CategoryArticles

How to Balance Security with Risk Tolerance and User Experience

H

When trying to protect customer accounts, managing risk is a hot topic within organizations. In order to build and maintain customer loyalty, providing the best user experience is a high priority. But the best user experience can leave an organization at risk. Managing risk isn’t always about making threat models better or reducing false positives. In some cases you want to add friction when in...

[PODCAST] CISO Series Defense in Depth: User-Centric Security

[

“The ability to put security into the context of the user and in the flow of their regular interactions with your service makes it less necessary for you to have millions of security engineers to monitor what’s going on, because some of that is now in the hands of the consumer where they are able to make those better decisions.”  ~ Adrian Ludwig, Atlassian Getting Users Involved In...

Living On The Edge: Less Servers. Less Code. More Security.

L

Today we’re releasing our integration with Cloudflare; an adaptive authentication layer implemented on the edge. This is not just yet another way of integrating Castle — it’s the codeless way of integrating Castle. The module is built on top of Cloudflare’s recent release of Apps with Workers, and the plan is to eventually open-source it and bring the same functionality to...

Introducing Codeless Customer Account Protection

I

Strong Security Should be Easy.  Asking your consumers again and again to take responsibility for their security through robust passwords and other security measures doesn’t work. The responsibility of security needs to shift from end users to the companies who serve them.  In a blog post I recently wrote for Cloudflare, I describe our most recent initiative on how Castle is leading the...

Why Users Need to Be Central To Account Takeover Prevention

W
Credential Stuffing

Since posting my most recent blog on “I Am An Account Takeover Victim,” I have had many people respond to me with similar stories.  All of them named very well known brands that we are familiar with–companies offering global movie streaming, food delivery services, online software, banking, and more. Everyone ranted about the significant amount of time and frustration they went through...

The Account Takeover Lifecycle: 4 Stages You Need to Know

T

No matter your online activity, you don’t want your accounts taken over by someone else. You’d be unhappy to hear that someone logged into your BestBuy account to use your credit card to buy an 82” LED TV. You’d be upset if someone took over your Twitter account, posted spammy content, and then locked you out. The bottom line? No one wants their online accounts taken over– and no company wants...

We’ve raised $9.2 million led by Index Ventures

W

In 2015, Sebastian and I created Castle with a simple vision. We saw that it was increasingly difficult for companies to access their online accounts and keep their users safe. We also saw that consumers were being asked again and again to take responsibility for their security through robust passwords and other security measures. We started Castle because we wanted to figure out a way to shift...

Visualizing the Account Recovery Funnel

V

At Castle, we are focused on building tools that power end-to-end user security alongside a frictionless user experience. We believe that when it comes to protecting your users, the ability to detect unauthorized access to their accounts is just the beginning. Beyond the detection, developers are using Castle’s APIs to block the unauthorized access in-line, notify their users in real-time of...