What would Easter be without Easter Eggs and the taste of chocolate? Software, on the other hand, does not need Easter Eggs. Probably, there will be a few undocumented features accidentally anyway, without anyone implementing those on purpose. What about cake, then? Do you prefer your cake with or without easter eggs?
Tag Archives: secure software development lifecycle
Manage security debt and write some documentation!
For most people, writing documentation is boring! But what if I told you that writing technical documentation helps reduce security weaknesses? Writing down some notes also makes you a better baker.
Threat modeling baking – when bread falls on the buttered side
Several things can go wrong with baking: meringue flattens, cookies are burnt, the cake is raw on the inside. These are something you can prepare for. Similarly, in cybersecurity, you can identify problems early and plan mitigations. This is called threat modelling. I’ll introduce threat modeling through baking analogies.
Bake Security In 