Explore the evolution of security features in Kubernetes releases and their impact on the software supply chain in this 34-minute conference talk. Discover how SIG Release has improved the Kubernetes release process since version 1.22, creating tools and processes that benefit the entire ecosystem. Learn about three key technologies: SBOMs for describing sources, artifacts, and dependencies; provenance attestations for SLSA compliance; and digital signatures implementation. Gain valuable insights into lessons learned and practical tools you can apply to secure your own project releases, enhancing trust and reliability in the software supply chain.