Add Chainguard CIS Docker Benchmark Section 4 conformance documentation

[SharpRake]

Type of change

Documentation Update

• Added new section to the CIS Benchmarks overview explaining how Chainguard Containers conform to Section 4 of the CIS Docker Benchmark

What should this PR do?

resolves https://github.com/chainguard-dev/internal/issues/4569

Why are we making this change?

The existing CIS Benchmarks page was purely conceptual and contained no information about Chainguard's conformance. A customer asked whether Chainguard images meet CIS Benchmarks and requested public-facing documentation they could share with their own customers.

What are the acceptance criteria?

• A new "Chainguard Containers and the CIS Docker Benchmark" section is present on the page
• The section correctly describes Section 4 conformance, including the Cosign/4.5 caveat, the 4.6 HEALTHCHECK non-conformance, and the note about build-time recommendations
• Links to Docker Content Trust, Cosign, and Docker HEALTHCHECK docs are present and correct

How should this PR be tested?

1. Check the preview link and navigate to /software-security/compliance/cis-benchmarks/
2. Verify the new section renders correctly and all links are functional

[netlify]

✅ Deploy Preview for ornate-narwhal-088216 ready!

Name	Link
🔨 Latest commit	27bb5ad
🔍 Latest deploy log	https://app.netlify.com/projects/ornate-narwhal-088216/deploys/69e00db827f3a20008e6d59c
😎 Deploy Preview	https://deploy-preview-3249--ornate-narwhal-088216.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[matthewhelmke]

LGTM