We should keep docker images scanner as it is for new docker images but change it when we update existing docker images in the allowed images list. Improved solution would mean that we accept updates for docker images if the updated image has less vulnerabilities than the existing one.