How do cybersecurity professionals use programming in their everyday workday?
Following for answers.
Numerous ways. Use Python to authenticate through a SaaS backend like B2C or Cognito. Using react/Java/powershell to manage authorization, CDN updates, etc. I work as a principal engineer in the enterprise Cybersecurity team of a very large investment firm and I write code every day.
Automation = efficiency . Repeatable processes = consistency. The more you repeatable tasks and workflows that you can automate, the more efficient and accurate you can be.
At my job, we’re securing a massive cloud environment. An example of one of the programming tasks: we capture all of our public IP addresses and domains and then automate the creation of rules across our intelligence products to monitor for intrusions that went undetected with our runtime controls. We run these tasks multiple times a day to prune the list of assets and to ensure that we have accurate rules given the ephemeral nature of cloud.
Another example: we used GCP cloud functions and cloud storage so that anytime a malware artifact is dropped in our malware bucket, it is automatically processed through a number of sandboxes that we use and that we operate. When the reports are done, we process those to extract the indicators. We then have bots disseminate those reports via our ticketing system and via messaging.
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Username or Email Address