Research and insights on stopping modern bots and fraud
Today, May 15, 2025, Castle extends its proven behavioral detection to the network edge through a no-code, fully managed Cloudflare
This is the second post in our series on AI bots and their impact on fraud and detection systems. In
AI bots, AI scrapers, AI agents—you’ve seen these terms thrown around in product announcements, Hacker News posts, and
This is the fourth edition of our monthly tracker highlighting email domains linked to fraudulent activity. Just like in June&
At Castle, we’ve increasingly embedded LLMs and tools like Cursor into our research workflows, whether we’re prototyping detection
If you’ve ever visited a site like amiunique.org, browserleaks.com, or pixelscan.net, you’ve probably seen a
Headless Chrome bots controlled by Selenium remain a staple in the bot developer’s toolkit in 2025. While newer frameworks
We learned our hiring philosophy the hard way: by getting it completely wrong. After Y Combinator in 2016, we did
Most disposable email services are easy to detect. They use obvious domains like tempmail.xyz or tmxttvmail.com, which are
When it comes to bot and fraud detection, identifying the exact browser being used can be important, especially for privacy-focused
Time zone is a valuable signal in both bot and fraud detection. It's commonly used in browser fingerprinting
The other day, I bought sneaker proxies by mistake. I know, I know, how do you accidentally buy sneaker proxies?
CAPTCHAs are the most recognizable anti-bot mechanism on the web. Whether you're logging into a game, signing up
