Blog

Jeff Costlow

Former Employee - CISO

Jeff Costlow

Jeff Costlow is the CISO at ExtraHop. He started his career in computer security in 1997. Jeff has deep experience with networking protocols, a passion for secure software development and many years of software engineering under his belt.

In his spare time, Jeff enjoys building and sailing small boats, making beer or cider, mentoring for FIRST robotics, and raising Pacific Northwest mason bees.

Connect with Jeff on Twitter or LinkedIn!

Posts by this author

How to Respond to OpenSSL Vulnerabilities

November 4, 2022

Learn about the risk of OpenSSL vulnerabilities, how to identify devices running OpenSSL, and how to spot exploit attempts after the initial intrusion.

Read article

Exchange Server Security Challenges Explained

September 30, 2022

How to secure and monitor Microsoft Exchange Server and why decryption is a critical capability for security solutions. Learn more from ExtraHop.

Read article

April Patch Tuesday Vulnerabilities: What You Need to Know

April 15, 2022

Learn about the risks and remediations for the latest Microsoft Patch Tuesday vulnerabilities.

Read article

Detect and Stop Spring4Shell Exploitation

March 31, 2022

Get recommendations for how to detect Spring4Shell exploitation and learn how you can use ExtraHop to stop attacks that leverage this vulnerability.

Read article

Detect Log4j Attacks Hiding in Encrypted Traffic

December 17, 2021

Learn how attackers are using encrypted protocols to hide Log4j attacks and why decryption has become a necessary capability for detection.

Read article

Log4j Exploits Explained

December 10, 2021

Understand Log4j exploitation and how to remediate this zero-day vulnerability with ExtraHop Reveal(x).

Read article

Find Exploit Attempts Against the CISA Known Exploited Vulnerabilities

November 4, 2021

CISA sets tight deadlines to patch exploited CVEs. Learn how you can detect network-based vulnerabilities faster.

Read article

Wildcard Certificate Risks and the ALPACA TLS Attack

October 25, 2021

Understand wildcard certificate risks, the ALPACA attack, and how to check whether wildcard certificates are putting your organization at risk.

Read article

Understand and Detect vCenter Vulnerability Exploitation

September 23, 2021

The vulnerability to vCenter Server presents serious risk to organizations. Learn how to detect malicious activity surrounding this vulnerability.

Read article

Security Alert: New Vulnerability Grants IoT Camera Remote Access

August 19, 2021

A critical vulnerability affects an estimated 83 million recording devices, allowing attackers access to live feed and enabling remote code execution.

Read article

SonicWall Ransomware Warning: Attacks via SRA & SMA Devices

July 15, 2021

ExtraHop overviews the the SonicWall ransomware warning for SRA & SMA devices and how to detect attacks.

Read article

REvil Ransomware Attack and Supply Chain Risk

July 6, 2021

The latest REvil ransomware attack is a sophisticated supply chain-based attack on software provider Kaseya that has put up to 1,500 customers at risk.

Read article

PrintNightmare Vulnerability: Detection, Explanation, and Mitigation

July 2, 2021

What you need to know about the latest PrintNightmare vulnerability (CVE-2021-34527), how it differs from other recent issues with the Print Spooler service, and what you can do to secure your organization.

Read article

Patch Tuesday, May 11: Detecting Critical Vulnerabilities

May 11, 2021

Today was Microsoft Patch Tuesday, and while there were a relatively small number of patches issued—55 as compared to the usual 100 plus—a few of those vulnerabilities require immediate attention.

Read article

Find SonicWall Vulnerabilities With an Inventory of Devices and Software

April 21, 2021

The SonicWall vulnerabilities are the latest in a spat of serious CVEs. ExtraHop explains how to inventory your devices and software to prevent exploits.

Read article

Prevent REvil Ransomware Encryption & Exfiltration Attacks

March 23, 2021

The REvil attack's encryption and exfiltration of Acer files is a ransomware trend that can be prevented with ExtraHop. Learn more.

