Does Your Security Team Need Coding Resources?
September 10, 2018

Jennifer Andre
Rapid7

When thinking about security automation, a common concern from security teams is that they don't have the coding capabilities needed to create, implement, and maintain it. Pulling development resources from the IT team or engineering department can take time. Backlogs are long, and revenue-generating projects enough take priority. There is always the option to hire an IT consultant, however this can be a costly endeavor and is not a sustainable long-term option.

As a result, security teams often try and find the sought-after "unicorn." This is a security professional who is not only an expert on all things information security, incident response, or threat intelligence, but also someone who can also write integrations and build automation between systems and products.

As I'm sure you can imagine, finding this rare type of person is a tall order – if not impossible. It can take up to a year to hire a security professional, and that doesn't include finding someone who also has a software development skill set.

So, what are teams to do when internal resources are tight and there isn't budget to hire an outside consultant or "unicorn?"

Start Implementing Your Security Automation Options

To start, begin leveraging a security orchestration and automation solution to handle many, if not all, of your routine tasks for you. This will accomplish three different things:

1. Ensure all your security tasks are taken care of in a timely and proactive way

2. Eliminate the need for coding skills on your team

3. Refocus your team's focus to more strategic, ROI-driven tasks

From there, when you need really customized integrations or complex workflows built, you can bring in coding expertise strategically. This can help optimize both your development and security resources.

Once the need for coding is solved, you can stop chasing the ephemeral unicorn hire. In addition, you will also be able to enhance what your current team is working on. For example, instead of having them spend most of their time on mundane tasks like reviewing alerts, investigating phishing attempts, and scoring IP addresses, they can put their talent to better use. This includes analyzing and responding to threats and developing a more strategic security posture.

When teams have less busy work on their plates, they can spend more time learning new skills. If you want your team to be able to do build custom integrations or automation on top of the security automation and orchestration solution you use, teams can learn and practice coding.

With your team able to re-shift their focus to tasks that are most relevant to their skill set and interests, you may also reduce attrition – an added bonus considering today's security talent crunch(link is external).

Find Your Balance

At the end of the day, my main piece of advice to all companies is to code strategically. This is not to say you can't or absolutely should not bring coding resources onto your security team. Instead, look to strike a balance between bringing in scarce resources when you really need them and relying on out-of-the-box solutions whenever possible to alleviate the talent (and time) crunch.

Ideally, the security orchestration and automation solution you choose will allow you to add custom integrations alongside pre-built workflows. These solutions are the ones that can do much of the heavy lifting for you and save your development resources for the truly custom work. In addition, identifying a solution that offers the best of both worlds will keep your team happy and productive, and accelerate the time to value for security automation.

At the end of the day, let your talent focus on what they do best, and let orchestration and automation take care of the rest.

Jennifer Andre is Senior Director, Orchestration and Automation, at Rapid7
Share this

Industry News

May 01, 2025

Check Point® Software Technologies Ltd.(link is external) announced that its Quantum Firewall Software R82 — the latest version of Check Point’s core network security software delivering advanced threat prevention and scalable policy management — has received Common Criteria EAL4+ certification, further reinforcing its position as a trusted security foundation for critical infrastructure, government, and defense organizations worldwide.

May 01, 2025

Postman announced full support for the Model Context Protocol (MCP), helping users build better AI Agents, faster.

May 01, 2025

Opsera announced new Advanced Security Dashboard capabilities available as an extension of Opsera's Unified Insights for GitHub Copilot.

May 01, 2025

Lineaje launched new capabilities including Lineaje agentic AI-powered self-healing agents that autonomously secure open-source software, source code and containers, Gold Open Source Packages and Gold Open Source Images that enable organizations to source trusted, pre-fixed open-source software, and a software crawling and analysis engine, SCA360, that discovers and contextualizes risks at all software development stages.

April 30, 2025

Lenses.io announced the release of Lenses 6.0, enabling organizations to modernize applications and systems with real-time data as AI adoption accelerates.

April 30, 2025

Sonata Software has achieved Amazon Web Services (AWS) DevOps Competency status.

April 29, 2025

vFunction® announced significant platform advancements that reduce complexity across the architectural spectrum and target the growing disconnect between development speed and architectural integrity.

April 29, 2025

Sonatype® introduced major enhancements to Repository Firewall that expand proactive malware protection across the enterprise — from developer workstations to the network edge.

April 29, 2025

Aqua Security introduced Secure AI, full lifecycle security from code to cloud to prompt.

April 29, 2025

Salt Security announced the launch of the Salt Model Context Protocol (MCP) Server, giving enterprise teams a novel access point of interaction with their API infrastructure, leveraging natural language and artificial intelligence (AI).

April 28, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of in-toto, a software supply chain security framework developed at the NYU Tandon School of Engineering.

April 28, 2025

SnapLogic announced the launch of its next-generation API management (APIM) solution, helping organizations accelerate their journey to a composable and agentic enterprise.

April 28, 2025

Apiiro announced Software Graph Visualization, an interactive map that enables users to visualize their software architectures across all components, vulnerabilities, toxic combinations, blast radius, data exposure and material changes in real time.

April 24, 2025

Check Point® Software Technologies Ltd.(link is external) and Illumio, the breach containment company, announced a strategic partnership to help organizations strengthen security and advance their Zero Trust posture.