Every time I see someone in a demo for "automatic mitigations for container security issues" suggest to remove an image from a registry or prevent it's pulling, I like to scream. It's 99.9% a stupid idea. It doesn't prevent any compromise but will most likely result in downtime for applications.
Instead of having one problem, you create two, great!
This is my personal microblog. It's filled with my fun, joy and silliness.