diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index da8044ef3f83aaf328319a1220bc47a203aa8bd2..af4d514e89123e4cb8c6bb7ca07549d589c45766 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -18,6 +18,9 @@ include:
   - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/semantic-release/gitlab-ci-semrel@master
     inputs:
       semantic-release-job-tags: ["docker"]
+  - component: git.code.tecnalia.com/smartdatalab/public/ci-cd-components/gitleaks/gitlab-ci-gitleaks@master
+    inputs:
+      gitleaks-job-tags: ["docker"]
 
 stages:
   - build
diff --git a/CHANGELOG.md b/CHANGELOG.md
index e430afa9284a21b60dc33e3a35a7160d045cbf9b..d19e0d0fff2abfb916dda0235ed189fb0021c680 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,16 +1,16 @@
-## [5.10.3](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/docker/compare/5.10.2...5.10.3) (2024-07-02)
+# [5.11.0](https://gitlab.com/to-be-continuous/docker/compare/5.10.3...5.11.0) (2024-07-05)
 
 
-### Bug Fixes
+### Features
 
-* **Trivy:** Trivy 0.53.0 added the clean subcommand for semantic cache management ([e3a9540](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/docker/commit/e3a954080b1150ae35c403cffdb71ae750c9a741))
+* display tools' version ([9fa5118](https://gitlab.com/to-be-continuous/docker/commit/9fa51183755b94e02af9a3151eccc5ba9be75b15))
 
-## [5.10.2](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/docker/compare/5.10.1...5.10.2) (2024-05-13)
+## [5.10.3](https://gitlab.com/to-be-continuous/docker/compare/5.10.2...5.10.3) (2024-07-01)
 
 
 ### Bug Fixes
 
-* **workflow:** disable MR pipeline from prod & integ branches ([6460d7b](https://git.code.tecnalia.com/smartdatalab/public/ci-cd-components/docker/commit/6460d7bba7a231ff68b163c861a4b40f37ee08bb))
+* **Trivy:** Trivy 0.53.0 added the clean subcommand for semantic cache management ([e3a9540](https://gitlab.com/to-be-continuous/docker/commit/e3a954080b1150ae35c403cffdb71ae750c9a741))
 
