bug bz1914896 - warning about security risk from no auto image update by default

Author: Lisa Pettyjohn

security/container_security/security-understanding.adoc

@@ -9,6 +9,12 @@ Securing a containerized application relies on multiple levels of security:
 
 * Container security begins with a trusted base container image and continues
 through the container build process as it moves through your CI/CD pipeline.
++
+[IMPORTANT]
+====
+Image streams by default do not automatically update. This default behavior might create a security issue because security updates to images referenced by an image stream do not automatically occur.
+For information about how to override this default behavior, see xref:../../openshift_images/image-streams-manage.adoc#images-imagestreams-import_image-streams-managing[Configuring periodic importing of imagestreamtags].
+====
 * When a container is deployed, its security depends on it running
 on secure operating systems and networks, and
 establishing firm boundaries between the container itself and