The process of container registry scanning consists of three key phases: discovery, scanning, and evaluation.
Discovery: The connector discovers all registries, repositories, and tags within the account.
Scanning: The connector extracts software bills of materials (SBOMs), malware indicators, and secrets from each image.
Evaluation: Scan results are evaluated for vulnerabilities, malware, and secrets, and asset findings are created accordingly.