diff --git a/.github/workflows/ci-latest-release.yml b/.github/workflows/ci-latest-release.yml
index d6c64af00..73352fd72 100644
--- a/.github/workflows/ci-latest-release.yml
+++ b/.github/workflows/ci-latest-release.yml
@@ -161,6 +161,25 @@ jobs:
           cosign sign -r kubearmor/kubearmor-init@${{ steps.digest.outputs.initdigest }} --yes
           cosign sign -r kubearmor/kubearmor-ubi@${{ steps.digest.outputs.ubidigest }} --yes
 
+      - name: Install bom
+        uses: kubernetes-sigs/release-actions/setup-bom@841d76a188a7c121231a863572e27012805715a2 # main
+
+      - name: Generate SBOM
+        shell: bash
+        run: |
+          bom generate --format json --analyze-images --output sbom_kubearmor_${{ steps.digest.outputs.imagedigest }}.spdx.json \
+          --image=kubearmor/kubearmor@${{ steps.digest.outputs.imagedigest }}
+          bom generate --format json --analyze-images --output sbom_kubearmor-init_${{ steps.digest.outputs.initdigest }}.spdx.json \
+          --image=kubearmor/kubearmor-init@${{ steps.digest.outputs.initdigest }}
+          bom generate --format json --analyze-images --output sbom_kubearmor-ubi_${{ steps.digest.outputs.ubidigest }}.spdx.json \
+          --image=kubearmor/kubearmor-ubi@${{ steps.digest.outputs.ubidigest }}
+
+      - name: Attach SBOM attestation to container image
+        run: |
+          cosign attest --recursive --yes --predicate sbom_kubearmor_${{ steps.digest.outputs.imagedigest }}.spdx.json --type spdxjson kubearmor/kubearmor@${{ steps.digest.outputs.imagedigest }}
+          cosign attest --recursive --yes --predicate sbom_kubearmor-init_${{ steps.digest.outputs.initdigest }}.spdx.json --type spdxjson kubearmor/kubearmor-init@${{ steps.digest.outputs.initdigest }}
+          cosign attest --recursive --yes --predicate sbom_kubearmor-ubi_${{ steps.digest.outputs.ubidigest }}.spdx.json --type spdxjson kubearmor/kubearmor-ubi@${{ steps.digest.outputs.ubidigest }}
+
   push-stable-version:
     name: Create KubeArmor stable release
     needs: [build, check]
diff --git a/.github/workflows/sbom-release.yaml b/.github/workflows/sbom-release.yaml
new file mode 100644
index 000000000..d2dc2b704
--- /dev/null
+++ b/.github/workflows/sbom-release.yaml
@@ -0,0 +1,28 @@
+name: Generate SBOM
+on:
+  workflow_dispatch:
+  release:
+    types: [published]
+permissions:
+  contents: write
+jobs:
+  generate_sbom_action:
+    runs-on: ubuntu-latest
+    name: Install K8s bom and generate SBOM
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
+
+      - name: Install bom
+        uses: kubernetes-sigs/release-actions/setup-bom@841d76a188a7c121231a863572e27012805715a2
+
+      - name: Generage SBOM
+        run: |
+          bom generate --format json --analyze-images --output kubearmor_${{github.ref_name}}_sbom.spdx.json \
+          --dirs=.\
+
+      - name: Upload SBOM
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          gh release upload ${{github.ref_name}} kubearmor_${{github.ref_name}}_sbom.spdx.json