Scan Dockerfiles and container configurations for security vulnerabilities, misconfigurations, and best practice violations. Checks for insecure base images, exposed secrets, privilege escalation, and more.