Skip to content

Erik Costlow, Director of Developer Relations

Erik Costlow was Oracle’s principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.

Subscribe to Blog
Log4J 2.17.1 - Lower Risk, Patch When You Can

Log4J 2.17.1 - Lower Risk, Patch When You Can

The season of Log4J vulnerabilities continues with a new Log4J 2.17.1 released on December 28, however the risk is..

[Upgrade to 2.17] Updated Guidance on Addressing Log4J CVEs

[Upgrade to 2.17] Updated Guidance on Addressing Log4J CVEs

This morning, the Apache Software Foundation provided another update to log4j (version 2.17.0) to address a new..

Updated Guidance on Addressing Log4J CVEs

Updated Guidance on Addressing Log4J CVEs

The information below is no longer current against the evolving security landscape. See [updated guidance] again on..

Instantly Inoculate Your Servers Against Log4J With New Open Source Tool

Instantly Inoculate Your Servers Against Log4J With New Open Source Tool

Contrast is releasing SafeLog4j, a free and open-source, general purpose tool that can detect/verify vulnerable log4j..

Scaling to Scala

Scaling to Scala

Scala developers ship quickly, using the power of a scalable language as their ideas move from concept to prototype and..

0-Day Detection of Log4j2 vulnerability

0-Day Detection of Log4j2 vulnerability

The world’s most used logging framework was just hit by the Log4j2 exploit, but DevSecOps teams can quickly identify..

The Trojan Source is Not Your Mane Problem

The Trojan Source is Not Your Mane Problem

A recently published paper provides a logo and slick polish for an old vulnerability about the ability of certain..

Contrast Meets Kenna: Teaming Up To Manage Vulnerabilities

Contrast Meets Kenna: Teaming Up To Manage Vulnerabilities

A new joint solution from Contrast Security and Kenna Security enables organizations to manage vulnerabilities in one..

Secure Coding with Golang (Google Go)

Secure Coding with Golang (Google Go)

All Systems Go—Except Application Security Google Go (also known as Golang) continues its role as a popular software..