The SEC573 course, titled “Automating Information Security with Python,” offered by GIAC, provides security professionals with the skills needed to develop tools and automate tasks in the field of information security. The course covers a wide range of topics and includes hands-on labs, making it a comprehensive learning experience.
Key Points:
- Duration: 6 days (in-person) or available online
- CPEs: 36
- Target Audience: Security professionals, including penetration testers, forensics analysts, network defenders, security administrators, and incident responders
- Skill Development: Teaches Python programming from the basics, covering essential concepts of the language.
- Use Cases: Shows how Python can be used to automate log analysis, packet analysis, forensics, and more in the context of information security.
- GIAC Python Coder (GPYC): The course leads to a certification called GPYC, which validates a practitioner’s understanding of Python programming for information security.
Course Highlights:
- Helps security professionals adapt to evolving threats and technology.
- Teaches how to develop custom tools for information security.
- Emphasizes the importance of skilled tool builders in the field.
- Covers various Python applications in the context of security.
- Offers a broad syllabus, including workshops and hands-on challenges.
Certification:
- GIAC Python Coder (GPYC) certification demonstrates proficiency in Python programming for information security.
- Covers Python essentials, packet and data analysis, website and database interaction, regular expressions, and more.
- Ideal for those looking to validate their programming skills in the context of information security.
Prerequisites:
- Basic understanding of any programming or scripting language is recommended but not required.
- The course starts with the fundamentals of Python programming, making it accessible to beginners.
- The self-paced lab environment accommodates students with varying levels of coding experience.
In summary, SEC573 is a comprehensive course that equips security professionals with Python programming skills to automate tasks and develop custom tools for information security. It also leads to the GIAC Python Coder (GPYC) certification, which validates Python proficiency in the security field.
Difficulty: 4 out of 5.
completed this course in about 40 days, marking my first serious attempt at learning a programming language. My only prior experience was a basic introductory course on Python via boot.dev.
My critiques of the course include:
- The course does not adhere to PEP 8 standards, leading to confusion due to the use of abbreviated or single-letter variable names.
- The reliance on Python virtual environments was not to my liking. I have a strong preference for using an Integrated Development Environment (IDE) for a clearer understanding of the processes.
- While the labs were adequate, I felt their overall structure and environment could be significantly improved. Despite this being an $8500 course, I found the lab setup in my $50 course at boot.dev to be far superior.
On the positive side:
- The course content is highly relevant and practical for cybersecurity applications. Unlike many online courses that focus on web development, game creation, or backend data processing, this course delves into cybersecurity-specific topics like defenses, forensics, and offensive coding.
- It provided the dedicated time I needed to truly grasp Python, something I had been wanting to do but couldn't due to other commitments. I now feel confident in my understanding of Python.
- As someone who does not consider themselves a programmer, I now feel confident enough to embark on small projects, my code reading skills have improved dramatically, and I plan to continue enhancing my programming abilities.
The course's cost was covered by my GI Bill, so price was not a concern for me. However, I want to note that the learning curve is steep, and the course quickly introduces complex concepts. Despite the challenges, I found the course enjoyable and am relieved to have completed it.
Difficulty: 3 out of 5.
In 2023, it's difficult to explain exactly how poor of an investment the $9K that you will spend on SEC573/GPYC is. It's not that the instructor is ineffective, or that the content is poorly written, or that the exercises and labs are unhelpful, or that the course structure is misaligned.
In fact, the polar opposite of all of these things are true. SEC573/GPYC is, really, a fantastic course.
But the course material itself is exactly what it claims to be: Python 3, for Information Security. Nearly identical material is available in dozens of books, in YouTube videos, in Udemy courses, and in other formats that cost substantially less than $9000.
In fact, here is a Python script that you can run to determine exactly what percentage of the $9000 cost of SEC573/GPYC another training material is. If you need to learn how to run it, you don't need to take SEC573/GPYC to do so.
import argparse
def calculate_percentage(price):
return (price / 9000) * 100
if __name__ == "__main__":
parser = argparse.ArgumentParser(description="Calculate the percentage of $9000.")
parser.add_argument('--price', type=float, required=True, help="The price to calculate the percentage of $9000.")
args = parser.parse_args()
result = calculate_percentage(args.price)
print(f"{args.price} is {result}% of $9000. Do not take SEC573/GYPC. Do something better with your training budget.")
Difficulty: 3 out of 5.
My SANS mentor contacted me to help several people find additional resources to pass this exam. The content may teach you some Python, but it will not make you some wizard.
I don't even want to say anything more than that. The above should speak volumes. If you don't take my advice below, at least go do PCEP from the Python Institute.
Want my honest answer? Skip this course, save your money/benefits, and do this:
- CodeWithMosh's Python Course
- Find some Python projects to build a portfolio on GitHub.
