We've updated how scores are visualized to improve the detection of spikes in malicious traffic and make it easier to identify varying risk levels quickly.

Highlights of this release include:

Today, we're excited to launch a new visualization type as part of the charting experience. A heatmap is a great way of capturing three dimensions, to see patterns over time. For example, showing a heatmap of triggered signals in your app, you can easily spot outliers in shady behaviors, such as spam- or credential stuffing attacks.

Discovering patterns and insights in your app and user-base just got easier and more powerful. We've supercharged the charting experience, giving you a flexible playground to visualize and explore your data.

We're thrilled to introduce a new feature to the Castle API—support for statuses in custom events. You can now include an optional status field in your custom events, with predefined values like $attempted, $succeeded, or $failed, mirroring our native actions.

We’re excited to introduce enhancements to user location display and filtering. Now, only known and confirmed cities will be shown, and you can filter events by latitude and longitude to focus on specific areas.

You can now include any timestamp field in event Custom Properties and User Traits, enabling you to extend the information collected about these events. The timestamp should be provided as a string in ISO8601 format, which will be correctly identified and parsed.

At Castle, our goal is to enhance app security for our customers. A key part of this involves investigating user behavior, analyzing patterns, and incorporating these findings into policies and metrics.

During investigations, it is common to compare users' behavior over time. Our recent update makes it much easier to compare users based on event metadata, such as login authentication methods or email changes in profile updates.

Even small improvements can tremendously help you in your investigations. Adding the E-mail Value in the Event details pane is one such example. This new field represents the email address used for all Email Intelligence checks, such as identifying disposable or unreachable addresses and checking domain registration or update dates.