diff --git a/.github/workflows/python-ci.yml b/.github/workflows/python-ci.yml
index ef25dc8..536d0c3 100644
--- a/.github/workflows/python-ci.yml
+++ b/.github/workflows/python-ci.yml
@@ -32,7 +32,7 @@ jobs:
     uses: notdodo/github-actions/.github/workflows/docker-build-and-push.yml@docker-build-and-push-v0
     with:
       image: digintlab/opencti-connector
-      platforms: linux/amd64, linux/amd64
+      platforms: linux/amd64, linux/arm64
       egress-policy-allowlist: >
         deb.debian.org:443
         deb.debian.org:80
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 8b4e502..59414f7 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -42,6 +42,28 @@ jobs:
         files.pythonhosted.org:443
         pypi.org:443
       push: true
+      sign-image: false
     secrets:
       registry-username: ${{ secrets.DOCKERHUB_USERNAME }}
       registry-password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+  sign-image:
+    needs: [build-docker-image]
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0
+      - name: Sign and verify
+        env:
+          COSIGN_YES: 'true'
+          IMAGE_REF: ${{ needs.build-docker-image.outputs.image_ref }}
+          CERT_OIDC_ISSUER: https://token.actions.githubusercontent.com
+          CERT_IDENTITY: ${{ format('https://github.com/{0}', github.workflow_ref) }}
+        run: |
+          cosign sign "${IMAGE_REF}"
+          cosign verify \
+            --certificate-identity "${CERT_IDENTITY}" \
+            --certificate-oidc-issuer "${CERT_OIDC_ISSUER}" \
+            "${IMAGE_REF}"