Quickstart for a Breach! When Official Installations Expose Your K8 and Your Cloud
Michael, Yossi
Cloud Village @ DEF CON 33 · Day 1 · Cloud Village
This talk, presented by Yossi Suman and Michael Kachinski from the Microsoft Defender for Cloud research team, delves into a critical and often overlooked security vulnerability: **default misconfigurations** in popular cloud-native applications deployed on Kubernetes. The speakers highlight how even well-known and widely used applications, when installed with their default settings via official channels like Helm charts, can inadvertently expose sensitive data or grant attackers full control over a Kubernetes cluster and potentially the underlying cloud environment.
AI review
Solid practitioner-level research with real findings — Apache Pinot, Meshery, Selenium, the Bitnami Elasticsearch default — but the core thesis (default Helm chart misconfigs expose your cluster) isn't novel, it's a well-worn track. The methodology is sound and the case studies are concrete enough to be useful, but this is refinement of known terrain, not a new map.