SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC673: Advanced Information Security Automation with Python
SEC673Cyber Defense
- 6 Days (Instructor-Led)
- 36 Hours (Self-Paced)
Course created by:
Mark Baggett
Course created by:Mark Baggett
- 36 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- Advanced Skill Level
Course material is geared for cyber security professionals with hands-on experience
- 27 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Dive into advanced Python coding techniques from top open-source security tools and empower yourself to build secure, scalable solutions across a wide range of high-demand fields.
Featured Quote
The content [in SEC673] is really good! I like the emphasis on optimization and efficiency in the way we are learning Python. It takes the course to another level.
Course Overview
SEC673 is designed for those who want to use Python for cybersecurity. It teaches advanced skills to build scalable, efficient, and maintainable cybersecurity tools. Students will explore programming techniques used in top open-source security projects, covering topics like multi-threading, logging, unit testing, decorators, and object-oriented coding. Through hands-on labs and the pyWars server, students will refine their skills by solving real-world challenges while learning best practices for secure and optimized Python development.
What You’ll Learn
- Design PIP-installable security packages
- Create custom objects for security applications
- Implement multi-threading for enhanced performance
- Develop comprehensive logging and testing systems
- Build automated CLI security tool interfaces
- Deploy efficient error handling mechanisms
Business Takeaways
- Improve efficiency by producing faster, more maintainable code
- Optimize performance with multi-threading and better data structure
- Strengthen security practices with secure coding
- Automate workflows and reduce manual work
- Align with top industry best practices
- Improve software reliability with enhanced logging and error handling
- Develop in-house expertise, boosting retention and innovation
Meet Your Author
Mark Baggett
FellowMark Baggett has revolutionized cybersecurity through his leadership at SANS. His development of tools like Freq Server has strengthened threat detection, while his work in automation has empowered professionals to defend against evolving threats.
Read more about Mark BaggettCourse Syllabus
Explore the course syllabus below to view the full range of topics covered in SEC673: Advanced Information Security Automation with Python.
Section 1Python Package Essentials
Dive into advanced Python development practices through hands-on experience with pyWars. Learn professional package development techniques, from creating deployable packages to managing complex import structures and implementing comprehensive unit testing.
Topics covered
- Virtual Environment
- Using an IDE
- Unit Testing
- Building Packages
Labs
- Build a complete PIP-installable security package
- Implement unit tests for security functions
- Configure virtual environments for development
- Resolve complex import dependencies
Section 2Python Objects
Develop the Security Professionals Friend 100 (SPF100) project while learning advanced object-oriented programming concepts. Create specialized data structures for cybersecurity applications and learn to extend built-in Python objects for security-specific functionality.
Topics covered
- Argument Packing
- Objects
- Inheritance Super
- Inheriting and Extending Built-in Objects
Labs
- Create custom security data structures
- Extend built-in Python objects
- Implement inheritance in security tools
- Build flexible argument handling systems
Section 3Python Objects (continued)
Enhance SPF100 with advanced object manipulation techniques. Learn secure attribute handling, custom object behaviors, and advanced error management while implementing network packet processing capabilities.
Topics covered
- Attribute Access
- Executable Attributes
- Name Mangling
- Attribute Privacy
Labs
- Develop secure attribute access controls
- Implement custom object iterators
- Create network packet processors
- Build advanced exception handlers
Section 4Advanced Concepts
Address real-world cybersecurity challenges through practical programming solutions. Learn critical skills in timestamp processing, concurrent operations, and secure serialization while implementing industry-standard security tool features.
Topics covered
- Dataclasses and NamedTuples
- Timestamps and Time Zones
- Concurrency
Labs
- Build multi-threaded security scanners
- Implement secure serialization systems
- Create timezone-aware security tools
- Develop context managers for security apps
Section 5Advanced Concepts (continued)
Learn advanced automation techniques for security tools while focusing on proper logging and security vulnerability prevention. Implement powerful code modifications using decorators and explore Python-specific security concerns.
Topics covered
- CLI Tool Automation
- Logging
- Decorators
- Python Attacks
Labs
- Automate interactive security tools
- Implement comprehensive logging systems
- Create security-focused decorators
- Identify and prevent Python vulnerabilities
Section 6Capture-the-Flag Challenge
Apply advanced Python security programming skills in a series of real-world challenges. Demonstrate proficiency in custom object development, decorator implementation, and other advanced concepts through hands-on security scenarios.
Labs
- Exploit vulnerable systems
- Develop custom security objects
- Create specialized security decorators
- Build comprehensive security tools
Things You Need To Know
Relevant Job Roles
Data Analysis (OPM 422)
NICE: Implementation and OperationResponsible for analyzing data from multiple disparate sources to provide cybersecurity and privacy insight. Designs and implements custom algorithms, workflow processes, and layouts for complex, enterprise-scale data sets used for modeling, data mining, and research purposes.
