Predominantly automation/script writing. If your team are involved in building their own tools then it may be more complicated but Python is a relatively user friendly language to learn. If you have a basic understanding of programming concepts like assigning variables and conditionals (if statements, while loops etc...) then I'd think of a tool you could build that could be useful (my go to would always be parsing a log of some kind to csv), research the python libraries you will need to achieve this and then just have a go. Log parsers have usually been done a million times over so you can take a look at other people's work on GitHub and see if you can understand what they've done to get the desired results I hadn't ever programmed in my life before getting into digital forensics and managed to teach myself from online courses, YouTube & books. Started with python but now also use regularly use php, c#, powershell, bash plus various web frameworks such as Django (python) & Laravel (PHP). All self taught, trial and error, screen punchingly frustrating self learning! In addition to this, I have close to zero maths skills. Like, I often fail to help my 10yo son with his homework bad. You got this. If you have the time, this is a DFIR Python study group ran by Alexis Brignoni: https://youtube.com/playlist?list=PLz61osc7c3OqQ_xBZJbzZdIkVd8HnxLmC Starts with the very basics but moves into building tools related to DFIR for parsing data. Very helpful. Good luck. More on reddit.com

with automating APIs You automate things using APIs. I automate compliance processes using Python. Think assets, alerts, etc.. More on reddit.com

Short answer: yes Long answer: it is interesting to know at least 1 programming language. It is useful to automate boring tasks (bruteforcing is one example), Understand how the code is evaluated (why does adding a `X OR 1=1` in the input field of a login page of a web-app w/ a SQL DB changes the behavior of the code - SQL injection) Get the logic behind what it takes to build a (web/mobile/...) application. The main point IMO is to learn at least one language, while Python is the greatest language ever been made and is blessed by multiple gods you can still (if you have bad tastes) start with other (lesser) languages. I won't get into the whole my language is better than your's debate bc it would be childish but Ruby, Javascript, C++ or any other languages is a great start too :) Hope it helps :) More on reddit.com

In practice, this isn't nearly as big of a problem as it might initially seem. At least not in my opinion. pip isn't insecure, it's just a tool that accesses PyPI (Python Package Index) and downloads stuff from there. You can tell pip to use an alternative package repository - at a previous job all packages were installed from a company controlled mirror built with Artifactory. PyPI has some malicious packages, yes, but the problem is shared with NPM, crates.io (Cargo), and many others. And while spelling errors causing malicious packages taking over sounds scary, we need to remember that project dependencies don't change often. As long as you write the name right the first time, it's not going to suddenly change on its own. The only attack vector that may actually hurt a careful developer is if someone manages to hijack an existing package and pushes a change that makes it malicious, but these are rare occurrences as it requires the bad actor to gain access to the package owner's PyPI account. Most package maintainers (including myself) use password managers with long passwords for this reason. And the way you guard against this is by not using the bleeding edge unless necessary (but since the risks are small in the first place I wouldn't worry unless you were handling state secrets). TL;DR, don't worry too much. If you want to, you can always host your own Artifactory instance. More on reddit.com