{"id":"https://openalex.org/W4415747921","doi":"https://doi.org/10.1109/tdsc.2025.3628213","title":"Automated Analysis of Security Policy Violations in Helm Charts","display_name":"Automated Analysis of Security Policy Violations in Helm Charts","publication_year":2025,"publication_date":"2025-10-31","ids":{"openalex":"https://openalex.org/W4415747921","doi":"https://doi.org/10.1109/tdsc.2025.3628213"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2025.3628213","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3628213","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1109/tdsc.2025.3628213","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022459451","display_name":"Francesco Minna","orcid":"https://orcid.org/0000-0002-3018-044X"},"institutions":[{"id":"https://openalex.org/I865915315","display_name":"Vrije Universiteit Amsterdam","ror":"https://ror.org/008xxew50","country_code":"NL","type":"education","lineage":["https://openalex.org/I865915315"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Francesco Minna","raw_affiliation_strings":["Vrije Universiteit Amsterdam, Amsterdam, Netherlands","Vrije Universiteit Amsterdam (NL), Netherlands"],"affiliations":[{"raw_affiliation_string":"Vrije Universiteit Amsterdam, Amsterdam, Netherlands","institution_ids":["https://openalex.org/I865915315"]},{"raw_affiliation_string":"Vrije Universiteit Amsterdam (NL), Netherlands","institution_ids":["https://openalex.org/I865915315"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031952821","display_name":"Agathe Blaise","orcid":"https://orcid.org/0000-0002-9598-8482"},"institutions":[{"id":"https://openalex.org/I1283236314","display_name":"Thales (Portugal)","ror":"https://ror.org/051w1mx35","country_code":"PT","type":"company","lineage":["https://openalex.org/I1283236314","https://openalex.org/I4210140930"]},{"id":"https://openalex.org/I2801356230","display_name":"Thales (Australia)","ror":"https://ror.org/00f7vya03","country_code":"AU","type":"company","lineage":["https://openalex.org/I2801356230","https://openalex.org/I4210140930"]},{"id":"https://openalex.org/I4210140930","display_name":"Thales (France)","ror":"https://ror.org/04emwm605","country_code":"FR","type":"company","lineage":["https://openalex.org/I4210140930"]}],"countries":["AU","FR","PT"],"is_corresponding":false,"raw_author_name":"Agathe Blaise","raw_affiliation_strings":["Thales SIX GTS, Gennevilliers, France","Thales SIX GTS (FR), France"],"affiliations":[{"raw_affiliation_string":"Thales SIX GTS, Gennevilliers, France","institution_ids":["https://openalex.org/I4210140930"]},{"raw_affiliation_string":"Thales SIX GTS (FR), France","institution_ids":["https://openalex.org/I1283236314","https://openalex.org/I2801356230"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007822940","display_name":"Katja Tuma","orcid":"https://orcid.org/0000-0001-7189-2817"},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":false,"raw_author_name":"Katja Tuma","raw_affiliation_strings":["Eindhoven University of Technology, Eindhoven, AZ, Netherlands","Eindhoven University of Technology (NL), Netherlands"],"affiliations":[{"raw_affiliation_string":"Eindhoven University of Technology, Eindhoven, AZ, Netherlands","institution_ids":["https://openalex.org/I83019370"]},{"raw_affiliation_string":"Eindhoven University of Technology (NL), Netherlands","institution_ids":["https://openalex.org/I83019370"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5085639552","display_name":"Fabio Massacci","orcid":"https://orcid.org/0000-0002-1091-8486"},"institutions":[{"id":"https://openalex.org/I193223587","display_name":"University of Trento","ror":"https://ror.org/05trd4x28","country_code":"IT","type":"education","lineage":["https://openalex.org/I193223587"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Fabio Massacci","raw_affiliation_strings":["University of Trento, Trento, Italy","University of Trento (IT), Italy"],"affiliations":[{"raw_affiliation_string":"University of Trento, Trento, Italy","institution_ids":["https://openalex.org/I193223587"]},{"raw_affiliation_string":"University of Trento (IT), Italy","institution_ids":["https://openalex.org/I193223587"]}]}],"institutions":[],"countries_distinct_count":5,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5022459451"],"corresponding_institution_ids":["https://openalex.org/I865915315"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.36816498,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"23","issue":"2","first_page":"2519","last_page":"2533"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.675000011920929,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.675000011920929,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.11270000040531158,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.05299999937415123,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/artifact","display_name":"Artifact (error)","score":0.679099977016449},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.6599000096321106},{"id":"https://openalex.org/keywords/false-positive-paradox","display_name":"False positive paradox","score":0.5813999772071838},{"id":"https://openalex.org/keywords/pipeline","display_name":"Pipeline (software)","score":0.5551000237464905},{"id":"https://openalex.org/keywords/static-analysis","display_name":"Static