As programming languages go, Python popularity has increased dramatically amongst academics as an integral part of any cybersecurity learning curve. The best way to get a feel for the why behind this is to check in with the experts interacting with students and the workforce.
Experts Give Feedback on Python
I asked some dedicated cybersecurity professionals in the Wichita, KS area. As they have worked with cyber professionals, they have gathered intel on the reasons for the benefits of Python.
- Sergio A. Salinas Monroy, Assistant Professor, Department of Electrical Engineering and Computer Science, Wichita State University said, “Compared to other languages, Python has a smaller learning curve. It abstracts many low level functions and allows you to focus on developing your application, which for cybersecurity includes automating repetitive tasks (eg port scanning). It is also widely available as an open source tool. I would say it is useful – if anything to understand what other people’s Python scripts do and know enough to change them to your needs.”
- Chris Snyder, CISSP Director, Cyber Security & Forensics Research Group, Wichita State University shared, “I’m not an expert in python, as I’ve never written anything using it, but the general feedback I get from cyber tool developers is that it’s a good utilitarian language to learn to do simple tasks and scripts. Most high-level developers still utilize a language like C or Java as their primary language, and often pick up python as a secondary or tertiary language for scripting.”
- Dr. Tom Prunier, Leidos Technical Fellow, Director Cyber Security Defense, Chief Technology Office weighed in, saying, “Is python a good language for cybersecurity professionals to learn? The answer is not as simple as yes or no. It really comes down to the area in which cybersecurity is being applied. First let’s look at the key characteristics of Python, overall Python is known for its readability and large comprehensive library and is also commonly used in the malware community. Obviously if you work with, or plan to work with, malware, conduct penetration testing, or secure code analytics than it would be beneficial to have some level of understanding prior to entering the career field. There are several other areas within the cybersecurity domain that a working knowledge of Python would be beneficial but not necessarily required. In my opinion from a holistic standpoint it is not required to know any type of programming language, in the vast majority of my staff positions having a working knowledge of Python is not a requirement nor would it likely elevate the ability to get hired.”
- Colonel Andy Vanderziel, Commander, 184 Operations Group, Kansas Air National Guard said, “Python is known for its easy learning path and great flexibility. It is not fantastic at any one thing, but it’s good at a wide variety of things. It is a great starter language for cybersecurity professionals. Its versatility, long history, and wide adoption means you will find it in many tools and it can usually be used to customize or improve those tools. I recommend you spend time on any language before entering the cybersecurity field, because you are adding skills to your toolbox that you will need.
Most see Python as an invaluable tool for most areas of cybersecurity due to its relative simplicity, flexibility as a language, and vast utility especially on the testing and analytics side of the ball. There are many online, technical and academic classes available to learn Python depending on your resources and time constraints. It may not be a bad investment.