Trusting Your Ingredients - What Building Software And Cheesecake Have In Common

Embark on a security journey at the Twistlock Cloud-Native Security Day, where the parallels between cheesecake creation and app building unfold. Delve into the developer's pivotal role in app security, spanning licenses to software packages. Explore insights on integrating security early in DevSecOps and discover the reciprocal lessons chefs and devs share in the pursuit of a secure kitchen and codebase.

Trusting Your Ingredients - What Building Software And Cheesecake Have In Common
Page content

At the Twistlock Cloud-Native Security Day, a co-located event at KubeCon 2019, I got to talk about what cheesecake and building apps have in common. As a developer you’re responsible for the security of your app. Security in this case should be seen in the broadest sense of the word, ranging from licenses to software packages. A chef creating cheesecake has similar challenges. The ingredients of a cheesecake are similar to the software packages a developer uses. The preparation is similar to the DevOps pipeline, and recipe is similar to the licenses for developers. Messing up any of those means you have a messy kitchen, or a data breach! In this talk we’ll look at:

  • Why do we care about licenses?
  • How does Sec get into the early stages of DevSecOps?
  • What can chefs and devs learn from each other?

Slides