OSS Security – The Pizza Approach

By: Marcel Kornegoor

This talk combines two of the best things in life: pizza and open source software.

Open Source Software (OSS) is everywhere, yet it is still surrounded by misconceptions, especially when it comes to security. Some see it as risky because “anyone can see the code”, others assume it is secure by default because “many eyes” are watching. Both views miss the bigger picture.

A pizza might look like nothing more than dough, sauce, and cheese, but its quality depends on much more: the ingredients, the recipe, the preparation, and the kitchen it comes from. OSS security works the same way.

Using a layered and tasteful pizza analogy, this talk explores how open source security really works. We will look at code transparency, supply chains, dependencies, maintenance, and trust, and how each layer contributes to (or undermines) security. Attendees will leave with a clearer mental model and practical guidance for evaluating and using open source software securely, without fear or blind trust.