Loading…
8 August | Hyderabad, India
Learn More and Register To Attend

The Sched app allows you to build your schedule, but it is not a substitute for event registration. To participate in the sessions, you must be registered for OpenSSF Community Day India 2025. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in India Standard Time. To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.

Schedule is subject to change.
← Back to schedule
From Code To Kernel: Enforcing Supply Chain Security for Linux Distributions - Aditya Soni, Forrester Research & Anshika Tiwari, AWS
Monday August 4, 2025 14:30 - 14:45 IST
Meeting Room 1 + 2
The security of a Linux distribution depends on the integrity of its entire software supply chain, from source code to compiled binaries. With rising threats like dependency poisoning, malicious injections, and package manager compromises, securing the supply chain is no longer optional.

This talk will present a practical framework for strengthening Linux supply chain security.

We'll cover:
1. Verifying source authenticity with cryptographic signing and reproducible builds.
2. Automating SBOM generation to track dependencies and prevent supply chain attacks.
3. Enforcing integrity using open-source tools like Sigstore (Cosign, Rekor), in-toto, and OpenSCAP.
4. Analyzing real-world attack scenarios and how to mitigate them effectively.

By the end, attendees will gain actionable strategies to prevent tampering, detect anomalies early, and ensure trusted software delivery across open-source Linux distributions.
Speakers
avatar for Aditya Soni

Aditya Soni

DevOps Engineer II, CNCF Ambassador, Forrester Research
Aditya Soni is a DevOps/SRE tech professional He worked with Product and Service based companies including Red Hat, Searce, and is currently positioned at Forrester Research as a DevOps Engineer II. He holds AWS, GCP, Azure, RedHat, and Kubernetes Certifications.He is a CNCF Ambassador... Read More →
avatar for Anshika Tiwari

Anshika Tiwari

CSA - Cloud Engineer, AWS
Anshika is a passionate DevOps/SRE Engineer who is always eager to learn & implement cloud-native solutions, she has contributed to streamlining deployment processes and enhancing system reliability. She is eager to share her experiences and insights at conferences, contributing to... Read More →
Monday August 4, 2025 14:30 - 14:45 IST
Meeting Room 1 + 2
  15 Minutes Presentation

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Need help? View Support Guides
Event questions? Contact Event Planner
Powered by Sched Event Planning App
©2025 Sched About Privacy Terms
Share Modal

Share this link via

Or copy link