OpenSearch is a powerful search and analytics engine. But many organizations unknowingly expose their OpenSearch clusters, leaving them vulnerable to data leaks, privilege escalation, and even full system compromise. In this session, we’ll look into real-world OpenSearch security flaws, exploit them live, and secure them.
This talk is hands-on - we’ll spin up two OpenSearch environments: one intentionally vulnerable, the other properly secured. You’ll see exactly how attackers break in, followed by a step-by-step hardening process.
The key takeaways from this session will be:
1. Live demonstrations of common attack techniques (unauthenticated access, query injection, privilege escalation, and container compromise)
2. Best practices for securing OpenSearch, including TLS, RBAC, and security configurations