What are the security implications of utilizing infrastructure-as-code templates, and how do you automate the detection of misconfigurations?