Why learning how to code is essential for cybersecurity professional

In the world of cybersecurity, the foundation of your capabilities lies in the tools you utilize, and these tools are written in code. To appreciate this fact, we need to understand what tools are and why it's valuable to have the ability to build them.

Tools, basically, are your ticket to bending the world around you, both in the physical and digital realms. Combine them with intent, and you've got the power to make things happen and bring about change. In this context, the sophistication of your tools directly correlates with the leverage you hold to enact the changes you desire.

Archimedes once said, "Give me a lever long enough and a place to stand, and I'll move the Earth." In the cyber world, this principle stands strong – getting stuff done in the cyber game depends on the tools you've got in your toolkit and how well you can use them. Whether you're an individual practitioner or part of a team. To enhance your overall effectiveness, it is crucial to maintain a balance in both aspects

In the current landscape of cybersecurity professionals, we can categorize them into three groups: black box users, operators, and developers.

Black Box Users:

This group typically has basic knowledge of one or a few specific software systems. They can operate these tools but often only in situations for which they have been trained. While they might hold certifications, they struggle to independently solve problems without the guidance of more experienced mentors. For this group, knowing how to code may not be essential, as they are yet to master common tools like Wireshark, Metasploit, or Burp Suite. At this stage, it's more beneficial to concentrate on foundational principles, such as understanding computer networking, operating system architecture, and technical problem-solving.

Operators:

these individuals are experienced in using various software tools and can creatively combine them in real-world scenarios. They are often the backbone of IT and security teams, and are usually the workhorses that are getting the job done. but for those with out the ability to code the downside is that when you are in a situation with out an immediately apparent tool available, there is not much you can do about it, taking the time to learn programming can really amplify your ability at this stage since it lets you automate many of the tasks that you once performed manually

Developers:

Tool developers are actively involved in operations and possess a deep understanding of the tools they use. Their coding skills allow them to modify existing software and create custom solutions for specialized problems. It's worth noting that the ability to code opens up a world of possibilities; there is a funny addage I recently came across "everything is open source if you can code in assembly" now this dosent means you shoud dive head first in assemble code but you get the idea. developer-operators often become some of the most proficient cybersecurity practitioners and are very hard to come by

In terms of overall ability, you'll find that people who can chain tools together or write custom-built code have increasing levels of expertise that are orders of magnitude higher.

Now, it's important to draw a line between scripting and software development, since many people will use the words "programming" or "coding" interchangeably to describe both of them. Scripting normally refers to writing short snippets of code in an interpreted language to automate tasks or glue the functionality of other tools together. Software development, on the other hand, is a broader term that covers scripting but also involves writing algorithms or libraries as part of a larger, more complex toolchain. People often consider Python or Bash as scripting languages and compiled languages such as C++ or Rust to be more geared towards software development. However, generally, it depends on the complexity of the tool and your intent; whether you want something quick and dirty or something more robust and enduring.

On the operator-developer axis you see more scripts on the operator side and compiled languages on the developer side, though individuals can hop between these roles but its a decent rule of thumb

In my opinion, for aspiring cybersecurity professionals, mastering programming and development is essential. Personally, I'm taking the route of getting familiar with coding through simpler languages like Python and JavaScript (the former having an incredibly easy syntax to wrap your head around and the latter as it is the foundation of the current web ecosystem) before diving deep into Rust.

I've chosen Rust over C++ as a compiled language of choice for one reason: Rust is a memory-safe language that compels the developer to write more comprehensive and robust code. How exactly it does that and why that is important is a topic that I will discuss in the next post.