analysis","score":0.4431000053882599},{"id":"https://openalex.org/keywords/chart","display_name":"Chart","score":0.42089998722076416},{"id":"https://openalex.org/keywords/application-programming-interface","display_name":"Application programming interface","score":0.4203999936580658},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.39989998936653137}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8931999802589417},{"id":"https://openalex.org/C2779010991","wikidata":"https://www.wikidata.org/wiki/Q2720909","display_name":"Artifact (error)","level":2,"score":0.679099977016449},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.6599000096321106},{"id":"https://openalex.org/C64869954","wikidata":"https://www.wikidata.org/wiki/Q1859747","display_name":"False positive paradox","level":2,"score":0.5813999772071838},{"id":"https://openalex.org/C43521106","wikidata":"https://www.wikidata.org/wiki/Q2165493","display_name":"Pipeline (software)","level":2,"score":0.5551000237464905},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4636000096797943},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.4431000053882599},{"id":"https://openalex.org/C190812933","wikidata":"https://www.wikidata.org/wiki/Q28923","display_name":"Chart","level":2,"score":0.42089998722076416},{"id":"https://openalex.org/C99613125","wikidata":"https://www.wikidata.org/wiki/Q165194","display_name":"Application programming interface","level":2,"score":0.4203999936580658},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4092000126838684},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.39989998936653137},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.388700008392334},{"id":"https://openalex.org/C113843644","wikidata":"https://www.wikidata.org/wiki/Q901882","display_name":"Interface (matter)","level":4,"score":0.3788999915122986},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.36809998750686646},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.33719998598098755},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.3125999867916107},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3052999973297119},{"id":"https://openalex.org/C92446256","wikidata":"https://www.wikidata.org/wiki/Q3306762","display_name":"Data validation","level":2,"score":0.29750001430511475},{"id":"https://openalex.org/C175309249","wikidata":"https://www.wikidata.org/wiki/Q725864","display_name":"Pipeline transport","level":2,"score":0.28859999775886536},{"id":"https://openalex.org/C3019060180","wikidata":"https://www.wikidata.org/wiki/Q184199","display_name":"Automated method","level":2,"score":0.28769999742507935},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.2775999903678894},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.2750999927520752},{"id":"https://openalex.org/C78873551","wikidata":"https://www.wikidata.org/wiki/Q5160111","display_name":"Configuration Management (ITSM)","level":2,"score":0.26969999074935913},{"id":"https://openalex.org/C76947770","wikidata":"https://www.wikidata.org/wiki/Q4533181","display_name":"Ephemeral key","level":2,"score":0.2549000084400177},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.2540999948978424}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1109/tdsc.2025.3628213","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3628213","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},{"id":"pmh:oai:research.vu.nl:openaire/15926ac0-3d4f-41ec-9545-2b0f2d02207b","is_oa":true,"landing_page_url":"https://research.vu.nl/en/publications/15926ac0-3d4f-41ec-9545-2b0f2d02207b","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Minna, F, Blaise, A, Tuma, K & Massacci, F 2026, 'Automated Analysis of Security Policy Violations in Helm Charts', IEEE Transactions on Dependable and Secure Computing, vol. 23, no. 2, pp. 2519-2533. https://doi.org/10.1109/TDSC.2025.3628213","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:pure.tue.nl:openaire_cris_publications/c5c48005-4724-4e82-b76d-1cbe49aecba7","is_oa":true,"landing_page_url":"https://research.tue.nl/en/publications/c5c48005-4724-4e82-b76d-1cbe49aecba7","pdf_url":"https://pure.tue.nl/ws/files/383369124/Automated_Analysis_of_Security_Policy_Violations_in_Helm_Charts.pdf","source":{"id":"https://openalex.org/S4406922641","display_name":"TU/e Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Minna, F, Blaise, A, Tuma, K & Massacci, F 2026, 'Automated Analysis of Security Policy Violations in Helm Charts', IEEE Transactions on Dependable and Secure Computing, vol. 23, no. 2, 11223885, pp. 2519-2533. https://doi.org/10.1109/TDSC.2025.3628213","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:research.vu.nl:publications/15926ac0-3d4f-41ec-9545-2b0f2d02207b","is_oa":true,"landing_page_url":"https://hdl.handle.net/1871.1/15926ac0-3d4f-41ec-9545-2b0f2d02207b","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Minna, F, Blaise, A, Tuma, K & Massacci, F 2026, 'Automated Analysis of Security Policy Violations in Helm Charts', IEEE Transactions on Dependable and Secure Computing, vol. 23, no. 2, pp. 