“Learn Python”. That’s the conclusion from the authors of a recent rundown of the world’s most popular programming languages.
Python is versatile. It’s easy to learn. Knowledge of Python is also frequently listed as a must-have requirement by employers. Here’s a look at the growing popularity of this general purpose programming language, along with its special relevance to cyber security professionals…
Python on top in 2021…
Spectrum, the magazine of the Institute of Electrical and Electronic Engineers (IEEE), has just released its annual interactive global rankings of the top programming languages.
These rankings are created by assessing 11 metrics from eight sources: CareerBuilder, GitHub, Google, Hacker News, the IEEE, Reddit, Stack Overflow, and Twitter. Metrics include languages that are growing rapidly, demand among employers, popularity on programming hubs, as well as usage rates in the fields of web development, enterprise, desktop and scientific applications, mobile apps, and device controllers.
As Stephen Cass of IEEE SPectrum put it: “You don’t have to become a dyed-in-the-wool Pythonista, but learning the language well enough to use one of the vast number of libraries written for it is probably worth your time”.
What do other surveys say?
Created and managed by TIOBE Software, the TIOBE Index measures the popularity of programming languages and is updated once a month. In its 20-year history, just two languages have ever topped the TIOBE rankings: C and Java. However, according to the September 2021 rankings, Python now only needs to bridge a gap of 0.16% to surpass C.
Benefits of Python for cyber professionals
If you are working in cyber for an organization, in many roles you will be expected to adopt, create and tweak software tools to automate time-consuming cyber tasks such as scanning, monitoring and low-level incident response. If (and when) the organization is hit by malicious activity, you’ll also be expected to interpret what’s happening.
For all of this, you’ll need a good grasp of coding concepts. And at the very least, it’s also going to help you a great deal if you can confidently produce a few lines of code as and when required. Even if an entry-level job doesn’t specify programming skills as a requirement, coding knowledge is going to be a big plus point in your favour.
So which language should you start with? Here’s why Python is worth serious consideration…
A short learning curve
Many people who move into cyber security have only a limited programming background. The beauty of Python is that it’s relatively easy to learn. It was deliberately designed with a straightforward structure, which means you can get useful stuff built with a minimum of code.
Larger cyber projects within organizations tend to be collaborative: for instance, multiple team members might be tasked with creating or configuring a bespoke malware scanning tool. Thanks to its short learning curve, all group members should be able to get up to speed with Python relatively swiftly. Teams can coalesce around it, which means projects can be implemented quicker. Python’s emphasis on clarity and natural syntax also makes debugging code far easier than many other languages. It means even low-level programmers can troubleshoot their own and others’ work.
Building on existing resources
Python has an extensive library of modules available (available in locations such as Pulsar, NAPALM and NetworkX). It means that if you need a solution to address a particular cyber challenge, it’s often possible to find a ready-made tool that you can adopt in its entirety or reconfigure to your needs.
Common uses for Python within the cyber sphere include the following:
- Port scanning. As an alternative to third party tools such as Nmap, Python can be used to create solutions to check the status of ports and to identify and exploit vulnerabilities.
- Malware analysis. There are many Python-based tools available (e.g. pyew, AnalyzePE and pescanner) that you can use for file analysis. If they are not an exact match for your needs, you can use existing Python libraries to modify the code to serve your purposes.
- Packet sniffing. As an alternative to tools like Wireshark, a simple Python script can enable you to detect and observe data flowing across your network.
- Data extraction. Using Python code, you can create custom tools for parsing data from locations such as social media platforms, websites and files to highlight and address security vulnerabilities.
- Advanced threat detection. Python is often the language of choice for creating the type of tool that can identify suspicious behavior patterns, predict attacks and notify administrators of a breach.
Learn Python here…
Suitable for complete programming novices, as well as more experienced coders seeking to get to grips with it, the StationX Complete Python for Hacking and Cyber Security Bundle contains everything you need to master Python. Explore more here.