Read article

The Recent Exchange Server Vulnerability and SSRF Attacks

March 3, 2021

A new Exchange server vulnerability is being exploited to perpetrate active server side request forgery (SSRF) attacks.

Read article

Security Alert: Ransomware Warning for Healthcare

November 2, 2020

A recent cybersecurity advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) warns of an imminent cybercrime threat to hospitals.

Read article

Detect Bad Neighbor Vulnerability on Windows 10 Systems

October 14, 2020

The Windows 10 vulnerabilities unveiled by Microsoft on October 13 include a remote DoS (CVE-2020-16899) and a remote code execution flaw (CVE-2020-16898) dubbed 'Bad Neighbor'. Get the rundown on potential exploits and what you should do.

Read article

Security Alert: Detecting CVE-2020-1472 Zerologon Exploitation with NDR

September 16, 2020

The recent Zerologon vulnerability (CVE-2020-1472) could allow attackers to get control of a Windows domain without any user credentials. Learn how it works and how to protect against exploits.

Read article

Ripple20: How to Identify Vulnerable Devices

July 24, 2020

The Ripple20 group of vulnerabilities affects hundreds of millions of devices across many industries. Learn how to identify devices using the vulnerable Treck software and detect Ripple20 exploits.

Read article

NSA's Advice on BlueKeep: Know Your Network

June 11, 2019

Reveal(x) Now Detects Evidence of BlueKeep (CVE-2019-0708)

Read article

We Busted A Fake Chrome Extension That Was Trying to Steal Data

December 6, 2018

A mysterious (and fake) Chrome extension. A clever data exfiltration scheme. They would have gotten away with it, too, if it weren't for those meddling security analysts using ExtraHop Reveal(x)! Follow along as we go from threat detection to response in this real-life threat hunt with network traffic analysis.

Read article

Detect Apache Struts 2 Exploit CVE-2018-11776 with ExtraHop

August 29, 2018

There is a new Apache Struts vulnerability. ExtraHop customers can use this technique to monitor for IOCs while they work to update their software.

Read article

Your Windows Proxy Autodiscovery Could Be Compromised

December 21, 2017

Your Windows proxy autodiscovery could be compromised. Learn about the WPAD exploit and how to detect it with ExtraHop.

Read article

Visibility into TLS: Perfect Forward Secrecy

September 19, 2017

What is Perfect Forward Secrecy encryption and how ExtraHop allows you to decrypt Perfect Forward Secrecy in real time.

Read article

Experience RevealX NDR for Yourself

Schedule a demo

RevealX platform

Deployment

Integrations

Experience NDR

Capabilities

FAQs

Intrusion Detection System

Forensics

Experience NPM

Capabilities

FAQs

Forensics

Solutions

Ransomware Attacks

Advanced Threat Hunting

Threat Detection and Response

Network Forensics and Investigation

Security Hygiene

Cloud Workload Security

Operational Resilience

Troubleshooting and Resolution

Cloud Migration

Cloud Workload Monitoring

Network Forensics

Zero Trust

Multicloud & Hybrid Cloud Security

XDR Strategy

SOC Modernization

Financial Services

Education

Public Sector

Federal Civilian Agencies

Defense and Intelligence

State and Local Government

Why ExtraHop

Customer Stories

News

Careers

Technology Partners

Channel Partners

Managed Service Providers

Service Credits

Resident Experts

Deployments

Customer Community

Technical Support

Education Services

C-Level

Security Threats

Company

Products

How-To

NDR

NPM

Ransomware

Zero Trust

Reports

Demos & Videos

Customer Stories

Webinars

Papers & E-books

Data Sheets

Experience NDR

Capabilities

FAQs

Intrusion Detection System

Forensics

Experience NPM

Capabilities

FAQs

Forensics

Ransomware Attacks

Advanced Threat Hunting

Threat Detection and Response

Network Forensics and Investigation

Security Hygiene

Cloud Workload Security

Operational Resilience

Troubleshooting and Resolution

Cloud Migration