We've launched a big update to the Policies page in the Castle Dashboard. The whole experience has been re-designed to make it easier to get an overview of how your policies are configured, with trigger and action information displayed on the policy-card. In addition to this we've simplified how to create policies with arbitrary trigger conditions, without having to create segments first.
Today we're launching an improvement to the Castle Policies: the ability to remove items from lists whenever a policy matches. Previously you've been able to use Policies to automatically add items to lists, and that way be able to create powerful automation such as flows for trusting devices for 30 days when a user completes verification. Automatically removing items is useful e.g. in scenarios where you'd like to unblock a user based on additional verification.
Castle's real time decisioning APIs, the Filter and Risk APIs, were originally designed to be used in environments where the activity is initiated by the end-user using a rich client, such as a browser or mobile app. The main power of these endpoints is that the Castle Policy engine is invoked, which means that you can configure real-time, inline responses, as well setting up automations such as List actions or Webhooks.
After receiving feedback from some of you who uses the List functionality, we've added a small improvement to list item management in the Castle Dashboard. Whereas previously any existing items were overwritten, now you'll be given the choice to overwrite the item if it already exists. The main reason this is important is that you might have added useful context in the comment field, which would have otherwise been lost when overwritten.
We've improved the time selector with quick access to change the displayed time zone. There are now three options to choose from:
Today we're excited to launch a new component that will drastically increase your productivity while digging through data in your fraud investigations: the quick explorer. Castle makes it easy to spot relations in data, such as device fingerprints with multiple users or the number of transactions per user. With the quick explorer you'll be able to see exactly which those entities are, down to per-event level, without leaving the original context of your investigation (commonly solved by opening up multiple tabs). You're able to open up the quick explorer, whenever there is an aggregated number displayed in a table, by simply clicking on the number. This is a great way to also quickly show all the events for a specific user-account, without opening the full user profile view, a bit like the Preview functionality on MacOS.
Today we're launching another improvement to the time selector in the Castle dashboard: the ability to pin the selected time range so that it is retained when navigating between views. This is useful to lock the time when e.g. investigating credential stuffing attacks or spikes in traffic, and jumping between the Explore view to slice the data in different ways, and the individual user profiles to do the final confirmation.
For some time now, you've been able to use the visualization in the Explore view to zoom in on a specific time range by dragging the mouse. This is especially useful to zoom in on spikes of traffic, such as credential stuffing attacks. However, a common pattern is that you often also want to be able go back and extend the selected time range without having to manually specify a new start and end time. Today we're introducing a way to do this with a single click: a button next to the time picker to "zoom out" time. Each time you press it you'll double the selected time range
The user profile view is central to do per-user investigations as you'll get a comprehensive view of an account, with all important information in one place. Today we've updated this view with the ability to create group tabs, in the same flexible way as in the Explore view. This means that you're now able to quickly see all the user's transactions, IPs, device types or anything else available in the Castle event format. Similarly to the Explore view, this also works with custom properties
We've improved the filter drop down to make Signals and Lists more prominent, which allows for quicker navigation and exploration or these. Signals are a great way to start exploring your data to find suspicious patterns, such as VPN usage or credential stuffing, and with the improved filter drop down you'll get a much better overview of the available Signals. Similarly, with the improved Lists filter, you're quickly able to find historic data that matched a specific list
