CI/CD pipelines are becoming more central to the development process, making them top targets for supply chain attacks. In fact, 63% of Infrastructure as Code (IaC) templates contain misconfigurations.