LeakGauge is an IaC-aware static analysis framework that traces sensitive data flows across serverless deployments. Using CodeQL-based data- and taint-flow analysis informed by Infrastructure-as-Code configurations, LeakGauge identifies …
Kubernetes has become the dominant platform for managing containerized applications, but its native Secrets management mechanisms introduce security vulnerabilities, especially in environments where third-party applications may have excessive …