Securing Container Registry Images When to Use - When establishing security controls for container image registries (ECR, ACR, GCR, Docker Hub) - When building CI/CD pipelines that enforce vulnerability scanning before image promotion - When implementing image signing and verification to prevent supply chain attacks - When auditing existing registries for vulnerable, unscanned, or unsigned images - When compliance requires software bill of materials (SBOM) for deployed container images Do not use for runtime container security (use Falco or Sysdig), for Kubernetes admission control (use OPA G…