Explore learning pathTechnology Research and Development (OPM 661)
NICE: Design and DevelopmentResponsible for conducting software and systems engineering and software systems research to develop new capabilities with fully integrated cybersecurity. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
Explore learning pathMalware Analyst
Digital Forensics and Incident ResponseMalware analysts face attackers’ capabilities head-on, ensuring the fastest and most effective response to and containment of a cyber-attack. You look deep inside malicious software to understand the nature of the threat – how it got in, what flaw it exploited, and what it has done, is trying to do, or has the potential to achieve.
Explore learning pathDigital Forensics Analyst
Digital Forensics and Incident ResponseThis expert applies digital forensic skills to a plethora of media that encompass an investigation. The practice of being a digital forensic examiner requires several skill sets, including evidence collection, computer, smartphone, cloud, and network forensics, and an investigative mindset. These experts analyze compromised systems or digital media involved in an investigation that can be used to determine what really happened. Digital media contain footprints that physical forensic data and the crime scene may not include.
Explore learning pathDigital Forensics (OPM 212)
NICE: Protection and DefenseResponsible for analyzing digital evidence from computer security incidents to derive useful information in support of system and network vulnerability mitigation.
Explore learning pathMilitary Operations / Law Enforcement Agents
Digital Forensics and Incident ResponseExecute digital forensic operations under demanding conditions, rapidly extracting critical intelligence from diverse devices. Leverage advanced threat hunting and malware analysis skills to neutralize sophisticated cyber adversaries.
Explore learning pathIntrusion Detection/SOC Analysts
Digital Forensics and Incident ResponseAnalyze network and endpoint data to swiftly detect threats, conduct forensic investigations, and proactively hunt adversaries across diverse platforms including cloud, mobile, and enterprise systems.
Explore learning pathBlue Teamer - All Around Defender
Cyber DefenseThis job, which may have varying titles depending on the organization, is often characterized by the breadth of tasks and knowledge required. The all-around defender and Blue Teamer is the person who may be a primary security contact for a small organization, and must deal with engineering and architecture, incident triage and response, security tool administration and more.
Explore learning pathSoftware Security Assessment (OPM 622)
NICE: Design and DevelopmentResponsible for analyzing the security of new or existing computer applications, software, or specialized utility programs and delivering actionable results.
Explore learning pathIntrusion Detection / (SOC) Analyst
Cyber DefenseSecurity Operations Center (SOC) analysts work alongside security engineers and SOC managers to implement prevention, detection, monitoring, and active response. Working closely with incident response teams, a SOC analyst will address security issues when detected, quickly and effectively. With an eye for detail and anomalies, these analysts see things most others miss.
Explore learning pathApplication Pen Tester
Offensive OperationsApplication penetration testers probe the security integrity of a company’s applications and defenses by evaluating the attack surface of all in-scope vulnerable web-based services, clientside applications, servers-side processes, and more. Mimicking a malicious attacker, app pen testers work to bypass security barriers in order to gain access to sensitive information or enter a company’s internal systems through techniques such as pivoting or lateral movement.
Explore learning pathDefensive Cybersecurity (OPM 511)
NICE: Protection and DefenseResponsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.
Explore learning pathCybersecurity Analyst / Engineer
Cyber DefenseAs this is one of the highest-paid jobs in the field, the skills required to master the responsibilities involved are advanced. You must be highly competent in threat detection, threat analysis, and threat protection. This is a vital role in preserving the security and integrity of an organization’s data.
Explore learning pathCourse Schedule & Pricing
Looking for Group Purchasing Options?Contact Us
OnDemand Bundle
When purchasing a live, instructor-led course, add 4 months of online access. View price in the info icons below.
SANS Skills Quest by NetWars Core Edition
Add 6 months of hands-on skills practice. Add to your cart when purchasing your course.
Filter by:
Location & instructorDate & TimeCourse priceEnrollment options
- Location & instructor
Virtual (OnDemand)
Instructed by Mark BaggettDate & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price$8,780 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Dallas, TX, US & Virtual (live)
Instructed by Mark BaggettDate & TimeFetching schedule..View event detailsCourse price$8,780 USD*Prices exclude applicable local taxes - Location & instructor
Orlando, FL, US & Virtual (live)
Date & TimeFetching schedule..View event detailsCourse price$8,780 USD*Prices exclude applicable local taxes
Showing 3 of 3
Learn Alongside Leading Cybersecurity Professionals From Around The World
- Slide 1 of 2[SEC673 is] exactly what I was looking for to increase my Python skills.
- Slide 2 of 2I will keep this course on my team's training roadmap, in addition to SEC573, for team members less acquainted with Python.
Slide 1 of 0
(1/0)
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources