Castle now detects email domains that have been confirmed as actively used in fraud and abuse campaigns. Unlike disposable email services (Mailinator, TempMail), these are domains registered specifically for fraud that appear legitimate but exist solely for bot signups and fake accounts.
We’ve expanded authentication_method.type with two new options:
We’ve completely redesigned how you get started with Castle! Our new interactive 3-step guide makes onboarding simple and engaging:
We’ve introduced a new challenge payload object for the $challenge events. It contains a trigger_event field, which describes the event that triggered the challenge (for example, a Login Attempted event).
We’ve made it easier to manage large sets of events by introducing bulk list operations to the Explore Table.
We've enhanced detection for email aliasing in Yahoo and Proton emails.
We’re introducing the List Items Batch Upsert feature. You can now upload up to 1,000 List Items at once directly from the Dashboard form by copying and pasting a column from your CSV file or entering values as comma-separated text. Once processed, new List Items will be added to your List and immediately impact event processing.
We've enhanced role-based access in the Castle Dashboard, providing more granular permissions across various roles. The previous Admin and User roles have been expanded into multiple roles with tailored permissions:
We've added an IP range filtering to help you better track and analyze events.
The new Quick Search in Castle's dashboard helps you quickly locate data using any value, like an email, user ID, phone number or IP address. E.g. this helps you quickly jump to the right place, based on input from external systems.
