Answer the question
In order to leave comments, you need to log in
Choosing a language for development in IB from the admin?
Good time everyone.
I will briefly describe my background.
I am a sysad of Linux servers, I wrote for controllers, though not for long, about a year, automation and stuff like that. After a while, he began to look towards IS (ib). Looking at the development prospects from the admin, the direction of DevOps or IS comes to mind.
And now to the main questions - the choice of technology.
I note that I am not a coder, I use the language as a tool for solving a problem. I poked at the initial level in the form of writing parsers, scripts and bots in Golang and Python. I am attracted to both languages, I like both, but I need to start studying one of them more deeply, I can’t choose which one, knowledgeable people, describe the pros / cons, maybe someone has switched from one technology to another. It scares a little that they write about the limitations of Golang, again I can’t confirm this myself, while I managed to write everything I wanted, what are the prospects for Golang from the point of view of IS tests?
The second thing that interests me is further development from the admin, just give advice, maybe where to dig, although I'm interested in IS, because it's time to move on, what options are there and what are their pros / cons, again, the type of work where you need a larger number -in management is not particularly pulling, I'm more for those?
Thank you for your time.
Answer the question
In order to leave comments, you need to log in
In information security, if you are interested in programming, you can automate:
- response to incidents - automate the response of the protection system to an incident (pass IP for blocking, send hash for blocking), automate the deployment of protection tools and their settings - SOAR.
- interaction of SOC components - you need to be able to get an indicator of compromise, transfer it to SIEM, send requests to different systems based on the events found in order to collect data and enrich the incident itself with them
- audit automation - collection and processing of data: configs of network devices, servers, settings parameters and policies, further checking them with the configuration standard and generating a verdict (the requirement is met or there is a violation), with the issuance of a recommendation for correction
- access control automation - you requested access, and the program should go to the target system and issue access that was agreed, check along the way for inconsistent accesses and role intersections - IDM
- automation of access negotiation for a security guard
- etc.
I think you will post a vacancy and you will find a job in an instant.
Firstly, information security is more paperwork than programming. Secondly, if IB is supposed to be a kind of full-time hacker, then you should look towards C. Ideally, also with Assembler.
After virus epidemics that affected industrial enterprises, information security in industrial systems was popular several years ago. These are not so much scripting languages, but rather network and application protocols, vulnerabilities in them ... Kaspersky then just brought KICS to the market and began to actively advertise its OS for industry.
Look in this direction too. Maybe it will be interesting.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question