If you’re a security administrator and you’ve been thinking about brushing up on your skill set, or if you’re just looking to get started as a security administrator, you may be wondering how you can get started.  One of the basics for becoming a security administrator is having the ability to program at a basic level for investigations, to write shell scripts, and just handle basic tasks.  A new article from Tech Republic covers the top 5 programming languages for security administrators to learn, along with the reason for each.  The list also includes two honorable mentions for a total of seven programming languages for a security administrator to learn.  That number may sound daunting, but once you learn one computer language understanding another is a relatively easy task, the only thing to keep in mind of course is making sure you get the syntax right when writing code, which is something you can always look up as needed.

Tech Republic’s list has a lot of common sense choices for languages to learn and includes the ones most needed when looking at security of web applications, including the languages used in most web applications today.  The short list of five languages to learn includes “C”, “Python”, “Javascript”, “PHP, and “SQL”.  For the full reason behind the choice of these five, be sure to check out the full article at Tech Republic . 

 

---

K2 Cyber Security provides deterministic runtime application security that detects zero day attacks, along with well-known attacks.  K2 issues alerts based on severity and includes actionable alerts that provide complete visibility to the attacks and the vulnerabilities that the attacks are targeting including the location of the vulnerability within the application, providing details like file name and line of code where the vulnerability exists.

K2 can also help reduce vulnerabilities in production by assisting in pre-production testing and addressing issues around the lack of remediation guidance and the poor quality of security penetration testing results.  K2 Cyber Security Platform is a great addition for adding visibility into the threats discovered by penetration and security testing tools in pre-production and can also find additional vulnerabilities during testing that testing tools may have missed.  K2 can pinpoint the exact location of the discovered vulnerability in the code.  When a vulnerability is discovered (for example, SQL Injection, XSS or Remote Code Injection), K2 can disclose the exact file name along with the line of code that contains the vulnerability, details that testing tools typically are unable to provide, enabling developers to start the remediation process quickly.

Rather than rely on technologies like signatures, heuristics, fuzzy logic, machine learning or AI, K2 uses a deterministic approach to detect true zero-day attacks, without being limited to detecting attacks based on prior attack knowledge.  Deterministic security uses application execution validation, and verifies the API calls are functioning the way the code intended.  There is no use of any prior knowledge about an attack or the underlying vulnerability, which gives our approach the true ability to detect new zero-day attacks. Our technology has 8 patents granted/pending, and has minimal false alerts.

Get more out of your application security testing and change how you protect your applications, and check out K2’s application workload security solution.

Find out more about K2 today by requesting a demo, or get your free trial.

---