Author: Erik Costlow

Erik Costlow

Erik Costlow was Oracle’s principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.

  • Foojay Podcast #2: Embedded Java

    Foojay community members and beyond discuss embedded Java, featuring the following speakers:

    James Gosling, creator of Java and embedded enthusiast; Frank Delporte, engineer with Toadi, an autonomous lawn-mowing robot; Johan Vos, founder of Gluon, helping make fully cross-platform applications.

    Hosted by Erik Costlow, developer relations for Contrast Security, locating security flaws in backend systems.

    Read more
  • Foojay Podcast #1

    Foojay community members discuss recent news:

    JavaFX Skins for cross-platform apps on Android, iOS, and regular computers.

    BlockHound, for detecting cases of blocking in reactive (non-blocking) applications.

    JEP 411, the SecurityManager deprecation.

    The recent Snyk/Azul community survey.

    Read more
  • Java: Where the Wild Code Isn’t

    In the last several years, the OpenJDK community has made Java significantly safer for users and developers while at the same time making it easier to design, build, and run applications quickly.

    Java users should incorporate several practices to take full benefit from the defenses of the modern JRE.

    Erik Costlow
    Read more
  • The SolarWinds Hack for Java Developers

    The SolarWinds attack is unique in that the hackers did not exploit a vulnerability in an application, rather they broke into the company and attacked the development pipeline. The attackers’ implant worked in the build process,

    injecting new code into SolarWinds Orion as it was built to enable command & control capabilities on target systems that ran the application.

    For Java developers and architects who design, build, and run applications, there are two core take-aways.

    Erik Costlow
    Read more

Subscribe to foojay updates:
Copied to the clipboard