All Integrations

Web and mobile app security

Castle

  • Supports roll-your-own security measures so developers can let users resolve security risks on their own

  • Creates a risk score and threshold for each user device 

  • Connects non-web apps or REST APIs using X-Castle-Source header 

  • Enables “Secure Mode” to track potential fraudulent activity, locks user accounts based on fraud activity, and monitors user impersonation

Try Segment

Segment makes it easy to set up Castle

How Castle works

Castle uses behavioral data to predict which of your users are likely to be a security risk. Castle needs reliable access to your data in order to power its algorithms, and offers an API to connect to your application. By using Castle’s APIs you can choose whether to allow a login, initiate a second factor of authentication, or log out the user.

To implement Castle you will need to write code for each of your events that sends data from your application to the Castle API endpoint. In order to access the useful methods provided by the Castle API, you will need to install a client library (such as Castle.js for browser Javascript) into each location you want to track, or write corresponding code for your server. Any tracking code you add for Castle works only with Castle and is additive with other tracking code.



Filter user data based on risk factors such as fast travel, web proxies, and leaked credentials.
Filter user data based on risk factors such as fast travel, web proxies, and leaked credentials.
Self-learning risk models predict the likelihood of any device being accessed by a hacker.
Self-learning risk models predict the likelihood of any device being accessed by a hacker.
Drill down into individual sessions to see who is using Tor or hopping between locations.
Drill down into individual sessions to see who is using Tor or hopping between locations.

+

Get more out of Castle with Segment

Using Segment eliminates the need to install any additional code from Castle. Segment’s analytics.js library and mobile SDKs can collect all of the information that Castle needs, and send it directly to Castle from Segment’s secure servers. This not only accelerates the time it takes to get up and running with Castle, it also makes your code more efficient and secure. When you enable the packaged Segment Castle integration and collect data via analytics.js, you can start blocking out scripted browsers, detecting account sharing, and making it much harder for an attacker to imitate a legitimate browser, all with your existing Segment implementation.


Try Segment

Segment makes it easy to set up Castle

Getting Started with Segment

Segment is the infrastructure for your customer data. Use one API to unlock 200+ tools for every team in your company. With Segment, developers can stop building tedious and expensive one-off data integrations while business users can get straight to work, turning on their favorite apps right from the Segment dashboard.