dhi: update cis wording (#23245)

<!--Delete sections as needed -->

## Description

Update wording to let the user know that instead of just dropping the
control, something better took it's place.


https://deploy-preview-23245--docsdocker.netlify.app/dhi/core-concepts/cis/#how-docker-hardened-images-comply-with-the-cis-benchmark

## Related issues or tickets

ENGDOCS-2922

## Reviews

<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->

- [ ] Editorial review
- [ ] Product review

Signed-off-by: Craig <[email protected]>

Author: craig-osterhout

content/manuals/dhi/core-concepts/cis.md

@@ -31,7 +31,9 @@ Dockerfile configuration.
 CIS-compliant DHIs are compliant with all controls in Section 4, with the sole
 exception of the control requiring Docker Content Trust (DCT), which [Docker
 officially retired](https://www.docker.com/blog/retiring-docker-content-trust/).
-By starting from a CIS-compliant DHI, teams can adopt image-level best practices
+Instead, DHIs are [signed](/manuals/dhi/core-concepts/signatures.md) using
+Cosign, providing an even higher level of authenticity and integrity. By
+starting from a CIS-compliant DHI, teams can adopt image-level best practices
 from the benchmark more quickly and confidently.
 
 > [!NOTE]