Jeff Costlow

CISO, ExtraHop

Jeff Costlow is the CISO at ExtraHop. He started his career in computer security in 1997. Jeff has deep experience with networking protocols, a passion for secure software development, and many years of software engineering under his belt.

Detect and Stop Spring4Shell Exploitation
BrandPost ExtraHop

Detect and Stop Spring4Shell Exploitation


Detect Log4j Attacks Hiding in Encrypted Traffic

Detect Log4j Attacks Hiding in Encrypted Traffic

ExtraHop threat researchers have observed attackers in the wild using encrypted traffic to avoid detection of Log4Shell attacks. This is consistent with the general trend of cyberattackers using encryption as an evasion mechanism to...

Exchange Server Security Challenges Explained

Exchange Server Security Challenges Explained

Monitoring and securing Microsoft Exchange Server has its own set of unique challenges that administrators and security analysts need to be aware of now.

Wildcard Certificate Risks and the ALPACA TLS Attack

Wildcard Certificate Risks and the ALPACA TLS Attack

Earlier this month the National Security Agency (NSA) issued a technical advisory warning of an attack dubbed ALPACA. It highlights the cybersecurity risks of using wildcard TLS certificates. So how does this attack work and why does...

Ripple20: Finding Vulnerable Devices and Detecting Attacks

Ripple20: Finding Vulnerable Devices and Detecting Attacks

To enable all these features, please upgrade to the latest version of ExtraHop Reveal(x), 8.1.3.

Load More