pursue a career in cyber security.
Malware Analysis with ChatGPT
CHATGPT POWERED MALWARE ANALYSISDuring late 2022 and early 2023, ChatGPT made headlines in the tech industry and everyone caught scent of the excitement! ChatGPT is a truly intriguing example of the capabilities of Artificial Intelligence, and how it can be used in...
Triage
What is Triage in the context of Cyber Security, and why is it a crucial step in Security Operations and Incident Response? Find out more!
Endpoint Isolation – The Ultimate Remediation Action
Learn about endpoint isolation and discover how it can stop malware from spreading and prevent data exfiltration. You will also learn about its limitations and consequences for business operations.
Do I need a college degree for Cyber Security?
Have you ever been told that you cannot get into the cyber security field without a college or university degree? If you have, you are not alone! Self-learning is a perfectly viable alternative!
IACIS Windows Forensic Examiner review
The International Association of Computer Investigative Specialists (IACIS) offers an affordable and comprehensive training solution to address the need for training in Windows Forensics.
Unable to Boot into Linux? Try this!
You have just installed a Linux distribution on your computer and now your system refuses to boot. The option you may have overlooked is Trusted Execution Technology.
How many times was a USB storage device connected to a computer?
To find the number of times a specific USB storage device was connected to a suspect computer, review the information available in Microsoft-Windows-Storsvc%4Diagnostic.evtx.
What does a Cyber Security Analyst do?
The role of a Cyber Security Analyst is one of great importance and responsibility. While the work can be highly rewarding, it also requires great deal of patience.
SANS SEC504 / GCIH – Best foundational cyber security certification!
SANS SEC504 is a six-day course that lays a solid foundation of the core principles of cyber security upon which you can build your cyber security career.