In the age of cloud computing where infrastructure needs to be extended or deployed rapidly to meet ever-changing organizational needs, the configuration of new servers and nodes is completely automated. This is done using machine-readable definition files, or templates, as part of a process known as infrastructure as code (IaC) or continuous configuration automation (CCA).
A new analysis by researchers from Palo Alto Networks of IaC templates collected from GitHub repositories and other places identified almost 200,000 such files that contained insecure configuration options.