doc: add more context about security in the pipeline and operator

[sxd]

The current documentation doesn't cover all the security scans and measures taken in the last year, so we added that to the documentation and also a little section explaining how the operator permissions are managed in the different ways the operator supports and some recommendations about how to deploy it. In the new section, we also explain more about the cluster-wide permissions that are mandatory for the operator to work.

Closes #4348

[github-actions[bot]]

Build Error! No Linked Issue found. Please link an issue or mention it in the body using #<issue_id>

[github-actions[bot]]

:exclamation: By default, the pull request is configured to backport to all release branches.

• To stop backporting this pr, remove the label: backport-requested :arrow_backward: or add the label 'do not backport'
• To stop backporting this pr to a certain release branch, remove the specific branch label: release-x.y

[github-actions[bot]]

Build Error! No Linked Issue found. Please link an issue or mention it in the body using #<issue_id>

[gbartolini]

I have temporarily removed the entire section about cluster-wide permissions. I am creating a separate ticket about it, as I think it contradicts - or at least it is not entirely aligned with - the "RBAC" section. I also think that, instead of being thrown at the bottom of the page, it should sit under or next to the RBAC section (which assumes we deploy with the manifest).