 ## [5.10.2](https://gitlab.com/to-be-continuous/docker/compare/5.10.1...5.10.2) (2024-05-05)
 
diff --git a/README.md b/README.md
index 1a3b7e494678e4252ab146e0ff630eb7786ccb41..1740c66ea3f3fd7ee78772f0219e77d71d270b67 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ Add the following to your `gitlab-ci.yml`:
 ```yaml
 include:
   # 1: include the component
-  - component: gitlab.com/to-be-continuous/docker/gitlab-ci-docker@5.10.3
+  - component: gitlab.com/to-be-continuous/docker/gitlab-ci-docker@5.10.2
     # 2: set/override component inputs
     inputs:
       build-tool: buildah # ⚠ this is only an example
@@ -28,7 +28,7 @@ Add the following to your `gitlab-ci.yml`:
 include:
   # 1: include the template
   - project: 'to-be-continuous/docker'
-    ref: '5.10.3'
+    ref: '5.10.2'
     file: '/templates/gitlab-ci-docker.yml'
 
 variables:
diff --git a/templates/gitlab-ci-docker-ecr.yml b/templates/gitlab-ci-docker-ecr.yml
index 0941cb2a95947c9fbac70e72d3f59db9c72cbacf..9db80cd9a1cc7e56a9391049f8639116b5d7af11 100644
--- a/templates/gitlab-ci-docker-ecr.yml
+++ b/templates/gitlab-ci-docker-ecr.yml
@@ -45,7 +45,7 @@ variables:
 .docker-base:
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.3"]
+      command: ["--service", "docker", "5.11.0"]
     - name: "$TBC_AWS_PROVIDER_IMAGE"
       alias: "aws-auth-provider"
   id_tokens:
diff --git a/templates/gitlab-ci-docker-gcp.yml b/templates/gitlab-ci-docker-gcp.yml
index 63c78410c28fcd54dcb2ea0a9e9aa9c1eace969b..10280f80f4df9332031c58da249d71c5d596bd43 100644
--- a/templates/gitlab-ci-docker-gcp.yml
+++ b/templates/gitlab-ci-docker-gcp.yml
@@ -44,7 +44,7 @@ variables:
 .docker-base:
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.3"]
+      command: ["--service", "docker", "5.11.0"]
     - name: "$TBC_GCP_PROVIDER_IMAGE"
       alias: "gcp-auth-provider"
   variables:
diff --git a/templates/gitlab-ci-docker-vault.yml b/templates/gitlab-ci-docker-vault.yml
index 858de09ba03b2d61dd8e2c1d620f815f19ebc1bb..d79473f647548f4d5091eb5f838f4dfed7863b80 100644
--- a/templates/gitlab-ci-docker-vault.yml
+++ b/templates/gitlab-ci-docker-vault.yml
@@ -22,7 +22,7 @@ variables:
 .docker-base:
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.3"]
+      command: ["--service", "docker", "5.11.0"]
     - name: "$TBC_VAULT_IMAGE"
       alias: "vault-secrets-provider"
   variables:
diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml
index 1de96f65029996b8ee9769c904e8905db5289df0..f12524b8d5af5470048c1f0a3dcefd3f43ba2fc6 100644
--- a/templates/gitlab-ci-docker.yml
+++ b/templates/gitlab-ci-docker.yml
@@ -697,7 +697,7 @@ stages:
 .docker-base:
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.3"]
+      command: ["--service", "docker", "5.11.0"]
   before_script:
     - !reference [.docker-scripts]
 
@@ -715,6 +715,9 @@ stages:
   before_script:
   - !reference [.docker-scripts]
   - create_kaniko_cache_dir
+  - |
+    log_info "Kaniko version:"
+    /kaniko/executor version
 
 
 .docker-dind-base:
@@ -730,7 +733,7 @@ stages:
     _TRACE: "${TRACE}"
   services:
     - name: "$TBC_TRACKING_IMAGE"
-      command: ["--service", "docker", "5.10.3"]
+      command: ["--service", "docker", "5.11.0"]
     - name: $DOCKER_DIND_IMAGE
       alias: docker
       command:
@@ -743,6 +746,9 @@ stages:
   before_script:
     - !reference [.docker-scripts]
     - if ! wait_for_docker_daemon; then fail "Docker-in-Docker is not enabled on this runner. Either use a Docker-in-Docker capable runner, or disable this job by setting \$DOCKER_BUILD_TOOL to a different value"; fi
+    - |
+      log_info "Docker version:"
+      docker version
 
 # ==================================================
 # Stage: build
@@ -757,7 +763,11 @@ docker-hadolint:
   dependencies: []
   script:
     - autoconfig_hadolint
+    - |
+      log_info "Hadolint version:"
+      hadolint -v
     - mkdir -p -m 777 reports
+    - log_info "Scanning ${DOCKER_FILE}..."
     - dockerfile_hash=$(echo "$DOCKER_FILE" | md5sum | cut -d" " -f1)
     # Output in Code Climate format (GitLab integration)
     - hadolint --no-fail -f gitlab_codeclimate $DOCKER_HADOLINT_ARGS $hadolint_config_opts "$DOCKER_FILE" > "reports/docker-hadolint-${dockerfile_hash}.codeclimate.json"
@@ -864,6 +874,9 @@ docker-buildah-build:
           buildah_cache_args="--layers --cache-from $buildah_build_cache --cache-to $buildah_build_cache"
           log_info "Build cache enabled; CLI options: ${buildah_cache_args}"
       fi
+    - |
+      log_info "Buildah version:"
+      buildah version
     # build and push image
     - buildah build --file "$DOCKER_FILE" --tag $DOCKER_SNAPSHOT_IMAGE $buildah_cache_args --build-arg http_proxy="$http_proxy" --build-arg https_proxy="$https_proxy" --build-arg no_proxy="$no_proxy" $DOCKER_METADATA $DOCKER_BUILD_ARGS "$(docker_context_path)"
     - buildah push --digestfile .img-digest.txt "$DOCKER_SNAPSHOT_IMAGE"
@@ -899,7 +912,9 @@ docker-healthcheck:
   variables:
     GIT_STRATEGY: none
   stage: package-test
-  script: |
+  script:
+  - log_info "Healthchecking ${DOCKER_SNAPSHOT_IMAGE}..."
+  - |
     # Test by internal health_check (Recommended way, more info https://docs.docker.com/engine/reference/builder/#healthcheck)
     # This looks complicated but you normally don't have to touch this...
     function unexpected_error() {
@@ -966,9 +981,15 @@ docker-trivy:
   stage: package-test
   variables:
     TRIVY_CACHE_DIR: ".trivycache/"
-  script: |
+  script:
+  - log_info "Scanning vulnerabilities from ${DOCKER_SNAPSHOT_IMAGE}..."
+  - |
+    log_info "Trivy version:"
+    trivy version
+  - |
     # cache cleanup is needed when scanning images with the same tags, it does not remove the database
     trivy clean --scan-cache || trivy image --clear-cache
+  - |
     export TRIVY_USERNAME=${DOCKER_REGISTRY_SNAPSHOT_USER:-${DOCKER_REGISTRY_USER:-$CI_REGISTRY_USER}}
     export TRIVY_PASSWORD=${DOCKER_REGISTRY_SNAPSHOT_PASSWORD:-${DOCKER_REGISTRY_PASSWORD:-$CI_REGISTRY_PASSWORD}}
     basename=$(echo "${DOCKER_SNAPSHOT_IMAGE}" | sed 's|[/:]|_|g')
@@ -1015,6 +1036,10 @@ docker-sbom:
     name: $DOCKER_SBOM_IMAGE
     entrypoint: [""]
   script:
+    - log_info "Extracting SBOM from ${DOCKER_SNAPSHOT_IMAGE}..."
+    - |
+      log_info "Syft version:"
+      /syft version
     - mkdir -p -m 777 reports
     - basename=$(echo "${DOCKER_SNAPSHOT_IMAGE}" | sed 's|[/:]|_|g')
     - /syft scan ${TRACE+-vv} $DOCKER_SNAPSHOT_IMAGE $DOCKER_SBOM_OPTS -o cyclonedx-json=reports/docker-sbom-${basename}.cyclonedx.json
@@ -1068,8 +1093,12 @@ docker-publish:
         log_warn "\\e[93mYou should consider distinguishing snapshot and release images as they do not differ. Skipping publish phase as image has already been created by previous job.\\e[0m"
         exit 0
       fi
+    - |
+      log_info "Skopeo version:"
+      skopeo -v
     - BUILDTOOL_HOME=${BUILDTOOL_HOME:-$HOME}
     # 1: push main image
+    - log_info "Copying ${DOCKER_SNAPSHOT_IMAGE} to ${DOCKER_RELEASE_IMAGE}..."
     - skopeo copy --src-authfile "$BUILDTOOL_HOME/skopeo/.docker/src-config.json" --dest-authfile "$BUILDTOOL_HOME/skopeo/.docker/dest-config.json" ${DOCKER_PUBLISH_ARGS} "docker://$DOCKER_SNAPSHOT_IMAGE" "docker://$DOCKER_RELEASE_IMAGE"
     - |
       log_info "Well done your image is pushed and can be pulled with: docker pull $DOCKER_RELEASE_IMAGE"