Jeff Costlow

Jeff Costlow

Jeff Costlow is the CISO at ExtraHop. He started his career in computer security in 1997. Jeff has deep experience with networking protocols, a passion for secure software development and many years of software engineering under his belt.

In his spare time, Jeff enjoys building and sailing small boats, making beer or cider, mentoring for FIRST robotics, and raising Pacific Northwest mason bees.

Connect with Jeff on Twitter or LinkedIn!

Posts by Jeff Costlow

• We Busted A Fake Chrome Extension That Was Trying to Steal Data

  • December 6, 2018
  • Posted in Reveal(x), Security, Tech

  A mysterious (and fake) Chrome extension. A clever data exfiltration scheme. They would have gotten away with it, too, if it weren't for those meddling security analysts using ExtraHop Reveal(x)! Follow along as we go from threat detection to response in this real-life threat hunt with network traffic analysis.

• How to Detect Apache Struts 2 Exploit with ExtraHop (CVE-2018-11776)

  • August 29, 2018
  • Posted in Security

  There is a new Apache Struts vulnerability and it's a doozy. ExtraHop customers can use this technique to monitor for IOCs while they work to update their software.

• Detect & Stop This New Android Worm with ExtraHop

  • June 8, 2018
  • Posted in Security, Tech

  ExtraHop users, there's a nasty new Android worm that spreads via remote debugging services, but don't worry—install this remote ADP connections dashboard to quickly find and shut down at-risk devices.

• Your Windows Proxy Autodiscovery Could Be Compromised

  • December 21, 2017
  • Posted in Security, Tips and Hacks

  How to defend against WPAD exploit aPAColypse now

• Visibility into TLS: Perfect Forward Secrecy

  • September 19, 2017
  • Posted in Community, Company, Security

  What is Perfect Forward Secrecy encryption and how ExtraHop allows you to decrypt Perfect Forward Secrecy in real time.

• BlackHat and Defcon: Highlights from a Week of Computer Security

  • August 28, 2017
  • Posted in Community, Company, Industry Trends, Security, Tech

  For those of us in the computer security industry, the end of July in Las Vegas means the annual week of conferences; BlackHat and DefCon. It's always a great—albeit exhausting—week.

• Protect Your Organization from "Petya"

  • June 27, 2017
  • Posted in Community, Ransomware, Security, Tech

  New ransomware campaign utilizes the EternalBlue exploit to infect systems across the globe.

• Takeaways from Securing a Cloud-Powered, SOC2-Certified Analytics Service

  • June 19, 2017
  • Posted in Cloud, Community, Security

  The public cloud is a natural place to perform machine learning and deep analytics, but your IT data is on-premises. What's needed to bridge the gap securely?

• WannaCry Ransomware Update

  • May 17, 2017
  • Posted in Community, Company, Ransomware, Tech

  ExtraHop Bundle Now Directly Detects EternalBlue Portion of WannaCrypt.

• Gathering Steam: 2017 FIRST Robotics Challenge

  • March 3, 2017
  • Posted in Community, Company, Tech

  If you have younger kids - especially if they are interested in STEM - take them to your local FIRST Robotics competition and encourage them to participate.

• RSA 2017 Recap: Always a Learning Experience

  • March 1, 2017
  • Posted in Community, Industry Trends, Security, Tech

  The RSA Conference is the largest security industry convention in the world. This year, ExtraHop had a booth there for the first time...and it was busy!