A while back we launched the ability to filter and group by custom properties. By sending this custom, business specific data, you're able to create even more efficient rules for stopping bad behavior on your platform. Today we're releasing two big updates to how Castle handles these custom properties, that turns them into a first class citizen in Castle
Lists are a powerful concept in Castle, that can be used for a variety of different use-cases, including IP block lists, user allow lists or as a simple review queue. If you haven't started using Lists yet, we highly encourage you to check them out! Today we're shipping a small but significant update: the ability to manually add anything to a list from the Castle Dashboard.
Castle's is built to make fraud investigations quick and efficient by collecting all user activity data in the same place, as well as providing powerful ways of exploring it. An essential part of a fraud investigation is to be able to go back far in time in order to connect the dots, so today we're happy to announce that we'll start offering up to 12 months of data retention. For an additional fee, you can now activate up to 12 months data retention, compared to the standard 3.
Today we're releasing a beta version of our Events API. This API is what's powering the Castle Dashboard under the hood and is used to query individual events as well as create aggregations and groupings. It opens up countless new use-cases e.g. where you can build customer facing on top of it, or use it to augment internal tooling.
We've released a re-designed list widget, to make it easier to both to manage the list state, as well as see the context of why and when an item was added. The goal with the new widget has also been to give you a unified and consisted experience across the Castle dashboard, for everything related to lists.
Policies is the backbone that allows you to define granular rules and corresponding actions to control the behavior on your platform, eg. to put suspicious logins through additional verification or show a CAPTCHA to automated signups. Today, we're launching a new configuration options for policies, where you're able to configure a policy to run at the very top, before all others, regardless of which event. This is particular useful when using lists to configure global block or allow lists, for example to blanket deny abusive IPs.
A while back, we launched the first version of Metrics, which allows you to create powerful queries and rules based on time-series data. At the time of launch, Castle offers a set of useful metrics based on standard events, like login and registration. Today, we're launching the ability for you to use metrics on your own custom events by tagging them as "critical".
In order to give you maximum screen real estate for your fraud investigations, we've launched an improvement to the main navigation bar that allows you to hide it and keep it hidden by default. Simply click the arrow icon to collapse it, and it will stay hidden until you hover it, or press the arrow icon again to bring it back to the default visible state.
Today we're happy to launch the first version of Metrics, a powerful way of filtering and creating rules based on time series data. With Metrics, you can quickly set up rate limiting rules based on counters, e.g. to block requests with more than 10 failed logins per IP in the last hour, or when the number of users per device exceeds 2.
With the Castle Dashboard, you're able to quickly export data to CSV directly in the browser, which is a good way of facilitating work across different tools or do deeper analysis offline. By default, there is a limitation of 10k records for each of these exports. Today we're launching an update to all Castle Enterprise customers, allowing you to export up to 1M records instead.