2519-2533. https://doi.org/10.1109/TDSC.2025.3628213","raw_type":"info:eu-repo/semantics/publishedVersion"}],"best_oa_location":{"id":"doi:10.1109/tdsc.2025.3628213","is_oa":true,"landing_page_url":"https://doi.org/10.1109/tdsc.2025.3628213","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1803996626","display_name":null,"funder_award_id":"101120393","funder_id":"https://openalex.org/F4320332999","funder_display_name":"Horizon 2020 Framework Programme"},{"id":"https://openalex.org/G2507725256","display_name":null,"funder_award_id":"952647","funder_id":"https://openalex.org/F4320332999","funder_display_name":"Horizon 2020 Framework Programme"},{"id":"https://openalex.org/G3728378840","display_name":null,"funder_award_id":"952647","funder_id":"https://openalex.org/F4320334322","funder_display_name":"HORIZON EUROPE Framework Programme"},{"id":"https://openalex.org/G4731965396","display_name":null,"funder_award_id":"KICH1.VE01.20.004","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G5066738871","display_name":null,"funder_award_id":"952647","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G507880695","display_name":null,"funder_award_id":"PE00000014","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G510361925","display_name":null,"funder_award_id":"101120393","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5365867299","display_name":null,"funder_award_id":"Grant","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G6009445997","display_name":null,"funder_award_id":"unknown","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G629491556","display_name":null,"funder_award_id":"(NWO)","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"},{"id":"https://openalex.org/G8051717526","display_name":null,"funder_award_id":"Grant","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G8893660128","display_name":null,"funder_award_id":"PE0000001","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"},{"id":"https://openalex.org/F4320332999","display_name":"Horizon 2020 Framework Programme","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320334322","display_name":"HORIZON EUROPE Framework Programme","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":25,"referenced_works":["https://openalex.org/W2028627312","https://openalex.org/W2171049321","https://openalex.org/W2184107019","https://openalex.org/W2765843494","https://openalex.org/W2807826660","https://openalex.org/W2809144691","https://openalex.org/W2809228306","https://openalex.org/W2944614079","https://openalex.org/W2955656327","https://openalex.org/W3094094693","https://openalex.org/W3151142258","https://openalex.org/W3163392646","https://openalex.org/W3179169340","https://openalex.org/W3208077293","https://openalex.org/W4285490396","https://openalex.org/W4308641648","https://openalex.org/W4309346687","https://openalex.org/W4311414922","https://openalex.org/W4315480688","https://openalex.org/W4387005573","https://openalex.org/W4399619098","https://openalex.org/W4400112242","https://openalex.org/W4405218909","https://openalex.org/W4408779760","https://openalex.org/W4411070408"],"related_works":[],"abstract_inverted_index":{"The":[0],"advent":[1],"of":[2,14,88,179],"Infrastructure-as-Code":[3],"(IaC)":[4],"and":[5,52,63,118,129,152,169],"cloud":[6,162],"platforms":[7],"has":[8],"transformed":[9],"applications":[10],"into":[11],"ephemeral":[12],"deployments":[13],"configuration":[15,83],"files,":[16],"where":[17],"containers":[18],"live":[19],"for":[20,67],"only":[21],"a":[22,70,81,131],"few":[23],"minutes.":[24],"Several":[25],"industry-level":[26],"static":[27,65],"analyzers":[28,66],"are":[29,124],"available":[30],"to":[31,61,74,85,157],"check":[32],"security":[33],"misconfigurations":[34],"before":[35],"deployment,":[36],"but":[37],"the":[38,86,99,109,125,136,142,158,177],"experimental":[39],"evidence":[40],"that":[41,48,120,154],"we":[42,144,155],"report":[43],"in":[44,79],"this":[45],"paper":[46],"is":[47,135],"they":[49],"provide":[50],"different":[51],"possibly":[53],"inconsistent":[54],"results.":[55],"We":[56,91],"developed":[57],"an":[58],"automated":[59],"pipeline":[60],"evaluate":[62],"compare":[64],"Helm":[68,105],"charts,":[69],"popular":[71],"package":[72],"manager":[73],"deploy":[75],"Kubernetes":[76],"(K8s)":[77],"applications,":[78],"finding":[80],"functional":[82],"adhering":[84],"principle":[87],"least":[89],"privilege.":[90],"evaluated":[92],"seven":[93],"open-source":[94],"chart":[95],"analyzer":[96],"tools":[97],"on":[98,175],"60":[100],"most":[101,126,137],"common":[102,127],"Artifact":[103],"Hub":[104],"charts":[106],"(returned":[107],"by":[108],"Application":[110],"Programming":[111],"Interface":[112],"\u2014":[113],"API":[114],"upon":[115],"first":[116],"invocation)":[117],"found":[119,146],"overly":[121],"permissive":[122],"ClusterRoles":[123],"misconfiguration,":[128],"using":[130],"high":[132],"user":[133],"ID":[134],"commonly":[138],"needed":[139],"permission.":[140],"During":[141],"evaluation,":[143],"also":[145],"several":[147],"bugs,":[148],"both":[149],"false":[150],"positives":[151],"negatives,":[153],"reported":[156],"tool":[159],"developers.":[160],"Securing":[161],"configurations":[163],"still":[164],"requires":[165],"significant":[166],"manual":[167],"intervention,":[168],"more":[170],"effort":[171],"should":[172],"be":[173],"spent":[174],"standardizing":[176],"analysis":[178],"misconfiguration.":[180]},"counts_by_year":[],"updated_date":"2026-04-03T22:45:19.894376","created_date":"2025-10-31T00:00:00"}