diff --git a/changelog/changes/2024-09-10-kernel-lockdown.md b/changelog/changes/2024-09-10-kernel-lockdown.md
new file mode 100644
index 0000000000..936d9aea32
--- /dev/null
+++ b/changelog/changes/2024-09-10-kernel-lockdown.md
@@ -0,0 +1 @@
+- Kernel lockdown in integrity mode is now enabled when secure boot is enabled. This prevents loading unsigned kernel modules and matches the behavior of all major distros. ([scripts#2299](https://github.com/flatcar/scripts/pull/2299))