Explore the critical topic of Kubernetes supply chain security in this 36-minute conference talk by Andrew Martin from Control Plane. Dive into the concept of a Software Factory approach for defending against supply chain risks, based on work from the US Air Force and DoD. Learn about the original supply chain attack described by Ken Thompson 35 years ago and how it relates to modern threats like the SUNBURST attacks. Discover how cloud native technologies can address these challenges through a showcase of building a Kubernetes Software Factory with Tekton. Gain insights into signing and verification approaches using tools such as in-toto, TUF, SPIFFE, SPIRE, and sigstore. Examine lessons learned from recent attacks and explore future cloud native solutions for hardening Kubernetes, builds, and infrastructure. Understand the complexities of the producer-consumer problem in supply chain relationships across various levels of industry and technology.