A system and method for maintaining image integrity in a containerized environment. Image layers of a software container are scanned for metadata. The metadata is indexed and contextual metadata is added. Execution of the containerized environment is monitored to detect new image layers being executed. Integrity of images in the environment is maintained based on integrity rules and the metadata of each image layer. The integrity rules ensure image integrity by ensuring that pulled images are composed from trusted images, image layers are pushed by trusted users, image layers do not include potential vulnerabilities, and image layers do not override specific file paths. Trusted image layers may be automatically detected using a machine learning model trained based on historical image layer metadata.