How to Balance Security with Risk Tolerance and User Experience

H

When trying to protect customer accounts, managing risk is a hot topic within organizations. In order to build and maintain customer loyalty, providing the best user experience is a high priority. But the best user experience can leave an organization at risk. Managing risk isn’t always about making threat models better or reducing false positives. In some cases you want to add friction when in...

[PODCAST] CISO Series Defense in Depth: User-Centric Security

[

“The ability to put security into the context of the user and in the flow of their regular interactions with your service makes it less necessary for you to have millions of security engineers to monitor what’s going on, because some of that is now in the hands of the consumer where they are able to make those better decisions.”  ~ Adrian Ludwig, Atlassian Getting Users Involved In...

Living On The Edge: Less Servers. Less Code. More Security.

L

Today we’re releasing our integration with Cloudflare; an adaptive authentication layer implemented on the edge. This is not just yet another way of integrating Castle — it’s the codeless way of integrating Castle. The module is built on top of Cloudflare’s recent release of Apps with Workers, and the plan is to eventually open-source it and bring the same functionality to...

Introducing Codeless Customer Account Protection

I

Strong Security Should be Easy.  Asking your consumers again and again to take responsibility for their security through robust passwords and other security measures doesn’t work. The responsibility of security needs to shift from end users to the companies who serve them.  In a blog post I recently wrote for Cloudflare, I describe our most recent initiative on how Castle is leading the...

Why Users Need to Be Central To Account Takeover Prevention

W
Credential Stuffing

Since posting my most recent blog on “I Am An Account Takeover Victim,” I have had many people respond to me with similar stories.  All of them named very well known brands that we are familiar with–companies offering global movie streaming, food delivery services, online software, banking, and more. Everyone ranted about the significant amount of time and frustration they went through...

The Account Takeover Lifecycle: 4 Stages You Need to Know

T

No matter your online activity, you don’t want your accounts taken over by someone else. You’d be unhappy to hear that someone logged into your BestBuy account to use your credit card to buy an 82” LED TV. You’d be upset if someone took over your Twitter account, posted spammy content, and then locked you out. The bottom line? No one wants their online accounts taken over– and no company wants...

We’ve raised $9.2 million led by Index Ventures

W

In 2015, Sebastian and I created Castle with a simple vision. We saw that it was increasingly difficult for companies to access their online accounts and keep their users safe. We also saw that consumers were being asked again and again to take responsibility for their security through robust passwords and other security measures. We started Castle because we wanted to figure out a way to shift...

Integration Debugger Console

I

We are excited to share a new feature in the dashboard that is aimed to help make the Castle Integration more friendly and self service for developers! When you log into your Castle dashboard, in the top navigation bar, you will now find the Integration Debugger Console. The new Debugger works with all of your Castle environments. It is made of of 4 primary sections, each of which are...