• danielpwilson

Passed MTA Python today!

Honestly I wasn’t ready to say “You’re a security professional” at the time. I still have issues saying “Splunk Architect” and my name. It’s a huge ego to say these things about yourself and with the experiences I’ve had with fakers I just don’t want to be one of them.

Almost a year ago under advisement from my manager at the time I interviewed around. Some formal, some informal. I had no intention of leaving StubHub! It’s a great place and I love it’s brand of chaos. But what my boss was asking me to do was to see how I stack against the industry, and not just the bubble I’ve lived in for the 5+ years.

How can I grow without knowing what I was up against?

The big take away was Python. Sure – I’ve written a few automation tasks in Python. Troubleshoot some internally developed tools and used Flask to build a few API’s to make my life easier. So when I went to the interviews and was asked if I knew Python, I would instead redirect the conversation to my Visual Basic and Shell experience but it didn’t hack it.

I am happy to announce today I passed my Microsoft Technology Associate in Python!

Sure I didn’t just get magic power for passing a multiple choice exams, but I can tell you last year I could not have passed this. It had tough spots and you can’t pass this without understanding of the concepts in there.

Why did I do this? I needed a check point, to know I was growing as a scripter and a security professional. Certifications and trophy culture in general in IT security really appeal to me.. and honestly the market demands it!

What materials did I use? - Microsoft Virtual Academy’s Python series which maps really well - Safaribooks MTA Python series, which was “meh” and I don’t recommend - SANS Automating Security with Python bootcamp - Automate the Boring Stuff with Python

Experience - I have been programming since I was a kid on my VIC20 - I have been using Python for simple tasks since 2014 - for 2 months I’ve been doing daily Python challenges from

Do I think this exam or even Python should be on the average Splunk Admin’s task list? - The short answer is no, I really don’t see most Splunk administrators needing Python skills.

Do I see Security folks needing these skills? - Yes! The SANS course was pretty eye opening to the proliferation of badly written Python programs and API and how they are exploited. Even as a Splunk ES admin you’re going to need these skills.

What’s your thoughts of the exam? - I am a bit of an apologist of the MTA series from Microsoft, they're milestones, they are not supposed to be hard, just quick check points in your growth. For $120 it is what it is and might give you the 1% advantage over another guy and interview, it’s certainly not something you can build a career on.

What do you recommend to another Splunk admin coming up on the Python roadblock? - Seriously read Automate the Boring Stuff and DO the labs. Reading isn't enough,the code needs to FLOW, the reality is there is a gap in Python education as it pertains to Splunk. Maybe a book idea? Python with Splunk in 30 days? Maybe I'll be an author!

What's next? - So my next step is to close some gaps on my CISSP and PenTesting basics and then start the OSCP with a friend early next year. If my company will pay for it I was also looking at the Splunk Developer certification. Thoughts?

In closing, the cert isn't something I'd recommend to everyone. But it's helped me close some gaps in becoming being a security professional.

#python #splunk #splunklife #splunktrust #splunkcertification #mcp

11 views0 comments

Recent Posts

See All

So I've been thinking today about how useful Splunk is on the "blue" side of the house. What about the Purple and Red side? What features would Splunk need to gain to add value to the other 2/3rds of

I had to do some casual counting of sourcetypes today. In the process I was trying to decide if I needed to dedup before going to stats. It seemed to me a dedup would, in theory, pass less data to sta