Scan Infrastructure-as-Code (Terraform, CloudFormation, Kubernetes) for misconfigurations, exposed secrets and policy drift before deployment.