Enable Container Threat Detection in the Security Command Center Premium tier.

Upgrade all clusters that are not on a supported version of GKE to the latest possible GKE version.

View and share the results from the Security Command Center.

Use an open source tool in Cloud Build to scan the images.

Upload reports to publicly accessible buckets in Cloud Storage by using gsutil.

Share the scan report link with your security department.

Enable vulnerability scanning in the Artifact Registry settings.

Use Cloud Build to build the images.

Push the images to the Artifact Registry for automatic scanning.

View the reports in the Artifact Registry.

Get a GitHub subscription.

Build the images in Cloud Build and store them in GitHub for automatic scanning.

Download the report from GitHub and share with the Security Team.