Episode 56: Is Exchange leaking your creds?

If you follow the productivity space, you have no doubt seen or heard about the Autodiscovering the Great Leak research paper recently published by Amit Serper, a security researcher at Guardicore. The paper details more than five months' research into the Autodiscover service used by Microsoft . Amit's research was picked up and in many instances misreported by the tech press, which in turn caused a certain degree of panic. We're deeply passionate about Exchange and have been for a very long time, so we thought it would be a good idea to sit down with Amit to talk through his research and better understand his findings.

During the episode, Amit talks about the following resources:

Martina
Amit Serper is a security researcher that spent almost a decade in the Israeli intelligence community where he worked in vulnerability research, exploit development and designed the architectures of uniquely complicated, highly reliable, one-of-a-kind communication systems. During his 9 year tenure in the IDF and Israeli government, he received 4 certificates of excellence and two commendations. During his career he has been on both the red and blue sides, joined an early stage start-up to build EDR products from scratch on various operating systems, conducted low level operating system research, reverse engineered malware, performed countless IR engagements, helped build a global research team and brand, and stopped a few global attacks (NotPetya, BadRabbit, Operation softcell to name a few). Amit is a frequent public speaker at security conferences all over the world and shares his research and knowledge in various blog posts, conferences, and podcasts. You can find Amit on Twitter [@0xAmit](https://twitter.com/0xAmit)

This episode is also available as a video recording:

This Episode is brought to you by KEMP Technologies. Choose KEMP to optimize your multi-cloud application deployments and simplify multi-cloud application management. A single pane-of-glass for application delivery, KEMP provides a 360 degree view of your entire application environment, and even third-party ADCs. Download KEMP360 [for free today at kemptechnologies.com](https://kempte.ch/2MYXjew)