Loading…
16-17 June, 2026
Mumbai, India
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit India 2026 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
← Back to schedule
Beyond SBOMs and SLSA: Build Trust With Custom Attestations for End-to-End Supply Chain Security - Lavakush Biyani & Pranay Shah, Harness
Wednesday June 17, 2026 6:25pm - 7:05pm IST
204 AB (Second Floor)
Securing software supply chains requires more than just standard formats like SBOMs or SLSA Provenance. Organizations often need custom attestations, metadata that proves how an artifact was built, what dependencies were used, and whether policies like vulnerability scans or unit tests were executed.

In this session, I will show how to extend supply chain security using open-source tools such as Cosign, InToto, and Witness to generate, ingest, and verify these custom attestations.

You’ll learn:

- How to produce attestations for builds, tests, and security checks.

- Methods to sign and verify artifacts, ensuring integrity and authenticity.

- Ways to maintain provenance and chain-of-custody for all artifacts.

- How to enforce custom compliance policies in CI/CD pipelines using OPA.

Through an end-to-end practical demo, you will gain actionable strategies to go beyond standard attestations, giving full visibility and trust in your software supply chains.
Speakers
avatar for Pranay Shah

Pranay Shah

Staff Product Manager, Harness
Pranay Shah is a seasoned security professional with over 11 years of experience across VAPT, vulnerability management, security tooling, and supply chain security. He currently serves as a Staff Product Manager at Harness, where he focuses on building Supply Chain Security solutions... Read More →
avatar for Lavakush Biyani

Lavakush Biyani

Developer Relations Engineer, Harness
Lavakush Biyani is a Developer Relations Engineer at Harness. He has presented talks at international conferences, including Open Source Summit Europe, Korea, and All Day DevOps. Lavakush is an AWS Community Builder and a CDF Ambassador, actively contributing to the developer community... Read More →
Wednesday June 17, 2026 6:25pm - 7:05pm IST
204 AB (Second Floor)
  Packages & Images & Containers

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Event Planning Software Privacy Terms
Share Modal

Share this link via

Or copy link