If you’ve ever visited a site like amiunique.org, browserleaks.com, or pixelscan.net, you’ve probably seen a
CAPTCHAs are the most recognizable anti-bot mechanism on the web. Whether you're logging into a game, signing up
Fake account creation is one of the most persistent forms of online abuse. What used to be a fringe tactic
Credential stuffing remains one of the most scalable and persistent threats on the internet. While defenders have improved at catching
Bots are often used to conduct attacks at scale. They can be used to automatically test stolen credit cards, steal
Are your users annoyed by constantly being hit with CAPTCHAs? Find out what how you can improve the user experience while keeping your site secure
Account sharing is a form of account abuse that needs to be detected with more sophistication than just a one-time check during signup or login. Plus, there's no strict rule on how many accounts are okay to share—it's all up to your service's policies
What does the zero-trust security model look like when it’s applied to online fraud and abuse? In this post, I’ll delve into how concepts from zero-trust can be used to fight fraud and abuse with higher accuracy and less user frustration.
As a developer encountering your first wave of bots trying to register or log into your application, which CAPTCHA should you opt for?
As the availability of unique IPs and user agents wanes and cookie reliability remains half-baked at best, device fingerprinting has emerged as a serious contender in the battle against online fraud and abuse.
Feeling like doing some quick online shopping through an attractive ad or signing up for a lucrative deal with a
Learn about two layers in user and account defense, and how deploying Castle gives you a single solution that improves security and reduces user friction.
