Description
Software supply-chain information for container images can be inspected from Docker interfaces and the command line. It helps teams understand image contents, dependencies, and security signals before shipping or updating services.
Security reports are decision support, not automatic approval. Review findings, image provenance, and registry access before using results in release gates.